Spring 2016 Day 1

5/5/2016 1

Spring 2016 NPCC Compliance and Standards WorkshopCooperstown, NYMay 10-12, 2016

Baseball and CMEP:

Not So Different

Baseball

5/5/2016 2

CMEP

5/5/2016 3

Purpose

5/5/2016 4

WINNING RELIABILITY

Spring NPCC Compliance and Standards Workshop

May 10-12, 2016

Reliability Standards Outlook

Guy V. Zito NPCC AVP - Standards

5/5/2016 1

Discussion Items:• NERC Standards Development

– Priorities – Standards Committee and ERO Strategic Goals

• Overview of Standards Development– Remedial Action Schemes (RAS) vs. Special Protection Systems (SPS)– Other standard development projects of interest

• Cost Effectiveness• Steady State and Enhanced Period Reviews• RISC and Emerging Risks• Compliance Policy Guidance and Interpretations• NPCC Regional Standards and Directories• FERC Legal Process for Standards• NPCC Regional Standards Committee• Future of Standards and Criteria

5/5/2016 2

NERC Standards Development• Draft NERC Reliability Standards Development Plan (RSDP) 2016-2018,

NERC Board of Trustees (BOT) Approved Nov. 5, 2015 (a snapshot)– Enhanced Periodic Reviews (17+ Standards, 8+ Projects)– Eight Projects from 2015 extending into 2016– Emerging risks-from Reliability Issues Steering Committee (RISC)– FERC Directives– Standard Authorization Requests

• Integration of Variable Generation Task Force• Essential Reliability Services Task Force (ERSTF) recommendations• Industry Feedback Loops (e.g. Events Analysis, Compliance, RAPA)

• Project Management and Oversight Subcommittee (PMOS)– “2016 Projects Annual Calendar”- includes 18 projects– “Projected Posting Schedule”-2 month look ahead– “Project Tracking Spreadsheet”-Last version-23 Projects

5/5/2016 3

Overview of Standards Development• Project 2010-05.3 Remedial Action Schemes (SPS)• Project 2007-11 Disturbance Monitoring PRC-002-

NPCC-01 and PRC-002-2• Project 2007-06.2 Phase 2 of System Protection

Coordination (retire PRC-001, new PER-006-1)• TPL-007-1, Transmission System Planned

Performance for Geomagnetic Disturbance Events, (Project 2013-03) (Jan 2015 filed-March 1 FERC Conf.)

• Project 2016-02 Modifications to CIP Standards (CIP-002-011)

5/5/2016 4

Overview of Standards Development• Project 2015-07, COM-001-3(Order 808), Internal

Communication capabilities between geographically separate control centers and field personnel.(same entity)

• Project 2009-02, IRO-018-1 and TOP-010-1, Real time monitoring and analysis capabilities (RC and TOP) Data Quality

• Project 2010-14.2.2 Phase 2 of Balancing Authority Reliability-based Controls - BAL-004 - retire

• Project 2015-10, TPL-001-4 (Order 754), revise the transmission planning standard per the SPCS and SAMS recommendations, SAR posted for comment. Single points of failure. Pilot for Cost Effectiveness

• Project 2015-08, Emergency Operations - EOP-004, EOP-005, EOP-006, EOP-008

• Project 2015-09, Establish and Communicate System Operating Limits - FAC-010, FAC-011, FAC-014

5/5/2016 5

Remedial Action Schemes (RAS) vs. Special Protection Systems (SPS)

• Project 2010-05.3 - Phase 3 of Protection Systems: Remedial Action Schemes, Order 693 PRC-012, 13 14, to be replaced with PRC-012-2

• FERC RAS Definition, Petition filed with FERC 2/3/2015

• Purpose - To ensure that Remedial Action Schemes (RAS) do not introduce unintentional or unacceptable reliability risks to the BES. Also to remove the fill-in the blank aspects.

• Applicable to RC, PC, TP, RAS-entity (TO, GO, DP)

5/5/2016 6


• NPCC has three “Types” of SPS (Type 1-(23), Type 2-(6), Type 3-(81) 110 total

• What will change?– RAS Entity submits information to RC for review – Security vs. Dependability (single component failure)– RAS installed to meet TPL (Limited)– Previous Classifications will remain.– RAS Entity analyzes Misops and conducts functional

test every 60 Calendar Months, non PS components– RC keeps the RAS Database for its footprint

5/5/2016 7


• NPCC Strategy– Review existing SPS for conformance with revised

RAS definition– Review existing SPS processes to determine they

are “not inconsistent with” the RAS– Leverage what NPCC currently does for SPS

reviews to minimize needed changes for compliance with the new RAS standard

– Ensure any Implementation Plan allows sufficient time to become compliant

5/5/2016 8

Revised Critical Infrastructure Protection Reliability Standards, NOPR

• FERC Order 822 RM-15-14-000-Jan 21, 2016 Three Proposed Directives– Develop modifications to address the protection of transient electronic

devices used at Low Impact BES Cyber Systems– Develop modifications to CIP-006-6 to require protections for communication

network components and data communicated between all bulk electric system Control Centers according to the risk posed to the BES

– Develop modifications to its definition for Low Impact External Routable Connectivity (LERC)

• FERC Technical Conference held on January 28, 2016 on supply chain• No ruling from the FERC yet on supply chain• Project 2016-02 Modifications to CIP Standards to address V5 TAG

– Cyber Asset and BES Cyber Asset Definitions– Network and Externally Accessible Devices– Transmission Owner (TO) Control Centers Performing Transmission Operator

(TOP) Obligations– Virtualization

5/5/2016 9

Cost Effectiveness (CEAP/CRRA)• Cost Effectiveness Analysis Process CEAP

– Pilots conducted 2013 and 2014-analysis of different approaches and costs to meet a standard’s objective

– Proved burdensome- no resources• CRRA

– Analysis of the Risk being reduced– Cost associated with reducing that risk– Cost associated with not reducing the risk (reliability and

societal)– Standards Drafting Teams– Leverage existing information(SAR justifications, RAPA,

Regional information etc.)– Produce a report– Draft under review and use during 2016– Initial pilot on Single Point of Failure Project 2015-105/5/2016 10

Steady State and Enhanced Periodic Review

• Steady State during first quarter of 2016– Core set of Results-based Standards– All previous FERC Directives addressed– Independent Expert Review Panel recommendations considered– Meets “Ten Benchmarks of Excellence”– All Paragraph 81 identified issues addressed

