Embed Size (px)
DESCRIPTION
CRITICAL INFRASTRUCTURE PROTECTION. CRITICAL INFRASTRUCTURE PROTECTION. NERC 1200 CIP 002 - 009. NERC 1200 CIP 002 - 009. Shared rights and responsibilities for transmission planning and operations, transmission service Payments in kind Loose coordination agreements - PowerPoint PPT Presentation
Citation preview
gcpud 1
CRITICAL INFRASTRUCTURE
PROTECTION
NERC 1200 CIP 002 - 009
CRITICAL INFRASTRUCTURE
PROTECTION
NERC 1200 CIP 002 - 009
gcpud 2
Once Upon a Time
• Shared rights and responsibilities for transmission planning and operations, transmission service– Payments in kind– Loose coordination agreements– No third-party transmission access
• Costs of service allocated broadly– Federal and state rate regulation
• North American Electric Reliability Council (NERC) sets voluntary operating policies– Membership comprised of eight regional reliability councils– Regional councils set broad range of requirements to implement
operating policies
• Shared rights and responsibilities for transmission planning and operations, transmission service– Payments in kind– Loose coordination agreements– No third-party transmission access
• Costs of service allocated broadly– Federal and state rate regulation
• North American Electric Reliability Council (NERC) sets voluntary operating policies– Membership comprised of eight regional reliability councils– Regional councils set broad range of requirements to implement
operating policies
Once Upon a Time
gcpud 3
Things Changed
• Following 1979-81 severe economic dislocations, broad-based initiatives to bring market discipline to business sectors
• Intense debates produced Energy Policy Act of 1992– Authorizes FERC to set rules for third-party
access to high-voltage transmission to make sales for resale
– Order 888 that eventually lead to Order 2003 Order 888 that eventually lead to Order 2003 standards for generation interconnection.standards for generation interconnection.
• Following 1979-81 severe economic dislocations, broad-based initiatives to bring market discipline to business sectors
• Intense debates produced Energy Policy Act of 1992– Authorizes FERC to set rules for third-party
access to high-voltage transmission to make sales for resale
– Order 888 that eventually lead to Order 2003 Order 888 that eventually lead to Order 2003 standards for generation interconnection.standards for generation interconnection.
Things Changed
gcpud 4
FERC Jurisdiction
• “…over the ERO,…any regional entities, and all users, owners, and operators of the bulk-power system,…” and any entities included in the ERO rules.
• “…for purposes of approving standards …and enforcing compliance.”
• “Bulk power system”– “…facilities and control systems necessary for operating an
interconnected electric energy transmission network, and electric energy from generation…needed to maintain reliability,…” excluding local distribution facilities.
• “…over the ERO,…any regional entities, and all users, owners, and operators of the bulk-power system,…” and any entities included in the ERO rules.
• “…for purposes of approving standards …and enforcing compliance.”
• “Bulk power system”– “…facilities and control systems necessary for operating an
interconnected electric energy transmission network, and electric energy from generation…needed to maintain reliability,…” excluding local distribution facilities.
