Critical Infrastructure Protection 101
|
|
- Tiffany Taylor
- 7 years ago
- Views:
Transcription
1 C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Critical Infrastructure Protection 101 An Introduction to CIP Version 5 Richard Burt MRO Principal Risk Assessment and Mitigation Engineer MRO CIP Version 5 Workshop February 11 and 17, 2015 Improving RELIABILITY and mitigating RISKS to the Bulk Power System
2 Introduction Purpose and history of the NERC Critical Infrastructure Protection (CIP) Standards Applicability of CIP Version 5 (V5) Key definitions Useful CIP V5 materials 2
3 Purpose of the NERC CIP Standards Address the security of cyber assets essential to the reliable operation of the bulk power system NERC CIP is the only set of mandatory cybersecurity standards in place across the critical infrastructures (water, gas, etc.) of the United States 3
4 History of the CIP Standards UA1200 (2003) CIP V1 (2008) CIP V2 (2009) CIP V3 (2010) CIP V4 (2012) High-level Prior to mandatory compliance First enforceable cybersecurity standards for the bulk power system, use of RBAM (Risk-Based Assessment Methodology) to determine Critical Assets Minor changes to CIP V1 - Annual review of additional processes, removed ability to accept risk in lieu of requirements, etc. Minor changes to CIP V2 escort of visitors, etc. Use of a Bright-Line Criteria (BLC) instead of RBAM Never became enforceable, due to timing of CIP V5 CIP V5+ (2013) Impact Rating Criteria (IRC) instead of BLC or RBAM, changes in technical requirements, concept of Cyber Systems instead of Critical Cyber Assets dfkjflkdskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk (CCAs) 4 kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk
5 History of the CIP Standards CIP Version 5 CIP V5 increased the number of CIP Standards from eight (CIP-002 through CIP-009) to ten (CIP-002 through CIP- 011) CIP through CIP CIP CIP
6 History of the CIP Standards CIP Version 5 When FERC approved CIP V5, it directed NERC to make changes So.CIP V5 will be the following Standards CIP CIP CIP CIP CIP CIP CIP CIP CIP CIP
7 Applicability of CIP V5 Like the rest of the NERC Standards, start with the definition of Bulk Electric System (BES) In general, the BES includes: Transmission elements connected at 100kV or higher Generation unit greater than 20MVA Generation facility greater than 75 MVA Blackstart Resources For more information, see NERC s BES Definition page ->Initiatives -> BES Definition 7
8 BES Definition Resources 8
9 BES Definition Resources 9
10 Applicability of CIP V5 See MRO CIP Subject Matter Expert (SME) Team CIP Standard Application Guide (SAG) ments/cip %20standard%20application%20guide.p df 10
11 Applicability of CIP V5 Registration Functional Registration First BA (Balancing Authority) GO (Generator Owner) GOP (Generator Operator) IA (Interchange Authority) TO (Transmission Owner) TOP (Transmission Operator) RC (Reliability Coordinator) 11
12 Applicability of CIP V5 Registration Functional Registration First (continued) DP (Distribution Provider) with any of the following Underfrequency Load Shedding (UFLS) or Undervoltage Load Shedding (UVLS) that Is part of a load shedding program, subject to NERC Standards; AND Performs automatic load shedding under a common control system, without human operator initiation, of 300 MW or more Special Protection Systems (SPS)/Remedial Action Scheme (RAS) subject to NERC Standards Transmission Protection System subject to NERC Standards Cranking Path 12
13 UFLS/UVLS CIP V5 Applicability Each UFLS or UVLS System that Is part of a load shedding program that is subject to NERC Standards; AND Performs automatic load shedding under a common control system owned by the entity, without human operator initiation, of 300 MW or more In other words, the standards are meant to apply security controls to prevent an attacker from compromising a single cyber asset/system and shedding 300MW or more 13
14 UFLS/UVLS Applicability Example Entity has 400MW of UFLS 20 relays on separate feeders, with 20MW of load each Each relay typically senses the local frequency and makes the determination to trip, independent of the other relays In this case, the most load that can be shed under a common control system is 20MW None of the UFLS relays in this example would be subject to CIP V5 14
15 Applicability of CIP V5 If you are not a TO, TOP, GO, GOP, BA, RC, IA, or a DP with one of these types of systems, then CIP V5 does NOT apply No need to go any further with determination of which Facilities are impacted CIP V5 does not apply, not even Low Impact For everyone else, the focus is on the Impact Rating Criteria (Attachment 1 of CIP-002-5) 15