• Enhanced Periodic Reviews– Cross Functional Team of NERC Standing Committee Chairs, Staff,

Regional Entities, and others to review standards– All enforceable standards in effect for a year or more– Subject Matter Expert Teams as required– Expedited, efficient and effective period review of standards– Regional Standards-Variances? Retirements?– Costs

5/5/2016 11

Reliability Issues Steering Committee (RISC) and Emerging Risks

• “ERO Reliability Risk Priorities,” BOT approved - October 2015 RISC Report, 8 Risks Identified – Critical Infrastructure Protection– Extreme Physical Events– Maintenance and Management of BPS Assets– Monitoring and Situational Awareness– Protection System and RAS(SPS) Failures – Event Response/Recovery/Resiliency– Planning and System Analysis– Human Performance

5/5/2016 12

Reliability Issues Steering Committee (RISC) and Emerging Risks

• RISC Activities for 2016– Survey completed – “Pulse Point Interviews” underway– FERC Technical Conference scheduled for June 1, 2016– Leadership Summit June 29, 2016, four panels

• Panel 1 Pathways to maintaining reliability- how to plan the system, considering regulations etc. How do we design a robust cyber security system?

• Panel 2 Changing nature of Reliable Operations (i.e. resource mix, new tools needed?).

• Panel 3 Resiliency, cyber and physical security, preparation and planning• Panel 4 Wrap up, What types of things are not being addressed?

– July 14, 2016- Draft Report to ERO and Regions– September 16, 2016- Final Report with Risk Profiles showing probability and

impact will be ready for BOT approval5/5/2016 13

Compliance Guidance Policy and InterpretationsCompliance Guidance Policy:• Process for developing approaches useful in providing guidance for

implementing standards• November 4-5, 2015 BOT approvals (NERC Comp. and Enf. Webpage)• Two Types of Guidance:

– CMEP Implementation Guidance:• Approaches on how entities could comply with standards• Led and developed by SME; vetted by pre-approved organizations, not NERC• Not necessarily the only approach to comply with a standard• Endorsed for Deference by the ERO

– CMEP Practice Guide-Auditor Instructions• Initiated by ERO Policy• Initiated by ERO in response to a specific issue• Initiated from stakeholder need

• Section 11-”Process for Approving Supporting Documents” of the SPM being revised

• Upon approval provides compliance deference5/5/2016 14

Compliance Guidance Policy Pre-approved Orgs.• American Public Power Association (APPA) • Canadian Electricity Association (CEA) • Edison Electric Institute (EEI) • Electricity Consumers Resource Council (ELCON) • Electric Power Supply Association (EPSA) • ISO/RTO Council • Large Public Power Council (LPPC) • National Association of Regulatory Utility Commissioners (NARUC) • National Rural Electric Cooperative Association (NRECA) • North American Generator Forum (NAGF) • North American Transmission Forum (NATF) • Northwest Public Power Association (NWPPA) • Transmission Access Policy Study Group (TAPS) • Western Interconnection Compliance Forum (WICF) • NERC Planning Committee (PC) • NERC Operating Committee (OC) • NERC Critical Infrastructure Protection Committee (CIPC) • Regional Entity Stakeholder Committees (NPCC CC)

5/5/2016 15

Compliance Guidance Policy ProcessCMEP Implementation Guidance Process:• SME develops guidance and submits to pre-

approved org. for vetting• Submission to NERC-w/receipt confirmation• Submission record posted on NERC website• ERO evaluates within 45-90 days for technical

soundness, conformity to standard, collaborates with submitter to resolve issues

• If endorsed by ERO, it will be institutionalized and posted on the NERC website as approved guidance

• Upon approval provides leadership at NERC and the Regions will ensure compliance deference is given

5/5/2016 16

Compliance Guidance Policy and InterpretationsRequest for Interpretation (RFI):• Standard Processes Manual (SPM) Section 7 outlines

the process for developing an interpretation. Eight criteria for rejecting a request.

• A valid interpretation provides additional clarity about one or more requirements, but does not expand on any requirement and does not explain how to comply with any requirement.

• Any entity that is directly and materially affected by the reliability of the North American Bulk Power Systems may request an interpretation.

• The NERC Standards and Legal staff shall make a recommendation to the Standards Committee whether to accept the Request for Interpretation (RFI).

5/5/2016 17

NPCC Regional Standards• Automatic Underfrequency Load Shedding,

PRC-006-NPCC-01, NERC BOT approved and approved by FERC on February 21, 2013 along with its Implementation Plan– R1-7 First day of first Calendar quarter following

regulatory approval (no sooner than Jan 1, 2016)– R8-23 First day of first Calendar quarter two years

following regulatory approval (July 1, 2015)– Ontario (January 1, 2017 all requirements)

5/5/2016 18

NPCC Regional Standards• RSAR to review PRC-006-NPCC-1 initiated to:

• Review for potential revisions made necessary by:– NERC PRC-006-1/PRC-006-2 Automatic Underfrequency

Load Shedding– NERC PRC-024-1/PRC-024-2 Generator Frequency and

Voltage Protective Relay Settings standards. • Review for Dispersed Generation (DG) issues

• Separate RSAR to correct R4 and R5, HQ Interconnection issues in the Continent wide standard PRC-006-2 Regional Variance Section.

• RSC approval of RSAR• RCC Transmittal and Assignment to TFSS• SDT in the process of its review, open to Observers

5/5/2016 19

NPCC Directories (Criteria)• Ten Directories• Mandatory compliance for NPCC Full

Members, NPCC Criteria Compliance Enforcement Program (CCEP)

• Contractual Obligations for others-Tariffs, Interconnection Agreements

• Promotion of reliability through Standards and reduction of Criteria

5/5/2016 20

5/5/2016 21

Legal Procedural Information for Standards• BOT Approves Standard• NERC Files a Petition with FERC and Canadian Regulatory Authorities.• FERC elects RM or RD (RM Rulemaking-NOPR) no time requirement for FERC to act• NOPR – 60 days to comment• FERC Final Order Date (Date the Order is Issued)• Federal Register Publication Date – Effective Date of the ORDER (not the Standard) . This is

the “Commission Approval Date”• Effective Date of the Standard is usually defined in the Petition filed by NERC, e.g. “effective

on the first day of the first calendar quarter that is XXX months after Commission Approval Date”

