Smart Grid America: Securing your network and customer data. Michael Assante Vice President and Chief Security Officer March 9, 2010

Size: px
Start display at page:

Download "Smart Grid America: Securing your network and customer data. Michael Assante Vice President and Chief Security Officer March 9, 2010"

Transcription

1 Smart Grid America: Securing your network and customer data Michael Assante Vice President and Chief Security Officer March 9, 2010

2 About NERC The electric industry s self-regulatory organization for reliability Balances the interests of all stakeholders Represents industry consensus Independently acts in the best interest of reliability The regulator s electric reliability organization International charter lending government support and oversight to NERC activities, ensuring that the best interests of society-at-large are represented

3 CIP Standards Development NERC & stakeholders discussed framework limitations of the current CIP-002 approach FERC Order 706 Cyber Security Order 706 Standard Drafting Team posted revised version 4 of CIP-002 for comment (December 29, 2009) Develop and post the entire family of standard revisions Version 4 is targeted for submission to the NERC BoT by end of the year 2010

4 CIP DRAFT for informal comment DRAFT Highlights: Comment period concludes February 12, 2010 Includes criteria for evaluating potential impact on functions critical to the reliable operation of the BPS, organized in high, medium, and low impact categories Bright Line categorization (attachment 1) serves as the basis for applying security requirements (CIP Version 4) Shift from a one-size fits all approach to cyber security application to one that is better aligned with a strategy of risk management

5 BPS CIP Policy Statement NERC in consultation with the ESSG drafted initial policy statement for discussion purposes Purpose is to provide guidance on critical infrastructure protection, as well as response and restoration, and will serve to set expectations within NERC and its technical committees Used in communicating expectations with government partners

6 BPS CIP Policy Statement (Cont.) Places sharp focus on the following: Define and properly scope CIP concerns Reinforce the need to think differently about intelligent threats Policy will not be enforceable, but serve as a guide for NERC activities including potential standards setting Intend to recommend for board approval after opportunity for broad stakeholder comment

7 CIP Policy Statement Significant electric reliability concern is the potential for simultaneous impact to large portions of the bulk power system, from which restoration and recovery may be challenging and prolonged. Scope of concern (not all attacks/incidents) NERC and its members are committed to aligning current and future CIP protection efforts to minimize the risk of various cyber, physical, and blended scenarios from achieving these unacceptable outcomes.

8 BPS CIP Policy Statement (Cont.) Expectation of policy: Recognition that not all assets have the same protection priorities Should help bulk power system entities set expectations Properly balance increased security investments and cost of service Establish reasonable security protection goals. DHS QHSR Review: Understand and prioritize risks to critical infrastructure: Identify, attribute, and evaluate the most dangerous threats to critical infrastructure and those categories of critical infrastructure most at risk. Further develop an industry strength by practicing system recover & restoration

9 Smart Grid System Benefits Enhanced flexibility and control Balancing variable demand & resources (storage, PHEV, etc.) Demand response integration Large deployment of sensor & automation technologies (wide-area situational awareness) Voltage stability (transient & post-transient stability) Frequency regulation, oscillation damping Disturbance data monitoring/recording Integrating increased amounts of distribution-level assets (residential solar panels, PHEV, etc.) 9

10 Smart Grid Reliability Considerations Coordination of controls and protection systems Cyber security in planning, design, and operations Ability to maintain voltage and frequency control Disturbance ride-through (& intelligent reconnection) System inertia maintaining system stability Modeling harmonics, frequency response, controls Device interconnection standards Increased reliance on distribution-level assets to meet bulk system reliability requirements 10

11 Common Challenges Plug-In Hybrid Electric Vehicles / Storage Demand Response reliability Wind & Variable Generation Demand smart grid Conventional & Hydro Generation Energy Efficiency Nuclear Rooftop Solar / Local Wind Development cyber security Cyber security is one of the most important concerns for the 21 st century grid and must be central to policy 11and strategy. The potential for an attacker to access the system extends from meter to generator.