16 Impact Rating Criteria Attachment 1 is used to categorize all BES Cyber Systems as low, medium, or high impact Only Control Centers can be high Largest impact BES Facilities are medium Everything not high or medium is low Number of applicable Requirements is related to the level of impact With increasing numbers of Requirements applicable to higher-risk configurations and systems such as those that can be accessed remotely through a routable connection such as TCP/IP Requirements for Low Impact BCS are in CIP
17 CIP Requirements Applicability Color-Coded by System Type Source: docs/standards/dt/ta ble_of_cip_v5_applic able_systems.pdf 17
18 Requirements and Parts CIP V5 does not use sub-requirements Requirements point to Parts Parts are applicable to different types of BCSs Example, CIP-005 R1 Implement one or more documented processes that collectively include each of the applicable requirement parts in CIP Table R1 18
19 Guidelines and Technical Basis CIP is 34 pages long CIP was 3 pages long CIP V5 Standards contain notes from the Standard Drafting Team (SDT) giving further guidance on the language of the Requirements, and why certain decisions were made in the drafting process There are some inconsistencies, which will be discussed later in this workshop When in doubt, use the language of the Requirement 19
20 Guidelines and Technical Basis Example: CIP Why was 300MW chosen as the threshold of UFLS/UVLS? From Guidelines and Technical Basis section of CIP-002-5: The SDT believes that the threshold should be lower than the 1500MW generation requirement since it is specifically addressing UFLS and UVLS, which are last ditch efforts to save the BES. A review of UFLS tolerances defined in UFLS program requirements to date indicates that the historical value of 300MW represents an adequate and reasonable threshold value. 20
21 NERC Glossary of Terms A number of new defined terms for CIP V5 These definitions are crucial to understanding and applying the CIP V5 requirements Retirement of: Critical Asset (CA) Critical Cyber Asset (CCA) 21
22 CIP V5 Key Definitions Cyber Asset Cyber Asset Programmable electronic devices, including the hardware, software, and data in those devices Examples Computers Intelligent Electronic Devices (IEDs) 22
23 CIP V5 Key Definitions BES Cyber Asset BES Cyber Asset (BCA) A Cyber Asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, misoperation, or non-operation, adversely impact one or more Facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES Cyber Asset is included in one or more BES Cyber Systems. (A Cyber Asset is not a BES Cyber Asset if, for 30 consecutive calendar days or less, it is directly connected to a network within an ESP, a Cyber Asset within an ESP, or to a BES Cyber Asset, and it is used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes.) 23
24 BES Cyber Asset (BCA) Examples Microprocessor-based protective relay Data Concentrator Energy Management System (EMS) server System Operator Console 24
25 CIP V5 Key Definitions BES Cyber System BES Cyber System (BCS) One or more BES Cyber Assets logically grouped by a responsible entity to perform one or more reliability tasks for a functional entity Examples of BCS: All protective relays at a substation EMS Generation Control System (GCS) Windows servers in an EMS or GCS 25
26 A BCS is a group of BCAs Substation example: Substation has three relays Two are BCAs BCS grouping is up to you (more on that later) BCA versus BCS BCS Option 1 BCS Option 2 Not a BCA since it s not a Cyber Asset 26
27 CIP V5 Key Definitions Dial-Up Connectivity (DUC) Dial-up Connectivity A data communication link that is established when the communication equipment dials a phone number and negotiates a connection with the equipment on the other end of the link Just because a modem is being used, does not mean it is using DUC 27
28 CIP V5 Key Definitions Physical Security Perimeter Physical Security Perimeter The physical border surrounding locations in which BES Cyber Assets, BES Cyber Systems, or Electronic Access Control or Monitoring Systems reside, and for which access is controlled Examples include server rooms, substation control houses, etc 28
29 CIP V5 Key Definitions Electronic Security Perimeter Electronic Security Perimeter (ESP) The logical border surrounding a network to which BES Cyber Systems are connected using a routable protocol Think of an ESP as a network boundary 29
30 CIP V5 Key Definitions Electronic Access Point Electronic Access Point (EAP) A Cyber Asset interface on an Electronic Security Perimeter that allows routable communication between Cyber Assets outside an Electronic Security Perimeter and Cyber Assets inside an Electronic Security Perimeter Example of PSP, ESP, EAP: 30
31 CIP V5 Key Definitions Physical Access Control Systems Physical Access Control Systems (PACS) Cyber Assets that control, alert, or log access to the Physical Security Perimeter(s), exclusive of locally mounted hardware or devices at the Physical Security Perimeter such as motion sensors, electronic lock control mechanisms, and badge readers 31