• Implementation Plan• Request for Rehearing of a Final Order can be requested within 30 days of FERC Final Order

Date (not Commission approval date)– FERC must act on a rehearing request within 30 days and if no action is taken the

rehearing request is deemed denied– FERC can delay its action on this indefinitely– FERC almost always delays action – Request for rehearing does not impact the Commission approval date– Preserves right to appeal to Court

5/5/2016 22

NPCC Regional Standards Committee• Reliability Issues Steering Committee- emerging issue identification• Comments on NERC/ERO and Eastern Interconnection Regional

Standards• Develops Ballot Recommendations for NERC/ ERO Standards and

Interpretations• Participates in NERC Standards drafting and influence processes

through various groups-formal and informal• Oversees the Development and Maintenance of NPCC Regional

Standards• Oversees the Development and Maintenance of NPCC Regional

Directories• Regional Delegation Agreement-Standards Program Area• Review all FERC Orders, Rulings, NOPRs and Petitions related to

Standards

11/20/2013 23

Future of Standards and Criteria• Standards will all undergo EPR and be graded • Increased emphasis on cost and justification of

standard-based solutions• Standards Metrics-are standards improving? is

reliability improving?• Risk “informed” solutions• Increased Continent-wide vs. Regional solutions• Increased informal consensus building and

development-Enhanced Periodic Reviews• Less time/ opportunity for industry review5/5/2016 24

“Intelligence is the ability to adapt to change.”- Stephen Hawking

Questions or Comments ?5/5/2016 25

Sal BuffamanteAssistant Vice PresidentCompliance Audits and Risk Assessment

The State of Compliance Monitoring

Compliance Monitoring is now Risk-Based.

Risk-based compliance monitoring consist of the identification of

risk elements and associated areas of focus in the

CMEP Implementation Plan. It involves the assessment of a

registered entity’s inherent risk (an IRA and/or ICE) and the

determination of the appropriate depth, frequency, and tools to

use for compliance monitoring tailored for each registered entity.

Risk Based Compliance Monitoring


How did we get to this point?2007

First Onsite Audits:

• Averaged 1 ½ days

• Looked at procedures and EMS screenshots

• Very few interviews with SMEs

• RSAWs did not exist



2008

Onsite Audits:

• Averaged 3 days

• Looked at procedures

• Some interviews with SMEs

• Compliance Process Bulletins

• Zero tolerance policy


2009

Audits:

• On-site averaged 4 days

• AML (Actively Monitored List)

• RSAWs used for auditors

• Pre-audit evidence and data

• Reliance on evidence and interviews with SMEs

• Spot Check program for entities not audited • CIP Audits begin


2010

Audits:

• On-site Averaged 5 days

• Pre-audit evidence and data; 1st round questions

• Reliance on evidence and in depth interviews

• Control Room interview questionnaire

• Some room for tolerance

• RSAWs used for auditors and entities


2011

Audits:


• CANs (Compliance Application Notices)


2012

Audits:


• Reliance on evidence, RSAWs and in depth interviews

with SMEs

• NPCC: leeway given for minor violations (could they be

mitigated while we were on site?)


2013

• NPCC leeway policy leads to FFTs

• AML plus/minus Regional specific Standards

• Realization that Compliance Program needs to enter a new

phase based on entity history and risk


2014

• RAI (Reliability Assurance Initiative)The Reliability Assurance Initiative (RAI) was a collaborative effort among NERC, the Regional Entities, and industry to identify and implement changes to improve effectiveness of the Compliance Monitoring and Enforcement Program by transitioning to a risk based approach focusing on reliability.

Compliance monitoring and enforcement should be based risk factors and registered entity management practices related to the detection, assessment, mitigation, and reporting of noncompliance. A risk-based approach allows proper allocation of resources and encourages registered entities to enhance internal controls that focus on the self-identification of noncompliance.


2014

• RAI (Reliability Assurance Initiative) From the RAI, the ERO completed the design of the risk-based CMEP which is focusing

on program implementation. Regional Entities concentrate their efforts on four critical areas: training, continued outreach, oversight, and development of objective metrics to measure the success of the risk-based CMEP.

RAI was completed in 2014, therefore NERC no longer includes references to RAI in its communications. The RAI has evolved into Risk Based Compliance.


2015

• Risk Elements replace the AML• Risk Elements are the first step of the risk based framework and consists of identifying and

prioritizing continent-wide risks.

• CIP-014 On November 20, 2014, FERC approved CIP-014-1 – Physical Security. The standard became effective on October 1, 2015.

During the implementation period for CIP-014-1 NERC issued guidance documents. Regions provided training and outreach to industry to improve industry’s understanding of the requirements of CIP-014-1 and help ensure that industry was technically ready to implement the various requirements in the standard according to the time frame provided in the implementation plan.


2015

• CIP version 5 On November 22, 2013, FERC approved Version 5 of the critical infrastructure protection

cybersecurity standards (CIP Version 5).

The Regions initiated a program to help industry transition directly from the currently enforceable CIP Version 3 standards to CIP Version 5. The goal of the transition program was to improve industry’s understanding of the technical security requirements for CIP Version 5, as well as the expectations for compliance and enforcement.


2016• Audits are now one element of the oversight selection that

a region may chose after an IRA and/or ICE is completed.

• The scope and focus of the oversight plan may shift to a spot check or a self-certification.

What’s New

GuidanceIn November 2015, the NERC Board of Trustees approved the Compliance Guidance Policy, located under Key Resources. Compliance Guidance under the Compliance Guidance Policy includes two types:

Implementation Guidance, which provides examples for implementing a standard; and CMEP Practice Guides, which provide direction to ERO Enterprise CMEP staff on approaches to

carry out compliance monitoring and enforcement activities.

Implementation Guidance is developed by industry and vetted through pre-qualified organizations. In order for an organization to become pre-qualified, a member of that organization must submit an application to the Compliance and Certification Committee. Vetted examples can then be submitted to the ERO Enterprise for endorsement, and, if endorsed, the ERO Enterprise would give the example deference during CMEP activities with consideration of facts and circumstances. Implementation Guidance would not prescribe the only approach to implementing a standard and entities may choose alternative approaches that better fit their situation. Draft Implementation Guidance will be posted while it is being considered for ERO Enterprise endorsement. Once the Implementation Guidance is endorsed, it will be moved to the ERO Enterprise-Endorsed Implementation Guidance section.