12 The Smart Grid Landscape The aggregate impacts of Smart Grid on the distribution system may impact the reliability of the bulk power system. Pass-through attacks from the distribution system may also present a threat to bulk power system reliability. AGGREGATE IMPACTS increasing uncertainty end users increasing maturity CFL HAN PHEV Smart Appliances AMI DG/DER DSM distribution PASS-THROUGH ATTACKS DSCADA IFM DSTATCOM PLC approx. 100 kv SHN DTM SST RTR BPS Bulk Power System utility-scale generation 12

13 Smart Grid Task Force Scope Identify and explain any BPS reliability issues and/or concerns of the Smart Grid Assess Smart Grid reliability characteristics Determine the cyber security and critical infrastructure protection implications Identify how the integration of Smart Grid technologies affects BPS planning, design and operational processes and the tools needed to maintain reliability Determine which existing NERC Reliability Standards may apply Provide recommendations for areas where Reliability Standards development work may be needed 13

14 Summary Policy level goals and scope for physical and cybersecurity protection of the bulk power system Proactive mitigation of security risks by the industry Minimum bright line criteria for identifying critical bulk power system assets Work with government to ensure availability of actionable information on security threats Promote incident reporting and conducting analysis to understand risk and develop lessons learned Communicate collective industry efforts to the government and public

15 Questions? Michael Assante

Cyber security: Practical Utility Programs that Work

Cyber security: Practical Utility Programs that Work Cyber security: Practical Utility Programs that Work Securing Strategic National Assets APPA National Conference 2009 Michael Assante Vice President & CSO, NERC June 15, 2009 The Electric Grid - Challenges

More information

AD11-6-000 FERC Technical Conference February 8, 2011 Statement of Ron Litzinger. President, Southern California Edison Company

AD11-6-000 FERC Technical Conference February 8, 2011 Statement of Ron Litzinger. President, Southern California Edison Company AD11-6-000 FERC Technical Conference February 8, 2011 Statement of Ron Litzinger President, Southern California Edison Company Good afternoon, Chairman Wellinghoff, Commissioners, and FERC staff. I am

More information

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Panel Session: Lessons Learned in Smart Grid Cybersecurity PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory

More information

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity October 10, 2014 Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 RE: Experience with the Framework for Improving Critical Infrastructure

More information

Written Statement of Richard Dewey Executive Vice President New York Independent System Operator

Written Statement of Richard Dewey Executive Vice President New York Independent System Operator Written Statement of Richard Dewey Executive Vice President New York Independent System Operator Senate Standing Committee on Veterans, Homeland Security and Military Affairs Senator Thomas D. Croci, Chairman

More information

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Boeing Defense, Space & Security Ventures Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Tristan Glenwright - Boeing BOEING is a trademark of Boeing Management Company. The

More information

SMART GRID. David Mohler Duke Energy Vice President and Chief Technology Officer Technology, Strategy and Policy

SMART GRID. David Mohler Duke Energy Vice President and Chief Technology Officer Technology, Strategy and Policy SMART GRID David Mohler Duke Energy Vice President and Chief Technology Officer Technology, Strategy and Policy About Duke Energy Operating revenues: $13.2 billion (U.S.) Total Assets: $49 billion Employees:

More information

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE COMMITTEE ON ENERGY AND NATURAL RESOURCES UNITED STATES SENATE

More information

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

April 8, 2013. Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899 Salt River Project P.O. Box 52025 Mail Stop: CUN204 Phoenix, AZ 85072 2025 Phone: (602) 236 6011 Fax: (602) 629 7988 James.Costello@srpnet.com James J. Costello Director, Enterprise IT Security April 8,

More information

IEEE-Northwest Energy Systems Symposium (NWESS)

IEEE-Northwest Energy Systems Symposium (NWESS) IEEE-Northwest Energy Systems Symposium (NWESS) Paul Skare Energy & Environment Directorate Cybersecurity Program Manager Philip Craig Jr National Security Directorate Sr. Cyber Research Engineer The Pacific

More information

Summary of CIP Version 5 Standards

Summary of CIP Version 5 Standards Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have

More information

Georgia Tech ARPA-E: Energy Internet

Georgia Tech ARPA-E: Energy Internet Georgia Tech ARPA-E: Energy Internet Prosumer-Based Distributed Autonomous Cyber-Physical Architecture for Ultra-reliable Green Electricity Internetworks Santiago Grijalva Marilyn Wolf Magnus Egerstedt