32 CIP V5 Key Definitions Electronic Access Control or Monitoring Systems Electronic Access Control or Monitoring Systems (EACMS) Cyber Assets that perform electronic access control or electronic access monitoring of the Electronic Security Perimeter(s) or BES Cyber System(s) Includes Intermediate Systems 32
33 CIP V5 Key Definitions Protected Cyber Asset Protected Cyber Asset (PCA) One or more Cyber Assets connected using a routable protocol within or on an ESP that is not part of the highest impact BCS within the same ESP The impact rating of a PCA is equal to the highest rated BCS in the same ESP A Cyber Asset is not a PCA if, for 30 consecutive calendar days or less, it is connected either to a Cyber Asset within the ESP or to the network within the ESP, and it is used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes 33
34 Protected Cyber Assets High Watermark PCA PCAs are used to implement a High Watermark concept Even though they are not a BCA, they must be protected if they are in the ESP with a BCS that is not Low Impact 34
35 Other Definitions BES Cyber System Information CIP Exceptional Circumstance CIP Senior Manager Cyber Security Incident External Routable Connectivity Interactive Remote Access Intermediate System Reportable Cyber Security Incident 35
36 Useful CIP V5 Materials Already Mentioned MRO CIP SME Team CIP SAG NERC BES Definition NERC Glossary of Terms Table of CIP V5 Applicable Systems Guidelines and Technical Basis section of Standards NERC CIP V5 Transition Program Page ->Initiatives -> CIP V5 Transition 36
37 NERC CIP V5 Transition Page 37
38 NERC CIP V5 Transition Page 38
39 Questions? 39
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationSummary of CIP Version 5 Standards
Summary of CIP Version 5 Standards In Version 5 of the Critical Infrastructure Protection ( CIP ) Reliability Standards ( CIP Version 5 Standards ), the existing versions of CIP-002 through CIP-009 have
More informationCIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments
CIP 010 1 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationWhen this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard.
CIP-002-5 Cyber Security BES Cyber System Categorization When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard. A.
More informationCyber Security Compliance (NERC CIP V5)
Cyber Security Compliance (NERC CIP V5) Ray Wright NovaTech, LLC Abstract: In December 2013, the Federal Energy Regulatory Commission (FERC) issued Order No. 791 which approved the Version 5 CIP Reliability
More informationCIP-005-5 Cyber Security Electronic Security Perimeter(s)
A. Introduction 1. Title: Cyber Security Electronic Security Perimeter(s) 2. Number: CIP-005-5 3. Purpose: To manage electronic access to BES Cyber Systems by specifying a controlled Electronic Security
More informationCyber Security Standards Update: Version 5 with Revisions
Cyber Security Standards Update: Version 5 with Revisions Security Reliability Program 2015 Agenda CIP Standards History Version 5 Format Impact Levels NOPR Final Rule References 2 RELIABILITY ACCOUNTABILITY
More informationAlberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5
A. Introduction 1. Title: 2. Number: 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and accountability to protect BES cyber systems against
More informationNB Appendix CIP-004-5.1-NB-1 - Cyber Security Personnel & Training
This appendix establishes modifications to the FERC approved NERC standard CIP-004-5.1 for its specific application in New Brunswick. This appendix must be read with CIP-004-5.1 to determine a full understanding
More informationCIP-003-5 Cyber Security Security Management Controls
A. Introduction 1. Title: Cyber Security Security Management Controls 2. Number: CIP-003-5 3. Purpose: To specify consistent and sustainable security management controls that establish responsibility and
More informationAlberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5
Alberta Reliability Stard Final Proposed Draft Version 2.0 September 9, 2014 A. Introduction 1. Title: 2. Number: 3. Purpose: To manage physical access to BES cyber systems by specifying a physical security
More informationKEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS
KEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS Lenny Mansell Director, Consulting Services 1 January 29, 2014 AGENDA Introduction Multiple paradigm shifts ahead How
More informationAlberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5
A. Introduction 1. Title: 2. Number: 3. Purpose: To manage system security by specifying select technical, operational, and procedural requirements in support of protecting BES cyber systems against compromise
More informationReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE
R1 Provide Risk Based Assessment Methodology (RBAM) R1.1 Provide evidence that the RBAM includes both procedures and evaluation criteria, and that the evaluation criteria are riskbased R1.2 Provide evidence
More informationCyber Security Standards Update: Version 5