Draft Guidance that does not receive ERO Enterprise endorsement will be removed.

ERO Enterprise endorsed as pre-qualified by the CCC.

1. American Public Power Association (APPA) 2. Canadian Electricity Association (CEA) 3. Edison Electric Institute (EEI) 4. Electricity Consumers Resource Council (ELCON) 5. Electric Power Supply Association (EPSA) 6. ISO/RTO Council 7. Large Public Power Council (LPPC) 8. National Association of Regulatory Utility Commissioners (NARUC) 9. National Rural Electric Cooperative Association (NRECA) 10. North American Generator Forum (NAGF) 11. North American Transmission Forum (NATF) 12. Northwest Public Power Association (NWPPA) 13. Transmission Access Policy Study Group (TAPS) 14. Western Interconnection Compliance Forum (WICF) 15. NERC Planning Committee (PC) 16. NERC Operating Committee (OC) 17. NERC Critical Infrastructure Protection Committee (CIPC) 18. Regional Entity Stakeholder Committees

What’s New

IRAs

NPCC has completed development of a diagram that explains the NPCC process for mapping the NERC and NPCC Risk Elements to the NERC Risk Factors.

NPCC also developed a corresponding process document that includes additional details on the methodology for making mapping determinations and for performing Inherent Risk Assessments in 2016.

What’s New

Supply Chain Risk Management

FERC believes there is a gap in the CIP v5 Reliability Standards.Specifically, after Order No. 791 was issued, the Industry Control System -Computer Emergency Readiness Team (ICS-CERT) reported on two focused malware campaigns. This new type of malware campaign is based on the injection of malware while a product or service remains in the control of the hardware or software vendor, prior to delivery to the customer.

Challenges•Difficult managing and expecting vendors to comply without clear expectations.•Organizations have to find a way to engage their purchasing and advanced sourcing departments to help drive vendor expectation.

What’s New

Grading of StandardsStandards Committee (SC) endorsed grading of Standards as a metric on March 9, 2016.

Grading to be conducted by the Standing Review Team:• Operating Committee (OC)

Chair (or OC Chair delegate)• Planning Committee (PC)

Chair (or PC Chair delegate)• NERC staff • A representative from the

Regions

QUESTIONS

NPCC

2016 NPCC Inherent Risk Assessment (IRA) and Scope Of Monitoring Engagement (SoME)

Refinements

Scott NiedMay 10, 2016

NPCC Spring Workshop

5/9/2016 1

5/9/2016 2

Mapping and IRAs• Objective for 2016

– Map the NERC Risk Elements and any NPCC-specific Risk Elements to the NERC Risk Factors that appear in NERC IRA Guide.

• Milestones– Develop a process diagram– Integrate mapping into 2016 IRA activity– Present results of NPCC mapping to NERC as input into a uniform and

consistent ERO-wide approach to conducting IRA mapping

5/9/2016 3

NERC 2016 CMEP Implementation Plan

• 8 Risk Element categories• Critical Infrastructure Protection (11)• Extreme Physical Events (5)• Maintenance and Management of BPS Assets (4)• Monitoring and Situational Awareness (5)• Protection System Failures (5)• Event Response and Recovery (7)• Human Performance (3)• Planning and System Analysis (7)

• Each category has:• A subset of requirements…the “Focus Areas”• “NERC Risk Element requirements” (47)

5/9/2016 4

NERC Risk Element Example

5/9/2016 5

NPCC Regional Risk ElementBES Definition – (74 Requirements)

5/9/2016 6

EOP-001-2.1bR4, R5

EOP-002-3.1R6, R7, R8

EOP-005-2R1, R5, R6, R9,R10, R11, R12, R13

EOP-006-2R1, R2, R3, R4, R5, R6, R7, R8, R9, R10

EOP-008-1R1, R2, R3, R4, R5, R6, R7, R8

FAC-003-3R1, R2, R3, R4, R5, R6

FAC-008-3R2, R3

FAC-011-2R1, R2, R3

FAC-014-2R1, R2, R3, R4, R5, R6

IRO-004-2R1

PER-001-0.2R1

PER-005-1(inactive 6/30/16)R1, R3

PER-005-2 (active 7/1/16)R1, R2, R6

PRC-004-2.1a (inactive 6/30/16)R3

PRC-004-4 (active 7/1/16)R5, R6

TOP-002-2.1bR1, R2, R4, R11, R17, R19

TOP-004-2R1, R2, R3, R4, R5,R6

TOP-006-2R3, R4, R5, R6

5/9/2016 7

5/9/2016 8

5/9/2016 9

Mapping Examples

5/9/2016 10

Mapping Results

NERC Risk Factor Quantity of Requirements Mapped

BES Exposure 121Peak Load of Service Area

and Capacity121

IROL and Paths 121SPS/UVLS/UFLS 6

SCADA/EMS 16System Restoration

Responsibility29

System Geography 9Compliance History 0

System Events/Trends 5

5/9/2016 11

Mapping is Memorialized

5/9/2016 12

5/9/2016 13

Assessment of Risk Factors• BES Exposure• Peak Load and Capacity• IROLs and Paths• SPS and UFLS• SCADA and EMS• System Restoration Responsibilities• System Geography• Compliance History and Trends• System Events and Trends

The result is that the entity is assessed as H or M or L for each RF

5/9/2016 14

Next: Monitoring Determination Matrix

5/9/2016 15

SoME Snapshot

5/9/2016 16

5/9/2016 17

5/9/2016 18

Next: IRA Summary Report

5/9/2016 19

1

Risk Based Enforcement

Walter CintronMay 10, 2016

Cooperstown, New York

2

Mike Piazza

3

4

• December 1, 2015 WECC filed Notice of Penalty for $200,000 for 15 CIP violations.