FERC Jurisdiction
gcpud 5
E R O
• Natural evolution to seek clarification of roles, rights, and responsibilities for physical system planning and operations
• 1998– Call begins for federal legislation requiring creation of
organization to set and enforce mandatory standards
• 2005– Energy Policy Act of 2005 (EPAct) creates Section
215 of the Federal Power Act• Expands FERC regulatory authority to reliability
• Defines Electric Reliability Organization (ERO)
• Natural evolution to seek clarification of roles, rights, and responsibilities for physical system planning and operations
• 1998– Call begins for federal legislation requiring creation of
organization to set and enforce mandatory standards
• 2005– Energy Policy Act of 2005 (EPAct) creates Section
215 of the Federal Power Act• Expands FERC regulatory authority to reliability
• Defines Electric Reliability Organization (ERO)
E R O
gcpud 6
Energy Policy Act of 2005Energy Policy Act of 2005
• Assigns ownership of the issue of bulk power system reliability to FERC in the US
• Applies to all users, owners, and operators of the bulk power system
• Create an Electric Reliability Organization– NERC named ERO in July 2006– Creates reliability standards– Sets reliability standards for bulk power system – Monitors & enforces compliance with standards
• Assigns ownership of the issue of bulk power system reliability to FERC in the US
• Applies to all users, owners, and operators of the bulk power system
• Create an Electric Reliability Organization– NERC named ERO in July 2006– Creates reliability standards– Sets reliability standards for bulk power system – Monitors & enforces compliance with standards
gcpud 7
NERC REGIONS
gcpud 8
Who Does What?RO - Reliability Coordinator
TO -Transmission Owner
GO - Generation Owner
LSE - Load Serving Entity
RO - Reliability Coordinator
TO -Transmission Owner
GO - Generation Owner
LSE - Load Serving Entity
BA - Balancing Authority
TSP -Transmission Service Provider
TO -Transmission Operator
GO - Generation Operator
RRO - Regional Reliability Organization
BA - Balancing Authority
TSP -Transmission Service Provider
TO -Transmission Operator
GO - Generation Operator
RRO - Regional Reliability Organization
Who Does What?
gcpud 9
The Big Picture
NPCC SERC ERCOT RFC FRCC WECC MRO SPP
RC BA TO TOP TSP GO GOP LSE NERCRRO
ImplementationScheduleTable 1
ImplementationScheduleTable 2
ImplementationSchedule Table 3
ImplementationSchedule Table 4
CIP003 CIP004 CIP005 CIP006 CIP007 CIP008 CIP009
BeginWork
SubstantiallyCompliant
CompliantAuditablyCompliant
CIP002 - Critical Cyber Asset Identification
ControlCenters
TransmissionSubstations Generation
SystemRestoration(Blackstart)
AutomaticLoad Shed(300 MW)
SpecialProtectionSystems
Other
Controls and Documentation
The Big Picture
gcpud 10
Scope of CIP 002-009Scope of CIP 002-009
• Applies to these bulk power system entities:– IOUs– Coops– Federal– Municipals– State agencies– Others
• Within the entities– Operations– Substations– IT– Generating Plants
• Applies to these bulk power system entities:– IOUs– Coops– Federal– Municipals– State agencies– Others
• Within the entities– Operations– Substations– IT– Generating Plants
gcpud 11
Cyber Security Standards
– CIP002: Critical Cyber Asset Identification– CIP003: Security Management Controls– CIP004: Personnel and Training– CIP005: Electronic Security Perimeter(s)– CIP006: Physical Security– CIP007: Systems Security Management– CIP008: Incident Reporting and Response
Planning– CIP009: Recovery Plans for Critical Cyber
Assets
– CIP002: Critical Cyber Asset Identification– CIP003: Security Management Controls– CIP004: Personnel and Training– CIP005: Electronic Security Perimeter(s)– CIP006: Physical Security– CIP007: Systems Security Management– CIP008: Incident Reporting and Response
Planning– CIP009: Recovery Plans for Critical Cyber
Assets
Cyber Security Standards
gcpud 12
BULK ELECTRIC SYSTEMBULK ELECTRIC SYSTEMBULK ELECTRIC SYSTEMBULK ELECTRIC SYSTEM
As defined by the Regional Reliability As defined by the Regional Reliability Organization, the electrical generation Organization, the electrical generation resources, transmission lines, resources, transmission lines, interconnections with neighboring interconnections with neighboring systems, and associated equipment, systems, and associated equipment, generally operated at voltages of 100 kV generally operated at voltages of 100 kV or higher. Radial transmission facilities or higher. Radial transmission facilities serving only load with one transmission serving only load with one transmission source are generally not included.source are generally not included.