More information

Regulatory Compliance Management for Energy and Utilities

Regulatory Compliance Management for Energy and Utilities Regulatory Compliance Management for Energy and Utilities The Energy and Utility (E&U) sector is transforming as enterprises are looking for ways to replace aging infrastructure and create clean, sustainable

More information

Cyber Security and Privacy - Program 183

Cyber Security and Privacy - Program 183 Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology

More information

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project

EEI Business Continuity. Threat Scenario Project (TSP) April 4, 2012. EEI Threat Scenario Project EEI Business Continuity Conference Threat Scenario (TSP) April 4, 2012 EEI Threat Scenario 1 Background EEI, working with a group of CIOs and Subject Matter Experts, conducted a survey with member companies

More information

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council Voluntary Cybersecurity Initiatives in Critical Infrastructure Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org 2014 Utilities Telecom Council Utility cybersecurity environment is full of collaborations

More information

Cyber Security The Leadership Opportunity for Joint Action Agencies. 2013 APPA Joint Action Workshop

Cyber Security The Leadership Opportunity for Joint Action Agencies. 2013 APPA Joint Action Workshop Cyber Security The Leadership Opportunity for Joint Action Agencies 2013 APPA Joint Action Workshop Doug Westlund N-Dimension Solutions Inc. Cyber Security for the Smart Grid Cyber Risk Reduction Questions

More information

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation

More information

Information Bulletin

Information Bulletin Public Policy Division Impact of NIST Guidelines for Cybersecurity Prepared by UTC Staff 1. Introduction... 3 2. Cybersecurity Landscape... 3 3. One Likely Scenario... 5 4. Draft NISTIR 7628, Guidelines

More information

GRADUATE RELIABILITY TRAINING PROGRAM. Initiation Date: September 2012

GRADUATE RELIABILITY TRAINING PROGRAM. Initiation Date: September 2012 GRADUATE RELIABILITY TRAINING PROGRAM Initiation Date: September 2012 Board Approved Date: May 2012 GRADUATE RELIABILITY TRAINING PROGRAM Program Description This program is intended for recent college

More information

CIP-014-1 Physical Security. Nate Roberts CIP Security Auditor I

CIP-014-1 Physical Security. Nate Roberts CIP Security Auditor I CIP-014-1 Physical Security Nate Roberts CIP Security Auditor I Notes Critical Infrastructure Protection (CIP) Standard CIP-014-1 is currently pending approval by the Federal Energy Regulatory Commission

More information

ENGINEERING BASICS: POWER GRID

ENGINEERING BASICS: POWER GRID ENGINEERING BASICS: POWER GRID Joydeep Mitra, Ph.D. INSTITUTE OF PUBLIC UTILITIES MICHIGAN STATE UNIVERSITY mitraj@msu.edu ipu.msu.edu Please do not distribute by electronic or other means or cite without

More information

NERC-CIP S MOST WANTED

NERC-CIP S MOST WANTED WHITE PAPER NERC-CIP S MOST WANTED The Top Three Most Violated NERC-CIP Standards What you need to know to stay off the list. www.alertenterprise.com NERC-CIP s Most Wanted AlertEnterprise, Inc. White

More information

NERC CIP Standards and NIST Smart Grid Update

NERC CIP Standards and NIST Smart Grid Update NERC CIP Standards and NIST Smart Grid Update Keith Stouffer Program Manager National Institute of Standards and Technology Keith.stouffer@nist.gov Topics NERC Critical Infrastructure Protection (CIP)

More information

Cyber Security Compliance (NERC CIP V5)

Cyber Security Compliance (NERC CIP V5) Cyber Security Compliance (NERC CIP V5) Ray Wright NovaTech, LLC Abstract: In December 2013, the Federal Energy Regulatory Commission (FERC) issued Order No. 791 which approved the Version 5 CIP Reliability

More information

Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA

Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA About Us... Public company traded on the New York Stock Exchange (CNP) Headquartered in Houston, TX Operating 3 business segments

More information

Steve Lusk Alex Amirnovin Tim Collins

Steve Lusk Alex Amirnovin Tim Collins Steve Lusk Alex Amirnovin Tim Collins ViaSat Inc. Cyber-intrusion Auto-response and Policy Management System (CAPMS) Cybersecurity for Energy Delivery Systems Peer Review August 5-6, 2014 Summary: Cyber-intrusion