$200,000

WECC2013012023 CIP-003-3 R5 LowerWECC2014013497 CIP-003-3 R6 LowerWECC2012011467 CIP-005-1 R1 MediumWECC2013012367 CIP-005-3a R5 LowerWECC2013012368 CIP-006-1 R1 MediumWECC2013012025 CIP-006-3c R4 MediumWECC2012011598 CIP-006-3c R5 MediumWECC2014013498 CIP-007-3a R1 MediumWECC2014013658 CIP-007-3a R2 MediumWECC2013012369 CIP-007-3a R3 LowerWECC2012011599 CIP-007-1 R5 MediumWECC2014013499 CIP-007-3a R5 MediumWECC2013012370 CIP-007-3a R9 LowerWECC2014013500 CIP-007-3a R9 LowerWECC2013012029 CIP-009-1 R1 Medium

5

$235,000

SPP2013013217 CIP-002-3 R3.1 Moderate

SPP2013013218 CIP-003-3 R6 Moderate

SPP2013013224 CIP-005-3a R4.3, R4.5 Moderate

SPP2013013225 CIP-006-3a R2.2 Moderate

SPP2013013226 CIP-007-3a R1.1, R1.2, R1.3 Moderate






• December 30, 2015 SPP filed Notice of Penalty for $235,000 for 10 CIP violations.

6

• January 28, 2016 NP16-10-000 filed by RF $150,000 for 40 CIP violations

$150,000

RFC2014013798 CIP-002-3 R3 High

RFC2014013829 CIP-003-3 R1 Medium

RFC2014013830 CIP-003-3 R4 Medium

RFC2014013799 CIP-003-3 R5 Lower

RFC2014013800 CIP-003-3 R6 Lower

RFC2014013831 CIP-004-3 R1 Lower

RFC2014013832 CIP-004-3 R2 Lower

RFC2014013446 CIP-004-3a R2.1 Medium

RFC2014013801 CIP-004-3 R4 Lower

RFC2014013794 CIP-004-3a R4.1 Lower

RFC2014013802 CIP-005-3a R1 Medium




RFC2014013833 CIP-005-3a R5 Lower

RFC2014013810 CIP-006-3c R1 Medium







RFC2014013815 CIP-006-3c R6 Lower

RFC2014013834 CIP-006-3c R7 Lower




RFC2015015243 CIP-007-3a R3 Lower

RFC2014013795 CIP-007-3a R3 Lower


RFC2014013823 CIP-007-3a R5 Lower

RFC2014014469 CIP-007-3a R5.2.3 Lower

7

• February 29. 2016 RF filed a Notice of Penalty in the amount of $1,700,000 for 36 CIP violations

Notice of Penalty filings

$1,700,000

RFC2014014245 CIP-002-3 R3 High

RFC2014014014 CIP-003-1 R6 Lower

RFC2014014251 CIP-004-3 R2 Medium

RFC2014014252 CIP-004-3 R2.1 Medium

RFC2014014253 CIP-004-3 R3.3 Lower

RFC2013013197 CIP-004-3a R4.2 Lower

RFC2014013447 CIP-004-3a R4.2 Lower

RFC2014013997 CIP-004-3a R4.2 Lower

RFC2014013623 CIP-005-1 R1.5 Medium

RFC2014014015 CIP-005-3a R1.5 Medium

RFC2014014207 CIP-005-3 R1.6 Lower

RFC2015015300 CIP-005-3a R1 Lower


RFC2014014011 CIP-006-1 R1.1 Medium

RFC2014014208 CIP-006-3a R1.8 Lower




RFC2014014211 CIP-007-3a R1.3 Lower

RFC2014013998 CIP-007-1 R2 Medium

RFC2014013626 CIP-007-1 R3 Lower

RFC2014014262 CIP-007-3a R3, R3.1, R3.2 Lower

RFC2014014114 CIP-007-3a R3.2 Lower


RFC2014014215 CIP-007-3a R5.1.2 Lower

RFC2014014216 CIP-007-1 R5.2, R5.2.3 Lower

RFC2014014257 CIP-007-3aR5.3; R5.3.1, R5.3.2,

R5.3.3Lower

RFC2014014238 CIP-007-3a R9 Lower

RFC2014014239 CIP-008-3 R1.6 Lower

RFC2014014240 CIP-009-3 R1 Medium

RFC2014014241 CIP-009-3 R2 Lower

RFC2015015301 CIP-009-3 R2 Lower

RFC2014014013 CIP-009-1 R4 Lower

RFC2015015302 CIP-009-3 R4 Lower

RFC2014014242 CIP-009-3 R5 Lower

RFC2015015303 CIP-009-3 R5 Lower

8

$1,700,000

RFC2014014245 CIP-002-3 R3 High

RFC2014014014 CIP-003-1 R6 Lower

RFC2014014251 CIP-004-3 R2 Medium

RFC2014014252 CIP-004-3 R2.1 Medium

RFC2014014253 CIP-004-3 R3.3 Lower

RFC2013013197 CIP-004-3a R4.2 Lower

RFC2014013447 CIP-004-3a R4.2 Lower

RFC2014013997 CIP-004-3a R4.2 Lower

RFC2014013623 CIP-005-1 R1.5 Medium

RFC2014014015 CIP-005-3a R1.5 Medium

RFC2014014207 CIP-005-3 R1.6 Lower

RFC2015015300 CIP-005-3a R1 Lower


RFC2014014011 CIP-006-1 R1.1 Medium

RFC2014014208 CIP-006-3a R1.8 Lower




RFC2014014211 CIP-007-3a R1.3 Lower

RFC2014013998 CIP-007-1 R2 Medium

RFC2014013626 CIP-007-1 R3 Lower

RFC2014014262 CIP-007-3a R3, R3.1, R3.2 Lower

RFC2014014114 CIP-007-3a R3.2 Lower


RFC2014014215 CIP-007-3a R5.1.2 Lower

RFC2014014216 CIP-007-1 R5.2, R5.2.3 Lower

RFC2014014257 CIP-007-3a R5.3; R5.3.1, R5.3.2, R5.3.3 Lower

RFC2014014238 CIP-007-3a R9 Lower

RFC2014014239 CIP-008-3 R1.6 Lower

RFC2014014240 CIP-009-3 R1 Medium

RFC2014014241 CIP-009-3 R2 Lower

RFC2015015301 CIP-009-3 R2 Lower

RFC2014014013 CIP-009-1 R4 Lower

RFC2015015302 CIP-009-3 R4 Lower

RFC2014014242 CIP-009-3 R5 Lower

RFC2015015303 CIP-009-3 R5 Lower

Notice of Penalty

• Filed by ReliabilityFirst in the amount of $1,700,000

• RF determined that Unidentified Registered Entity (URE) had serious, systemic security and compliance issues across URE’s multiple business units.

• Multiple violations were repeats of prior violations.

9

• Some of the most significant violations involved patching and physical security.

– URE failed to properly and completely follow its corporate management program and procedures specifically for its Window devices

– URE could not demonstrate it assessed patches for its operating systems within the 30 day requirement.