As defined by the Regional Reliability As defined by the Regional Reliability Organization, the electrical generation Organization, the electrical generation resources, transmission lines, resources, transmission lines, interconnections with neighboring interconnections with neighboring systems, and associated equipment, systems, and associated equipment, generally operated at voltages of 100 kV generally operated at voltages of 100 kV or higher. Radial transmission facilities or higher. Radial transmission facilities serving only load with one transmission serving only load with one transmission source are generally not included.source are generally not included.
gcpud 13
CIP 002CIP 002Critical Cyber Asset Critical Cyber Asset
Identification 1Identification 1
CIP 002CIP 002Critical Cyber Asset Critical Cyber Asset
Identification 1Identification 1
FilteringIdentifying Critical Assets
Critical ElectricAssets
Outputlist of CCAs
Bulk Electric Assets
gcpud 14
Risk BasisRisk Basis
If the asset were to be compromised or removed from service, what would be the impact, either direct or indirect to transmission grid reliability or operatability.’
If the asset were to be compromised or removed from service, what would be the impact, either direct or indirect to transmission grid reliability or operatability.’
gcpud 15
Methodology Methodology A four (4) step process.
• Task 1: Assemble team of SMEs (Subject Mater Experts) to list electric assets by both physical and calculated means using power flow models and system simulations.
• Task 2: Eliminate non critical assets and list in ‘Null
List’; remaining are Critical Electrical Assets.
• Task 3: Select Cyber Assets supporting Critical Electric Assets.
• Task 4: Determine Critical Cyber Assets.
A four (4) step process.
• Task 1: Assemble team of SMEs (Subject Mater Experts) to list electric assets by both physical and calculated means using power flow models and system simulations.
• Task 2: Eliminate non critical assets and list in ‘Null
List’; remaining are Critical Electrical Assets.
• Task 3: Select Cyber Assets supporting Critical Electric Assets.
• Task 4: Determine Critical Cyber Assets.
gcpud 16
CIP 002CIP 002Critical Cyber Asset Critical Cyber Asset
Identification 2Identification 2
Filtering Essential to operation
of critical asset and
meets CIP002-R3
CyberAssets
Critical ElectricAssets
CRITICAL CYBER ASSETS
gcpud 17
Cyber Asset DefiniationCyber Asset DefiniationCyber Asset DefiniationCyber Asset Definiation
Critical cyber assets are assets that meet at Critical cyber assets are assets that meet at least one of the following requirements:least one of the following requirements:– the cyber asset uses a routable protocol to the cyber asset uses a routable protocol to
communicate outside the electronic security communicate outside the electronic security perimeter; or,perimeter; or,
– the cyber asset uses a routable protocol within a the cyber asset uses a routable protocol within a control center; or,control center; or,
– the cyber asset is dial-up accessible.the cyber asset is dial-up accessible.
Critical cyber assets are assets that meet at Critical cyber assets are assets that meet at least one of the following requirements:least one of the following requirements:– the cyber asset uses a routable protocol to the cyber asset uses a routable protocol to
communicate outside the electronic security communicate outside the electronic security perimeter; or,perimeter; or,
– the cyber asset uses a routable protocol within a the cyber asset uses a routable protocol within a control center; or,control center; or,
– the cyber asset is dial-up accessible.the cyber asset is dial-up accessible.
gcpud 18
RAM - TRAM - TRAM-DSM was the first RAM developed at Sandia for critical infrastructures. Bonneville Power Administration commissioned Sandia National Laboratories to develop the Risk Assessment Methodology for Transmissions (RAM-TSM) based on RAM-DSM.
RAM-TSM is a way to analyze the current security risks and systematically characterize and assess the security requirements of the nation's electrical transmission system facilities to deter, prevent, and mitigate malevolent attacks.
The methodology and training has been made available to owners, operators, managers, and others responsible for transmitting electrical power.
RAM-DSM was the first RAM developed at Sandia for critical infrastructures. Bonneville Power Administration commissioned Sandia National Laboratories to develop the Risk Assessment Methodology for Transmissions (RAM-TSM) based on RAM-DSM.