More information

Alberta Reliability Standard Cyber Security Incident Reporting and Response Planning CIP-008-AB-5

Alberta Reliability Standard Cyber Security Incident Reporting and Response Planning CIP-008-AB-5 Final Forwarding Draft September 29, 2014 A. Introduction 1. Title: 2. Number: 3. Purpose: To mitigate the risk to the reliable operation of the bulk electric system as the result of a cyber security incident

More information

Allen Goldstein NIST Synchrometrology Lab Gaithersburg, MD allen.goldstein@nist.gov

Allen Goldstein NIST Synchrometrology Lab Gaithersburg, MD allen.goldstein@nist.gov Time Synchronization in Electrical Power Transmission and Distribution Systems Allen Goldstein NIST Synchrometrology Lab Gaithersburg, MD allen.goldstein@nist.gov Abstract Synchronization of measurements

More information

Hype Cycle for Intelligent Grid Technologies

Hype Cycle for Intelligent Grid Technologies Hype Cycle for Intelligent Grid Technologies Dr. Žarko Sumić VP & Distinguished Analyst Energy & Utilities Industry Advisory Services zarko.sumic@gartner.com Environmental Issues are Getting on the Main

More information

Smart Grid Advisory Committee

Smart Grid Advisory Committee Smart Grid Advisory Committee Cyber Security & Standards Board Staff Presentation October 1, 2013 1 Agenda 9:30-9:45 Welcome; Introductions Board staff 9:45-10:15 Presentation by N-Dimension Doug Westland

More information

NERC CIP VERSION 5 COMPLIANCE

NERC CIP VERSION 5 COMPLIANCE BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining

More information

SEC. 1301. STATEMENT OF POLICY ON MODERNIZATION OF ELECTRICITY GRID.

SEC. 1301. STATEMENT OF POLICY ON MODERNIZATION OF ELECTRICITY GRID. TITLE XIII--SMART GRID SEC. 1301. STATEMENT OF POLICY ON MODERNIZATION OF ELECTRICITY GRID. It is the policy of the United States to support the modernization of the Nation's electricity transmission and

More information

New England s Bulk Electric Power Grid. Mark Babula System Planning ISO New England Inc.

New England s Bulk Electric Power Grid. Mark Babula System Planning ISO New England Inc. New England s Bulk Electric Power Grid Mark Babula System Planning ISO New England Inc. ISO New England Overview Private, not-for-profit corporation created in 1997 to oversee New England s deregulated

More information

Introduction of Wireless Communication in Smart Grid

Introduction of Wireless Communication in Smart Grid Introduction of Wireless Communication in Smart Grid CATR-CTTL 第 1 页 Outline Introduction of Smart Grid Standardization of Smart Grid Wireless communication in Smart Grid Introduction of CATR work on Smart

More information

EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013

EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 1 AGENDA Why Cybersecurity? A Few Helpful Cybersecurity Concepts Developing Expertise:

More information

Power System review W I L L I A M V. T O R R E A P R I L 1 0, 2 0 1 3

Power System review W I L L I A M V. T O R R E A P R I L 1 0, 2 0 1 3 Power System review W I L L I A M V. T O R R E A P R I L 1 0, 2 0 1 3 Basics of Power systems Network topology Transmission and Distribution Load and Resource Balance Economic Dispatch Steady State System

More information

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a

More information

April 28, 2009. Dear Mr. Chairman:

April 28, 2009. Dear Mr. Chairman: April 28, 2009 The Honorable Edward J. Markey Chairman Subcommittee on Energy and Environment Committee on Energy and Commerce U.S. House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: I

More information

About Southern California Edison

About Southern California Edison About Southern California Edison One of the nations largest investorowned utilities with 125 years of service. Service Area 50,000 square miles Over 430 cities and communities Population Served Nearly

More information

NIST Cybersecurity Framework What It Means for Energy Companies

NIST Cybersecurity Framework What It Means for Energy Companies Daniel E. Frank J.J. Herbert Mark Thibodeaux NIST Cybersecurity Framework What It Means for Energy Companies November 14, 2013 Your Panelists Dan Frank J.J. Herbert Mark Thibodeaux 2 Overview The Cyber