10

• Physical security

– URE discovered that three Physical Security Perimeter (PSP) doors to a central control room had been tampered with, presumably by employees, thus preventing the doors from latching securely

– URE’s most recent issue with securing its PSP occurred when an employee worked eight shifts despite URE revoking the employee’s physical access for failure to complete annual requalification training

11

• RF determined that 21 violations posed a serious and substantial risk to the reliability of the BPS.

• 11 posed a moderate risk to the reliability of the BPS,

• Remaining 4 posed a minimal risk to the reliability of the BPS.

12

Total of 36 violations

• Cultural issues that resulted in URE management’s lack of awareness, engagement, and accountability for CIP compliance.

• URE failed to identify its CIP issues, and even after identification, failed to promptly address the CIP issues.

• URE delayed submitting Mitigation Plans, was late in completing many of its Mitigation Plans, and failed to complete four Mitigation Plans, which resulted in ReliabilityFirst requiring URE to prepare and submit 4 new Mitigation Plans.

13

Root Cause

Penalty Considerations• RF considered 21 of the instant violations as repeat

noncompliances

• URE did not have a properly structured ICP at the time of the violations,

– RF did not award any mitigating or above and beyond credit for improvements for the current commitments to improve its culture given the nature of the violations, the long duration of the violations, and URE’s slow response to the violations;

14

Penalty Considerations

• RF awarded mitigating credit for URE’s implementation of an application to automate some steps for access revocation and provisioning

• URE self-reported 17 violations although most of those Self-Reports were submitted to RF leading up to and following the Compliance Audit. 19 violations were found during a Compliance Audit

15

Penalty Considerations

• URE received some mitigating credit for URE’s submission of some Self-Reports that were submitted well in advance of the Compliance Audit;

• URE was not cooperative throughout the compliance enforcement process, and ReliabilityFirstconsidered URE’s lack of cooperation as an aggravating factor in the penalty determination;

• there were no other mitigating or aggravating factors or extenuating circumstances that would effect the penalty

16

17

139

103

84 83

7163

38

28 2618

0

20

40

60

80

100

120

140

160

Top 10 Most Violated Standards

NonCompliances

18

11

2018

16

32

17

2

13

10

0

5

10

15

20

25

30

35

CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007

R1. R2. R3. R4. R5. R6. R7 R8. R9.

CIP 007 by requirement

Count

19

20

14

11

7 76

4 4 4 4

0

5

10

15

20

25

Top 10 Most Violated over the last 12 months

NonCompliances

20

2 2 2

1

5

3

4

1

0

1

2

3

4

5

6

CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007 CIP-007

R1. R2. R3. R4. R5. R6. R8. R9.

CIP 007 by requirement

Count

21

Items of Interest

22

CMEP 2015 Annual Report 78% of non-compliances from 2008 – 2015 represented “minimal” risk to the

reliable operation of the BES. Only 2% of violations in the enforcement process are serious risk.

For the period 2013 – 2015, approx. 85% of non-compliances are discovered internally by registered entities rather than being discovered during external audits, spot checks or compliance self-certifications.

NERC has 42 registered entities that have been approved to self-log. NPCC has 12 registered entities authorized to self-log compliance exceptions. There is an expectation that self-logging will be applied more broadly in the future across the Regions.

In 2015, 69% of non-compliances were minimal risk and classified as compliance exceptions ($0 penalties).

62% of NERC’s inventory of non-compliances are less than 1 year old.

23

January 1, 2016• FAC-001-2 – Facility Interconnection Requirements;• FAC-002-2 – Facility Interconnection Studies; and• NUC-001-3 – Nuclear Plant Interface Coordination.• PRC-005-6 Protection System , Automatic Reclosing, and Sudden Pressure Relaying Maintenance• IRO-006-East-2 Transmission Loading Relief Procedure for the Eastern Interconnection• IRO-009-2 Reliability Coordinator Actions to Operate within IROLs

July 1, 2016On July 1, 2016, in addition to several PRC Standards (PRC-004-4, PRC-019-1,• PRC-002-2 Disturbance Monitoring and Reporting Requirements• PRC-004-4(i) Protection System Misoperation Identification and Correction• PRC-019-2 Coordination of Generating Unit or Plant Capabilities, Voltage Regulating Controls, and Protection• PRC-024-2 Generator Frequency and Voltage Protective Relay Settings• BAL-001-2 – Real Power Balancing Control Performance;• COM-002-4 – Operating Personnel Communications Protocols;• MOD-025-2 – Verification and Data Reporting of Generator Real and Reactive Power Capability and Synchronous

Condenser Reactive Power Capability • MOD-031-1 – Demand and Energy Data • PER-005-2 – Operations Personnel Training.• CIP Version 6 Standards

October 1, 2016• MOD-031-2- Demand and Energy Data

2016 Enforcement Dates for standards

24

Do’s and Don’ts

• Self Report, be as descriptive as possible • Details are good.• Self Report early, rather than later• Don’t wait to get audit notification• Make risk assessment what it is, its not always minimal• Check to make sure other standards are not involved• Create the Self-Report with the intent of not getting any questions from us. • Don’t delay in submitting Mitigation Plans or activities• MP’s dates; make sure you can honor them

Questions? Question? Fragen? Domanda? Preguntas األسئلة

问题 Vragen ερωτήσεις שאלות

सवाल

Ceisteanna Domande Вопросы Cwestiynau Питања سوال

25

Project 2010-05.3 Phase 3 of Protection SystemsPRC-012-2 Remedial Action Schemes

Al McMeekin, NERCNPCC Compliance and Standards Spring WorkshopMay 10, 2016

RELIABILITY | ACCOUNTABILITY2

• Definition of recipe* 1: a set of instructions for making something from various ingredients 2: a formula or procedure for doing or attaining something

•Al’s simple definition of a Reliability Standard A set of agreed upon requirements that provide a framework for

maximizing the reliability of the BES. A completed; i.e., FERC-approved standard represents the collective wisdom of people with expertise in the subject matter that represent organizations such as the users, owners, operators, buyers, sellers, trades organizations, and regulators.