Cyber Security Standards Update: Version 5 January 17, 2013 Scott Mix, CISSP CIP Technical Manager Agenda Version 5 Impact Levels Format Features 2 RELIABILITY ACCOUNTABILITY CIP Standards Version 5 CIP
More informationNERC Cyber Security Standards
SANS January, 2008 Stan Johnson Manager of Situation Awareness and Infrastructure Security Stan.johnson@NERC.net 609-452-8060 Agenda History and Status of Applicable Entities Definitions High Level of
More informationAlberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1
A. Introduction 1. Title: 2. Number: 3. Purpose: To prevent and detect unauthorized changes to BES cyber systems by specifying configuration change management and vulnerability assessment requirements
More informationNotable Changes to NERC Reliability Standard CIP-005-5
MIDWEST RELIABILITY ORGANIZATION Notable Changes to NERC Reliability Standard CIP-005-5 Electronic Security Perimeter(s) Bill Steiner MRO Principal Risk Assessment and Mitigation Engineer MRO CIP Version
More informationRedesigning automation network security
White Paper WP152006EN Redesigning automation network security Presented at Power and Energy Automation Conference (PEAC), Spokane, WA, March 2014 Jacques Benoit Eaton s Cooper Power Systems Abstract The
More informationNERC CIP Tools and Techniques
NERC CIP Tools and Techniques Supplemental Project - Introduction Webcast Scott Sternfeld, Project Manager Smart Grid Substation & Cyber Security Research Labs ssternfeld@epri.com (843) 619-0050 October
More informationNotable Changes to NERC Reliability Standard CIP-010-3
C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Notable Changes to NERC Reliability Standard CIP-010-3 Cyber Security Configuration Change Management and Vulnerability
More informationNorth American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)
Whitepaper North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5) NERC-CIP Overview The North American Electric Reliability Corporation (NERC) is a
More informationE-Commerce Security Perimeter (ESP) Identification and Access Control Process
Electronic Security Perimeter (ESP) Identification and Access Control Process 1. Introduction. A. This document outlines a multi-step process for identifying and protecting ESPs pursuant to the North American
More informationAlberta Reliability Standard Cyber Security Personnel & Training CIP-004-AB-5.1
Alberta Reliability Stard A. Introduction 1. Title: 2. Number: 3. Purpose: To minimize the risk against compromise that could lead to misoperation or instability in the bulk electric system from individuals
More informationLessons Learned CIP Reliability Standards
Evidence for a requirement was not usable due to a lack of identifying information on the document. An entity should set and enforce a "quality of evidence" standard for its compliance documentation. A
More informationCyber Security Standards: Version 5 Revisions. Security Reliability Program 2015
Cyber Security Standards: Version 5 Revisions Security Reliability Program 2015 Overview of Development Activities The Team Standard Drafting Team (SDT) appointed to address these revisions in Project
More informationNERC CIP VERSION 5 COMPLIANCE
BACKGROUND The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) Reliability Standards define a comprehensive set of requirements that are the basis for maintaining
More informationEntity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire
Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire Upcoming Audit Date: March 16, 2015 Upcoming Audit Type: O&P Audit Start of Audit Period: March 16, 2012 Date Submitted: Table of Contents
More informationCIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014
CIP v5/v6 Implementation Plan CIP v5 Workshop Tony Purgar October 2-3, 2014 Revision History CIP v5/v6 Implementation Plan Change History Date Description Initial Release July 25, 2014 Revision V0.1 August-2014
More information152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM15-14-000]
152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM15-14-000] Revised Critical Infrastructure Protection Reliability Standards (July 16, 2015) AGENCY:
More informationEnergySec Partnered Webinar with MetricStream Transitioning to NERC CIP Version 5: What Does it Mean for Electric Utilities JANUARY 28, 2015
EnergySec Partnered Webinar with MetricStream Transitioning to NERC CIP Version 5: What Does it Mean for Electric Utilities JANUARY 28, 2015 Housekeeping Items Submit questions using control panel Contact
More informationReclamation Manual Directives and Standards
Vulnerability Assessment Requirements 1. Introduction. Vulnerability assessment testing is required for all access points into an electronic security perimeter (ESP), all cyber assets within the ESP, and
More information3. Purpose: To improve the reliability of the Bulk Electric System by requiring the reporting of events by Responsible Entities.