More information

Hearing on Oversight of Federal Efforts to Address Electromagnetic Risks. May 17, 2016

Hearing on Oversight of Federal Efforts to Address Electromagnetic Risks. May 17, 2016 Testimony of Joseph McClelland Director, Office of Energy Infrastructure Security Federal Energy Regulatory Commission Before the Committee on Homeland Security Subcommittee on Oversight and Management

More information

NIST Coordination and Acceleration of Smart Grid Standards. Tom Nelson National Institute of Standards and Technology 8 December, 2010

NIST Coordination and Acceleration of Smart Grid Standards. Tom Nelson National Institute of Standards and Technology 8 December, 2010 NIST Coordination and Acceleration of Smart Grid Standards Tom Nelson National Institute of Standards and Technology 8 December, 2010 The Electric Grid One of the largest, most complex infrastructures

More information

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, 2015. Electric Grid Operations

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, 2015. Electric Grid Operations San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, 2015 Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission

More information

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014 Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014 Victoria Yan Pillitteri Advisor for Information Systems Security

More information

Dealer Member Cyber-security

Dealer Member Cyber-security Administrative Notice General Please distribute internally to: Legal and Compliance Senior Management Contact: Wendy Rudd Senior Vice President, Member Regulation and Strategic Initiatives 416 646-7216

More information

BRIDGING BARRIERS: LEGAL AND TECHNICAL OF CYBERCRIME CASES

BRIDGING BARRIERS: LEGAL AND TECHNICAL OF CYBERCRIME CASES Organizer: BRIDGING BARRIERS: LEGAL AND TECHNICAL OF CYBERCRIME CASES Session 6 : Securing Your Fortress Best practices, standards, techniques and technologies secure your organization from cyber criminals.

More information

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch Building Blocks of a Cyber Resilience Program Monika Josi monika.josi@safis.ch About me Chief Security Advisor for Microsoft Europe, Middle East and Africa providing support to Governments and CIIP until

More information

Before the Department of Energy Washington, D.C. 20585. Smart Grid RFI: Addressing Policy and Logistical Challenges

Before the Department of Energy Washington, D.C. 20585. Smart Grid RFI: Addressing Policy and Logistical Challenges Before the Department of Energy Washington, D.C. 20585 In the Matter of Addressing Policy and Logistical Challenges to Smart Grid Implementation I. Introduction Smart Grid RFI: Addressing Policy and Logistical

More information

Barriers to Grid Modernization

Barriers to Grid Modernization Barriers to Grid Modernization Breakout Session B: Should Grid Operations be Changed? Joe Miller Sr. Vice President - Horizon Energy Group Member NETL Modern Grid Team jmiller@horizonenergygroup.com Characteristics

More information

Transition from NERC CIP Version 3 to Version 5. Joe Bucciero Sr. Manager of Consulting April 8, 2014

Transition from NERC CIP Version 3 to Version 5. Joe Bucciero Sr. Manager of Consulting April 8, 2014 Transition from NERC CIP Version 3 to Version 5 Joe Bucciero Sr. Manager of Consulting jbucciero@corprisk.net April 8, 2014 Agenda NERC CIP Background Effective Dates for V5 Standards Transition to V5

More information

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper Best Practices in ICS Security for Device Manufacturers A Wurldtech White Paper No part of this document may be distributed, reproduced or posted without the express written permission of Wurldtech Security

More information

White Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid

White Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid White Paper Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid Contents Executive Summary... 3 Integration of IT and OT... 4 Smarter Grid using Integrated

More information

Keeping the Lights On: Security Priorities for the 21 st Century. Harvard Energy Policy Group June 13, 2014 Tamara Linde Vice President Regulatory

Keeping the Lights On: Security Priorities for the 21 st Century. Harvard Energy Policy Group June 13, 2014 Tamara Linde Vice President Regulatory Keeping the Lights On: Security Priorities for the 21 st Century Harvard Energy Policy Group June 13, 2014 Tamara Linde Vice President Regulatory The PSEG Companies PSEG Fast Facts Assets: $32.5 billion

More information

Preparing for Distributed Energy Resources

Preparing for Distributed Energy Resources Preparing for Distributed Energy Resources Executive summary Many utilities are turning to Smart Grid solutions such as distributed energy resources (DERs) small-scale renewable energy sources and energy