* Source: Merriam-Webster's Learner's Dictionary

Recipe and Standard Definitions


• Stakeholders• Drafting teams

Chefs


• The Industry Segments are: 1 — Transmission Owners 2 — RTOs, ISOs 3 — Load-serving Entities 4 — Transmission-dependent Utilities 5 — Electric Generators 6 — Electricity Brokers, Aggregators, and Marketers 7 — Large Electricity End Users 8 — Small Electricity End Users 9 — Federal, State, Provincial Regulatory or other Government Entities 10 — Regional Reliability Organizations, Regional Entities

Stakeholders


RAS Drafting Team

Member EntityGene Henneberg (Chair) NV Energy / Berkshire Hathaway Energy

Bobby Jones (Vice Chair) Southern Company

Amos Ang Southern California Edison

Alan Engelmann ComEd / Exelon

Davis Erwin Pacific Gas and Electric

Sharma Kolluri Entergy

Charles-Eric Langlois Hydro-Quebec TransEnergie

Robert J. O'Keefe American Electric Power

Hari Singh Xcel Energy


• NERC Standard Processes Manual (SPM)

Instructions


• PRC-012-1 Remedial Action Scheme Review Procedure• PRC-013-1 Remedial Action Scheme Database• PRC-014-1 Remedial Action Scheme Assessment• PRC-015-1 Remedial Action Scheme Data and Documentation• PRC-016-1 Remedial Action Scheme Misoperations• Existing Definition of Special Protection System• Existing Definition of Remedial Action Scheme

Ingredients



• Revised definitions Remedial Action Scheme (RAS) Special Protection System (SPS)

Appetizer


Appetizer: Revised RAS Definition

• Remedial Action Scheme (RAS) A scheme designed to detect predetermined System conditions and

automatically take corrective actions that may include, but are not limited to, adjusting or tripping generation (MW and Mvar), tripping load, or reconfiguring a System(s). RAS accomplish objectives such as:o Meet requirements identified in the NERC Reliability Standards;o Maintain Bulk Electric System (BES) stability;o Maintain acceptable BES voltages;o Maintain acceptable BES power flows;o Limit the impact of Cascading or extreme events.


Appetizer: Revised SPS Definition

• Special Protection System (SPS) See “Remedial Action Scheme”



• A single standard: PRC-012-2 Remedial Action Scheme (RAS) Consolidates the reliability objectives of all the existing RAS-related

standardso PRC-012-1 Remedial Action Scheme Review Procedureo PRC-013-1 Remedial Action Scheme Databaseo PRC-014-1 Remedial Action Scheme Assessmento PRC-015-1 Remedial Action Scheme Data and Documentationo PRC-016-1 Remedial Action Scheme Misoperations

Corrects the applicability of the fill-in-the-blank standards by assigning the requirement responsibilities to the specific users, owners, and operators of the Bulk-Power System

Entrée



• Limited impact RAS designation• Periodic evaluations• Functional testing

Development Challenges


• What?• Why?• Who?• When?• Where?

Limited Impact RAS



Periodic Evaluations



Functional Testing



• Chefs (stakeholder) approval• NERC Board of Trustees adoption• FERC (regulatory) approval

Blessing


• NERC Standards Developer, Al McMeekin Email at [email protected] Telephone: 404-446-9675

• Project 2010-05.3 website: Project 2010-05.3 Phase 3 of Protection Systems: Remedial Action Schemes

Conclusion

mailto:[email protected]

http://www.nerc.com/pa/Stand/Pages/Project-2010-05_3-Remedial-Action-Schemes_Phase-3-of-Protection-Systems.aspx


www.avangrid.com 1

AVANGRID NETWORKS Electric System Planning

May 10, 2016

NERC Bulk Electric System Definition & NERC TPL-001-04 Compliance Project Overview NPCC Spring 2016 Compliance & Standards Workshop

https://www.iberdrola.es/

www.avangrid.com 2 BES Definition & TPL-001-4

NERC TPL-001-4 (Comparison of New Standard)

Similarities to the former NERC Transmission Planning (TPL) standards:

• Both have a “Table 1” which specifies design contingencies or “events” – most are similar or identical, but there are some differences (old are Category A through D contingencies – new are Category P0 through P7 contingencies)

• Non-Consequential Load Loss: “An objective of the planning process should be to minimize the likelihood and magnitude of Non-Consequential Load Loss following Contingency events.”

• A “Corrective Action Plan” section in the new TPL (R2.7 & 2.8) provides more specific requirements, but in concept is similar to the old TPL (R2)



NERC TPL-001-4 (Comparison of New Standard)

Differences with the former NERC Transmission Planning (TPL) standards:

• In general – more specificity in modeling and evaluation requirements, using a ‘conservative’ design approach

• Design contingencies or “events” are now distinguished between “EHV” (greater than 300 kV) and “HV” (300 kV and lower)

• Steady state analysis must now study two near term years (R2.1.1, years 1 through 5), an off-peak load, plus a long-term year (R2.2, years 6 through 10 or beyond)

• We must now model: – “Single Contingencies” (P1) for known scheduled outages (R2.1.3) (also see Draft NERC CAN-

0020 for “planned maintenance outage” interpretation, issued October 19) – “sensitivity cases” (R2.1.4 and R2.4.3) – equipment unavailability based on “spare equipment strategy” for long lead-time items (R2.1.5)

• short circuit analysis is now required (R2.3) • We must now consider the following in dynamic stability analysis:

– be done both for near-term peak and off-peak load (R2.4.2) and a long-term load (R2.5) – consider “the behavior of induction motor loads” (R2.4.1) – include relay models and generator low voltage and “ride through capability” (R3.3.1 & 4.3.1) – consider oscillatory damping (R4.1.3) – generator instability can only result in tripping of generator “directly connected Facilities”

(R4.1.2) • We must now have criteria specifying voltage limits, voltage deviation, transient voltage response,

and instability (R5 & R6)



NERC TPL-001-4 and New BES Definition (Compliance Assessment)

New TPL Standard increased scope of work

• Increased number of cases • Increased number of contingencies • Further considerations required during dynamic stability analysis

New Bulk Electric System Definition increased scope of work

• Central Maine Power Company & Maine Electric Power company – Old definition = 9 substations, 36 lines

– New definition = 63 substations, 74 lines

• New York State Electric and Gas & Rochester Gas and Electric – Old definition = 21 substations, 38 lines

– New definition = 126 substations, 182 lines

• Due to this increased number of contingency analysis and post-processing, CMP’s existing computing power was insufficient

– To complete the study on-time, and remain compliant, a consultant firm was hired on to run this analysis.