RAM-TSM is a way to analyze the current security risks and systematically characterize and assess the security requirements of the nation's electrical transmission system facilities to deter, prevent, and mitigate malevolent attacks.
The methodology and training has been made available to owners, operators, managers, and others responsible for transmitting electrical power.
gcpud 19
What to do next?What to do next?What to do next?What to do next?
• Attend one of the NERC regional workshops on cyber security Attend one of the NERC regional workshops on cyber security standardsstandards
• ftp://www.nerc.com/pub/sys/all_updl/cip/ftp://www.nerc.com/pub/sys/all_updl/cip/CSS_Workshop_Announcement.pdfCSS_Workshop_Announcement.pdf
• Get involved in NERC standards processGet involved in NERC standards process– Registered Ballot BodyRegistered Ballot Body– Standards drafting teamsStandards drafting teams– Comment of proposed standardsComment of proposed standards
• Get involved in your regions standards processGet involved in your regions standards process• Find out about compliance assurance within your organizationFind out about compliance assurance within your organization
– Some companies building formal internal compliance Some companies building formal internal compliance programsprograms
• Attend one of the NERC regional workshops on cyber security Attend one of the NERC regional workshops on cyber security standardsstandards
• ftp://www.nerc.com/pub/sys/all_updl/cip/ftp://www.nerc.com/pub/sys/all_updl/cip/CSS_Workshop_Announcement.pdfCSS_Workshop_Announcement.pdf
• Get involved in NERC standards processGet involved in NERC standards process– Registered Ballot BodyRegistered Ballot Body– Standards drafting teamsStandards drafting teams– Comment of proposed standardsComment of proposed standards
• Get involved in your regions standards processGet involved in your regions standards process• Find out about compliance assurance within your organizationFind out about compliance assurance within your organization
– Some companies building formal internal compliance Some companies building formal internal compliance programsprograms
gcpud 20
NERC WORKSHOPNERC WORKSHOP• How to make an Asset Inventory• Set up Change Management• Physical and Electronic Access Control and Monitoring• Governance• Incident Response• Documentation, Classification & Control• Network Management• Personnel Risk Assessment• Physical Security• Recovery Operations• Systems Management• Testing procedures• Employee Training• Performing Vulnerability Assessments• Prepare for a Compliance Audit.
• How to make an Asset Inventory• Set up Change Management• Physical and Electronic Access Control and Monitoring• Governance• Incident Response• Documentation, Classification & Control• Network Management• Personnel Risk Assessment• Physical Security• Recovery Operations• Systems Management• Testing procedures• Employee Training• Performing Vulnerability Assessments• Prepare for a Compliance Audit.
gcpud 21
NERC CIP WorkshopsNERC CIP Workshops• 1-1/2 days
• Help entity identify steps needed to determine if it has critical assets and critical cyber assets under CIP standards.
• To be held in 9 remaining cities through January 2007
• For information and registration go to:
• 1-1/2 days
• Help entity identify steps needed to determine if it has critical assets and critical cyber assets under CIP standards.
• To be held in 9 remaining cities through January 2007
• For information and registration go to:
ftp://www.nerc.com/pub/sys/all_updl/cip/CSS_Workshop_Announcement.pdf
gcpud 22
AcknowledgementsAcknowledgements
Marty Sidor – NERC Director of EducationMarty Sidor – NERC Director of Education
Mark Kuras – NERC – Standards Education TeamMark Kuras – NERC – Standards Education Team
Dave Dworzak – Edison Electric Institute Dave Dworzak – Edison Electric Institute
Marty Sidor – NERC Director of EducationMarty Sidor – NERC Director of Education
Mark Kuras – NERC – Standards Education TeamMark Kuras – NERC – Standards Education Team
Dave Dworzak – Edison Electric Institute Dave Dworzak – Edison Electric Institute
gcpud 23