More information

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage. Executive Summary Statement of Nadya Bartol Vice President, Industry Affairs and Cybersecurity Strategist Utilities Telecom Council Before the Subcommittee on Oversight and Subcommittee on Energy Committee

More information

Job Descriptions. Job Title Reports To Job Description TRANSMISSION SERVICES Manager, Transmission Services. VP Compliance & Standards

Job Descriptions. Job Title Reports To Job Description TRANSMISSION SERVICES Manager, Transmission Services. VP Compliance & Standards Updated July 11, 2013 Job Descriptions Job Title Reports To Job Description TRANSMISSION SERVICES VP Compliance & Standards Develops strategy and business plans for efficient, safe, reliable, regulatorycompliant

More information

When Should the NERC CIP be Applied to Smart Grid Projects?

When Should the NERC CIP be Applied to Smart Grid Projects? When Should the NERC CIP be Applied to Smart Grid Projects? Tobias Whitney The Structure Group tobias.whitney@thestructuregroup.com 314 422 7050 Introductions The Structure Group The Structure Group is

More information

Dr. Jignesh Solanki Research Assistant Professor, Lane Department of Computer science and Electrical Engineering West Virginia University

Dr. Jignesh Solanki Research Assistant Professor, Lane Department of Computer science and Electrical Engineering West Virginia University Dr. Jignesh Solanki Research Assistant Professor, Lane Department of Computer science and Electrical Engineering West Virginia University October 0, 20 Smart Grid Perspective Research Problem(s) Research

More information

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to

More information

Renewable and Alternative Energy Outlook

Renewable and Alternative Energy Outlook Renewable and Alternative Energy Outlook Mary Doswell Senior Vice President Alternative Energy Solutions Governor s Conference on Energy October 13, 2010 Dominion: One of America s Leading Energy Companies

More information

Designing Compliant and Sustainable Security Programs 1 Introduction

Designing Compliant and Sustainable Security Programs 1 Introduction Designing Compliant and Sustainable Security Programs 1 Introduction The subject of this White Paper addresses several methods that have been successfully employed by DYONYX to efficiently design, and

More information

NIST Cybersecurity Framework Overview

NIST Cybersecurity Framework Overview NIST Cybersecurity Framework Overview Executive Order 13636 Improving Critical Infrastructure Cybersecurity 2nd ENISA International Conference on Cyber Crisis Cooperation and Exercises Executive Order

More information

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5 Alberta Reliability Stard Final Proposed Draft Version 2.0 September 9, 2014 A. Introduction 1. Title: 2. Number: 3. Purpose: To manage physical access to BES cyber systems by specifying a physical security

More information

Verve Security Center

Verve Security Center Verve Security Center Product Features Supports multiple control systems. Most competing products only support a single vendor, forcing the end user to purchase multiple security systems Single solution

More information

National Institute of Standards and Technology Smart Grid Cybersecurity

National Institute of Standards and Technology Smart Grid Cybersecurity National Institute of Standards and Technology Smart Grid Cybersecurity Vicky Yan Pillitteri Advisor for Information Systems Security SGIP SGCC Chair Victoria.yan@nist.gov 1 The National Institute of Standards

More information

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5 A. Introduction 1. Title: 2. Number: 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES cyber systems against

More information

NERC Cyber Security Standards

NERC Cyber Security Standards SANS January, 2008 Stan Johnson Manager of Situation Awareness and Infrastructure Security Stan.johnson@NERC.net 609-452-8060 Agenda History and Status of Applicable Entities Definitions High Level of

More information

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR 29 2013 Sempra Energy s gas and electric utilities collaborate with industry leaders and a wide range of

More information

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015. Electric Grid Operations

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015. Electric Grid Operations San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, 2015 Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission

More information

An Oracle White Paper May 2009. Smart Grid Basics. Turning Information into Power

An Oracle White Paper May 2009. Smart Grid Basics. Turning Information into Power An Oracle White Paper May 2009 Smart Grid Basics Turning Information into Power Introduction The Smart Grid is a vision of a better electricity delivery infrastructure. Smart Grid implementations dramatically

More information

Agenda: Secure Power Systems Specialist. Challenges Project description Outcomes & findings. Phase I briefing, August 27, 2012