A. Introduction 1. Title: Event Reporting 2. Number: EOP-004-2 3. Purpose: To improve the reliability of the Bulk Electric System by requiring the reporting of events by Responsible Entities. 4. Applicability:
More informationIRA Risk Factors Update for CIP. Ben Christensen Senior Compliance Risk Analyst, Cyber Security October 14, 2015
IRA Risk Factors Update for CIP Ben Christensen Senior Compliance Risk Analyst, Cyber Security October 14, 2015 2 Agenda Why the changes? What s new? Example of a Risk Factor How does this effect CIP V5?
More informationMidwest Reliability Organization Procedure For NERC PRC-012
Midwest Reliability Organization Procedure For NERC PRC-012 A. Introduction The following procedure developed by the MRO Protective Relay Subcommittee (PRS) and Transmission Assessment Subcommittee (TAS)
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationReclamation Manual Directives and Standards
Critical Cyber Asset (CCA) Identification Methodology 1. Introduction. A. The Bureau of Reclamation will employ a multi-step methodology to identify CCAs associated with its inventory of critical assets
More informationCIP-003-6 R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security
CIP-003-6 R2 BES Assets Containing Low Impact BCS Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security Slide 2 About Me Been with WECC for 5 years 1 ½ years as a Compliance Program Coordinator
More informationCompleted. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method
NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method R2 Critical Asset Identification R3 Critical Cyber Asset Identification Procedures and Evaluation
More informationHow to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework
How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework Jacques Benoit, Cooper Power Systems Inc., Energy Automations Solutions - Cybectec Robert O Reilly, Cooper
More informationSafety Share Who is Cleco? CIP-005-3, R5 How What
1 Safety Share Who is Cleco? CIP-005-3, R5 How What AGENDA 2 SAFETY SHARE 3 Statistics: General Customers: approx. 279,000 retail customers across Louisiana Non-contiguous transmission and service area
More informationStandard CIP 007 3a Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3a 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for
More informationMeeting NERC CIP Access Control Standards. Presented on February 12, 2014
Meeting NERC CIP Access Control Standards Presented on February 12, 2014 Presented By: CyberLock The leading supplier of key-centric access control systems Based in Corvallis, Oregon James T. McGowan Technology
More informationTRIPWIRE NERC SOLUTION SUITE
CONFIDENCE: SECURED SOLUTION BRIEF TRIPWIRE NERC SOLUTION SUITE TAILORED SUITE OF PRODUCTS AND SERVICES TO AUTOMATE NERC CIP COMPLIANCE u u We ve been able to stay focused on our mission of delivering
More informationNorth American Electric Reliability Corporation (NERC) Cyber Security Standard
North American Electric Reliability Corporation (NERC) Cyber Security Standard Symantec Managed Security Services Support for CIP Compliance Overviewview The North American Electric Reliability Corporation
More informationNERC CIP Compliance. Dave Powell Plant Engineering and Environmental Performance. Presentation to 2009 BRO Forum
NERC CIP Compliance Dave Powell Plant Engineering and Environmental Performance Presentation to 2009 BRO Forum August 12, 2009 1 NERC CIP 101 What is NERC CIP? CIP Terminology CIP compliance overview CIP
More informationImplementation Plan for Version 5 CIP Cyber Security Standards
Implementation Plan for Version 5 CIP Cyber Security Standards April 10September 11, 2012 Prerequisite Approvals All Version 5 CIP Cyber Security Standards and the proposed additions, modifications, and
More informationCIP-010-1 R1 & R2: Configuration Change Management
CIP-010-1 R1 & R2: Configuration Change Management June 3, 2014 Steven Keller Lead Compliance Specialist - CIP skeller.re@spp.org 501.688.1633 Outline What is CIP-010-1? How it is different from CIP-003-3
More informationVoluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org. 2014 Utilities Telecom Council
Voluntary Cybersecurity Initiatives in Critical Infrastructure Nadya Bartol, CISSP, SGEIT, nadya.bartol@utc.org 2014 Utilities Telecom Council Utility cybersecurity environment is full of collaborations
More informationCIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System
CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System Purpose CIP-005-5 R2 is focused on ensuring that the security of the Bulk Energy System is not compromised
More informationSecFlow Security Appliance Review
Solution Paper. SecFlow Security Appliance Review NERC CIP version 5 Compliance Enabler July 2014 Abstract The alarming increase in cyber attacks on critical infrastructure poses new risk management challenges
More informationGE Intelligent Platforms. Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems
GE Intelligent Platforms Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems Overview There is a lot of
More informationNERC CIP Compliance with Security Professional Services
NERC CIP Compliance with Professional Services The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is
More informationTOP 10 CHALLENGES. With suggested solutions
NERC CIP VERSION 5 TOP 10 CHALLENGES With suggested solutions 401 Congress Avenue, Suite 1540 Austin, TX 78791 Phone: 512-687- 6224 E- Mail: chumphreys@theanfieldgroup.com Web: www.theanfieldgroup.com
More informationThe first step in protecting Critical Cyber Assets is identifying them. CIP-002 focuses on this identification process.
CIPS Overview Introduction The reliability of the energy grid depends not only on physical assets, but cyber assets. The North American Electric Reliability Corporation (NERC) realized that, along with
More informationInformation Shield Solution Matrix for CIP Security Standards
Information Shield Solution Matrix for CIP Security Standards The following table illustrates how specific topic categories within ISO 27002 map to the cyber security requirements of the Mandatory Reliability
More informationNovaTech NERC CIP Compliance Document and Product Description Updated June 2015
NovaTech NERC CIP Compliance Document and Product Description Updated June 2015 This document describes the NovaTech Products for NERC CIP compliance and how they address the latest requirements of NERC
More informationGE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance
GE Oil & Gas Cyber Security for NERC CIP Versions 5 & 6 Compliance Cyber Security for NERC CIP Versions 5 & 6 Compliance 2 Contents Cyber Security for NERC CIP Compliance... 5 Sabotage Reporting... 6 Security
More informationNERC CIP Compliance 10/11/2011
NERC CIP Compliance 10/11/2011 Authored by Dan Barker, American Transmission Co. Ron Bender, Nebraska Public Power District Richard Burt, Minnkota Power Cooperative, Inc. Marc Child, Great River Energy
More informationCritical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn
Critical Infrastructure Security: The Emerging Smart Grid Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn Overview Assurance & Evaluation Security Testing Approaches
More informationNERC CIP Whitepaper How Endian Solutions Can Help With Compliance
NERC CIP Whitepaper How Endian Solutions Can Help With Compliance Introduction Critical infrastructure is the backbone of any nations fundamental economic and societal well being. Like any business, in
More informationSYMMETRY WHITE PAPER. Support for Critical Infrastructure Protection (CIP) Cyber Security Standards. Adam Shane
SYMMETRY WHITE PAPER Support for Critical Infrastructure Protection (CIP) Cyber Security Standards Adam Shane Support for Critical Infrastructure Protection (CIP) Cyber Security Standards The Symmetry
More informationContinuous Compliance for Energy and Nuclear Facility Cyber Security Regulations
Continuous Compliance for Energy and Nuclear Facility Cyber Security Regulations Leveraging Configuration and Vulnerability Analysis for Critical Assets and Infrastructure May 2015 (Revision 2) Table of
More informationLogRhythm and NERC CIP Compliance
LogRhythm and NERC CIP Compliance The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to ensure that the bulk electric system in North America is reliable, adequate
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationGuide to Developing a Cyber Security and Risk Mitigation Plan
NRECA / Cooperative Research Network Smart Grid Demonstration Project Guide to Developing a Cyber Security and Risk Mitigation Plan DOE Award No: DE-OE0000222 National Rural Electric Cooperative Association,
More informationA Risk-based Approach to Determining Electronic Security Perimeters and Critical Cyber Assets