– For future study work, CMP is working on purchasing a high powered server



NERC TPL-001-4 and New BES Definition (Study Scopes)

Two studies were done, coordinated with our respective ISOs and neighboring utilities

• Maine • New York • Service territories are shown in green



BES Program Corrective Action Plan Overview - Avangrid

1. A total of 33 projects were identified for Avangrid.

‒ Projects previously in the Five Year Plan: 15

‒ Newly identified area program: 18

2. Many projects require significant resources for design, state and local siting and permitting, and construction and outage planning for these projects

Facility Upgrades ME NY New/Major Rebuilt Substations

17 12

Total Substations Affected 31 24

New 115 kV Circuit Breakers

82 70

Transformers 22 15

Capacitor Banks 4 4

Reactors 1 0

Lines 345 kV 0 mi 49 mi


Lines 115kV 83 mi 250 mi


Lines 34.5 kV 32 mi 0 mi



Conclusion Summary

1. Large increase in BES facilities

2. More comprehensive dynamic stability analysis

3. Significant computing power required

4. Significant permitting and resources required to bring the newly-defined BES facilities up NERC TPL-001-4 standards – our Corrective Action Plans reflect this

Next Steps • Work with our local and state governments for siting and permitting

• Work with our ISOs to obtain necessary approvals to build, and outage coordination, under FERC Tariffs

• Continue to assess these facilities in the future to ensure ongoing compliance


www.cmpco.com 1

AVANGRID NETWORKS Electric System Planning

May 10, 2016

NERC TPL-007-1 & CMP Geomagnetic Disturbance (GMD) Study NPCC Spring 2016 Compliance & Standards Workshop Overview


www.cmpco.com 2

Found a high correlation to transformer audio while GIC present

Monitoring Progress for GMD

GMD Study Data


www.cmpco.com 3 GMD Study Data

GMD Power Flow Study Process

• Calculation of GIC through the transmission system • Utilized in Heating Calculations

Run GIC/DC Power Flow Calculation (TP Registered Entity) PSS/E w/GIC

• Calculation of impacts due to transformer reactive consumption • Test for reactive device failure and resulting voltage

Run AC Power Flow (Steady State) Calculation (TP) PSS/E w/RDCH*

• Requires detailed calculations or manufacturer input to describe how a transformer will heat up during the defined GMD waveshape

• Checks if transformer will exceed heating limits and experience damage

Heating Analysis (TO/GO Registered Entity) IEEE, Hydro One, or other



GIC Power Flow Study

Inputs (detailed in next slide set) • GIC Input Files • Storm magnitude and direction • System Selection

Outputs • AC Power Flow Read-Change (RDCH) files

containing reactive losses • Reports on GIC flow • Effective GIC on transformers (see next slide)


www.cmpco.com 5

Autotransformer GIC model & Effective GIC

Effective GIC

GMD Study Data

𝐼𝑒𝑒𝑒 =

𝑉1𝑉2− 1 𝐼𝑆 + 𝐼𝐶𝑉1𝑉2

H

X

H0X0

Ic

Is

VERY IMPORTANT!!! GIC can flow between

all connections

Amps/phase

Total Amps in neutral = 3 x Ic



GIC Theory

- Forget 60 Hz Phasor Theory temporarily - GMD event casts a Geoelectric Field over the power system creating a DC

current flow in the AC transmission system - Greatest impact while the Geoelectric Field is parallel to transmission line

𝑉 = 𝐸𝑁𝐿𝑁 + 𝐸𝐸𝐿𝐸

Sub 2 Sub 1 N

-1

-0.8

-0.6

-0.4

-0.2

0

0.2

0.4

0.6

0.8

1

0 100 200 300

DC Induced Voltage

0

0.25

0.5

0.75

1

DC Induced Voltage 0°

90° 270°

180°



GIC Simulation Recommendations

1) For improvements in accuracy, collect more measured information from Generators and neighboring Transmission Owners

2) Utilize three winding models in PSS/E. Two winding

representations would require additional effort

3) Modeling less than 200 kV is important when there are series capacitors on an overlaid higher voltage network (Orrington). Also, when grounded Wye transformers are located close to autotransformers. (even though not required by TPL-007)

4) More monitoring is needed to benchmark simulations



Good References

NERC GMD Project Page • TPL-007-1 • GMD Task Force Planning Guide • Benchmark Geomagnetic Disturbance Event Description • Thermal Screening Criterion White Paper • Transformer Thermal Impact Assessment White Paper • Application Guide

Geomagnetic Location Calculator - http://wdc.kugi.kyoto-u.ac.jp/igrf/gggm/ R. Horton, D. Boteler, T.J. Overbye, R. Pirjola, and R.C. Dugan, “A Test Case for the Calculation of Geomagnetically Induced Currents”, IEEE Transactions on Power Delivery, Vol. 27, No. 4, October 2012, pages 2368-2373. X. Dong, Y. Liu, J. G. Kappenman, “Comparative Analysis of Exciting Current Harmonics and Reactive Power Consumption from GIC Saturated Transformers”, Proceedings IEEE, 2001, pages 318-322. K. Patil, “Modeling and Evaluation of Geomagnetic Storms in the Electric Power System”, C4-306, CIGRE, 2014 The Maine GMD study report is item number 51 in this link: https://mpuc-cms.maine.gov/CQM.Public.WebUI/Common/CaseMaster.aspx?CaseNumber=2013-00415.


http://www.nerc.com/pa/Stand/Pages/Project-2013-03-Geomagnetic-Disturbance-Mitigation.aspx

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/tpl_007_1_20141204_clean.pdf

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/Geomagnetic Disturbance Task Force GMDTF 2013_GMD Planning Guide_approved.pdf

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/Benchmark_GMD_Event_Dec5_clean.pdf

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/Thermal_screening_Dec5_clean.pdf

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/thermal_impact_assessment_whitepaper_Dec5_clean.pdf

http://www.nerc.com/pa/Stand/Project201303GeomagneticDisturbanceMitigation/GIC Application Guide 2013_approved.pdf

http://wdc.kugi.kyoto-u.ac.jp/igrf/gggm/

https://mpuc-cms.maine.gov/CQM.Public.WebUI/Common/CaseMaster.aspx?CaseNumber=2013-00415

https://mpuc-cms.maine.gov/CQM.Public.WebUI/Common/CaseMaster.aspx?CaseNumber=2013-00415