Agenda: Secure Power Systems Specialist. Challenges Project description Outcomes & findings. Phase I briefing, August 27, 2012 Secure Power Systems Specialist Phase I briefing, August 27, 2012 By Lori Ross O Neil, PNNL and Michael Assante, NBISE Agenda: Challenges Project description Outcomes & findings 1 Challenge facing the

More information

Hacking and Hardware: Understanding the Threats, Compliance Obligations, and Cybersecurity Solutions for Utilities

Hacking and Hardware: Understanding the Threats, Compliance Obligations, and Cybersecurity Solutions for Utilities WEBINAR Hacking and Hardware: Understanding the Threats, Compliance Obligations, and Cybersecurity Solutions for Utilities May 2, 2013 12:00-1:30 p.m. Eastern Time Online is authorized by IACET to offer

More information

Cyber Security Presentation. Ontario Energy Board Smart Grid Advisory Committee. Doug Westlund CEO, N-Dimension Solutions Inc.

Cyber Security Presentation. Ontario Energy Board Smart Grid Advisory Committee. Doug Westlund CEO, N-Dimension Solutions Inc. Cyber Security Presentation Ontario Energy Board Smart Grid Advisory Committee Doug Westlund CEO, N-Dimension Solutions Inc. October 1, 2013 Cyber Security Protection for Critical Infrastructure Assets

More information

Securing the Grid. Marianne Swanson, NIST Also Moderator Akhlesh Kaushiva (AK), DOE Lisa Kaiser, DHS Leonard Chamberlin, FERC Brian Harrell, NERC

Securing the Grid. Marianne Swanson, NIST Also Moderator Akhlesh Kaushiva (AK), DOE Lisa Kaiser, DHS Leonard Chamberlin, FERC Brian Harrell, NERC 1 Securing the Grid Marianne Swanson, NIST Also Moderator Akhlesh Kaushiva (AK), DOE Lisa Kaiser, DHS Leonard Chamberlin, FERC Brian Harrell, NERC February 27, 2012 NIST and the SGIP 2.0 Cybersecurity

More information

Lessons from Defending Cyberspace

Lessons from Defending Cyberspace Lessons from Defending Cyberspace The Challenge of Addressing National Cyber Risk Andy Purdy Workshop on Cyber Security Center for American Studies, Christopher Newport College 10 28-2009 Cyber Threat

More information

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015

Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 Cybersecurity Audit Why are we still Vulnerable? November 30, 2015 John R. Robles, CISA, CISM, CRISC www.johnrrobles.com jrobles@coqui.net 787-647-3961 John R. Robles- 787-647-3961 1 9/11-2001 The event

More information

U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO

U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW November 12, 2012 NASEO ISER Response: from site focused to system focused Emergency Preparedness, Response, and Restoration Analysis and

More information

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity;

NGA Paper. Act and Adjust: A Call to Action for Governors. for cybersecurity; NGA Paper Act and Adjust: A Call to Action for Governors for Cybersecurity challenges facing the nation. Although implementing policies and practices that will make state systems and data more secure will

More information

The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85

The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85 The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85 percent of the state s electric load and 75 percent of the

More information

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions. Electric Grid Operations

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions. Electric Grid Operations San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions Electric Grid Operations Director Electric Grid Operations: Responsible for overall transmission system operations

More information

As anyone who follows this industry

As anyone who follows this industry Reprinted with permission from the September 2006 issue Integrating Wind Generation Into Utility Systems The electric power industry has taken notice of the expansion of wind and its potential. BY CHARLIE

More information

Implementing Executive Order and Presidential Policy Directive 21

Implementing Executive Order and Presidential Policy Directive 21 Implementing Executive Order 13636 and Presidential Policy Directive 21 2013 2014 Winter Energy Conference November 1, 2013 Bob Kolasky Director, EO-PPD Integrated Task Force Announcement of the EO and

More information

Plans for CIP Compliance

Plans for CIP Compliance Testing Procedures & Recovery Plans for CIP Compliance DECEMBER 16, 2009 Developed with: Presenters Bart Thielbar, CISA Senior Research hanalyst Sierra Energy Group, a Division of Energy Central Primer

More information

CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments

CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:

More information

Protect Your Assets. Cyber Security Engineering. Control Systems. Power Plants. Hurst Technologies

Protect Your Assets. Cyber Security Engineering. Control Systems. Power Plants. Hurst Technologies Protect Your Assets Cyber Security Engineering Control Systems. Power Plants. Hurst Technologies Cyber Security The hackers are out there and the cyber security threats to your power plant are real. That

More information

Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure

Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure Presentation to the U.S. Department of Energy by the IEEE Joint Task Force on QER Trends: Resilience

More information

Top 10 Compliance Issues for Implementing Security Programs

Top 10 Compliance Issues for Implementing Security Programs www.dyonyx.com Top 10 Compliance Issues for Implementing Security Programs This White Paper articulates the top ten issues that we have encountered in the design and implementation of comprehensive Security

More information

INFORMATION SECURITY STRATEGIC PLAN

INFORMATION SECURITY STRATEGIC PLAN INFORMATION SECURITY STRATEGIC PLAN UNIVERSITY OF CONNECTICUT INFORMATION SECURITY OFFICE 4/20/10 University of Connecticut / Jason Pufahl, CISSP, CISM 1 1 MISSION STATEMENT The mission of the Information

More information

Chair Mays, Co-Vice Chair Fox, Co-Vice Chair Whitfield and Members of the Committee:

Chair Mays, Co-Vice Chair Fox, Co-Vice Chair Whitfield and Members of the Committee: National Association of Regulatory Utility Commissioners (NARUC) Winter Committee Meeting SGIP Report to Committee on Critical Infrastructure Sunday, February 9, 2014 Chair Mays, Co-Vice Chair Fox, Co-Vice

More information

AEP, GE ENERGY WILL PURSUE DEVELOPMENT, INTEGRATION, DEPLOYMENT OF ENHANCED ENERGY DELIVERY, ADVANCED METERING TECHNOLOGIES

AEP, GE ENERGY WILL PURSUE DEVELOPMENT, INTEGRATION, DEPLOYMENT OF ENHANCED ENERGY DELIVERY, ADVANCED METERING TECHNOLOGIES MEDIA CONTACT: ANALYSTS CONTACT: Pat D. Hemlepp Julie Sloat Director, Corporate Media Relations Vice President, Investor Relations 614/716-1620 & Strategic Initiatives 614/716-2885 FOR IMMEDIATE RELEASE

More information

146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION

146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Cheryl A. LaFleur, Acting Chairman; Philip D. Moeller, John R. Norris, and Tony Clark. Reliability Standards

More information

ISACA North Dallas Chapter

ISACA North Dallas Chapter ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis

More information

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1 A. Introduction 1. Title: 2. Number: 3. Purpose: To prevent and detect unauthorized changes to BES cyber systems by specifying configuration change management and vulnerability assessment requirements

More information

Smart Grid and Privacy An International View

Smart Grid and Privacy An International View Smart Grid and Privacy An International View 27 November 2013 By: Nader Farah President ESTA International One US Consumer s Reaction in Texas! 2 Source: SmartGridNews.com July 20, 2012 ESTA International

More information

The SMART Grid Challenges and Directions

The SMART Grid Challenges and Directions Photos placed in horizontal position with even amount of white space between photos and header The SMART Grid Challenges and Directions Mike Hightower Distinguished Member of the Technical Staff August

More information

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors

FFIEC Cybersecurity Assessment Tool Overview for Chief Executive Officers and Boards of Directors Overview for Chief Executive Officers and Boards of Directors In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed

More information

AURORA Vulnerability Background

AURORA Vulnerability Background AURORA Vulnerability Background Southern California Edison (SCE) September 2011-1- Outline What is AURORA? Your Responsibility as a Customer Sectors Impacted by AURORA Review of Regulatory Agencies History

More information

future data and infrastructure

future data and infrastructure White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal

More information

Development of a Conceptual Reference Model for Micro Energy Grid

Development of a Conceptual Reference Model for Micro Energy Grid Development of a Conceptual Reference Model for Micro Energy Grid 1 Taein Hwang, 2 Shinyuk Kang, 3 Ilwoo Lee 1, First Author, Corresponding author Electronics and Telecommunications Research Institute,

More information