A Risk-based Approach to Determining Electronic Security Perimeters and Critical Cyber Assets 701 5th Avenue, Suite 6850 Seattle, WA 98104 Toll free: (866) 760-0222 Office: (206) 784-4313 Fax: (206) 784-4367
More informationNERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com
NERC CIP Substation Cyber Security Update John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com It s February 19, 2009 132 project days left to compliance Do you know where (what)
More informationOpen Enterprise Architectures for a Substation Password Management System
CIGRÉ Canada 21, rue d Artois, F-75008 PARIS (154) Conference on Power Systems http : //www.cigre.org Toronto, October 4-6, 2009 Open Enterprise Architectures for a Substation Password Management System
More informationSecurity Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions
Kevin Staggs, Honeywell Process Solutions Table of Contents Introduction...3 Nerc Standards and Implications...3 How to Meet the New Requirements...4 Protecting Your System...4 Cyber Security...5 A Sample
More informationJohn M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com
NERC CIP Substation Cyber Security Update John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com It s February 19, 2009 132 project days left to compliance Do you know where (what)
More informationWHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE
CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE MAY 2011 TABLE OF CONTENTS 1.0 INTRODUCTION... 3 2.0 MODERN ELECTRIC UTILITY COMMUNICATIONS... 4 2.1 DOMAINS AND
More informationFederal Energy Regulatory Commission. Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693)
Federal Energy Regulatory Commission Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693) This Guide is prepared in accordance with the requirements of section 212 of the Small
More informationAlberta Reliability Standard Cyber Security Implementation Plan for Version 5 CIP Security Standards CIP-PLAN-AB-1
External Consultation Draft Version 1.0 December 12, 2013 1. Purpose The purpose of this reliability standard is to set the effective dates for the Version 5 CIP Cyber Security reliability standards and
More informationCompliance Open Webinar. Thursday, August 20th, 2015
Compliance Open Webinar Thursday, August 20th, 2015 2 Upcoming Events CIP Advanced Concepts September 9-10, 2015 Compliance Open Webinar September 17, 2015 WECC CIPUG/CUG October 13-15, 2015 Compliance
More informationAutomating NERC CIP Compliance for EMS. Walter Sikora 2010 EMS Users Conference
Automating NERC CIP Compliance for EMS Walter Sikora 2010 EMS Users Conference What do we fear? Thieves / Extortionists Enemies/Terrorists Stuxnet Malware Hacker 2025 Accidents / Mistakes 9/21/2010 # 2
More informationStandard CIP 004 3a Cyber Security Personnel and Training
A. Introduction 1. Title: Cyber Security Personnel & Training 2. Number: CIP-004-3a 3. Purpose: Standard CIP-004-3 requires that personnel having authorized cyber or authorized unescorted physical access
More informationTop Ten Compliance Issues for Implementing the NERC CIP Reliability Standard
Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard The North American Electric Reliability Corporation 1 s (NERC) CIP Reliability Standard is the most comprehensive and pervasive
More informationThe North American Electric Reliability Corporation ( NERC ) hereby submits
December 8, 2009 VIA ELECTRONIC FILING Kirsten Walli, Board Secretary Ontario Energy Board P.O Box 2319 2300 Yonge Street Toronto, Ontario, Canada M4P 1E4 Re: North American Electric Reliability Corporation
More informationKeshav Sarin CIP Enforcement Analyst. BURP (Best User Reporting Practices) February 11, 2011 Marina del Rey, California
Keshav Sarin CIP Enforcement Analyst BURP (Best User Reporting Practices) February 11, 2011 Marina del Rey, California Quiz How to review CIP items in the most effective manner? o Get the necessary information
More informationCG Automation Solutions USA
CG Automation Solutions USA (Formerly QEI Inc.) Automation Products and Solutions CG Automation Works for You INDUSTRY SOLUTIONS Electric T&D Utilities Renewable Energy Transit Authorities Public Power
More informationCIP-005-3 Electronic Security Perimeter (ESP) - Dan Mishra FRCC Compliance Workshop May 09-13, 2011
CIP-005-3 Electronic Security Perimeter (ESP) - Dan Mishra FRCC Compliance Workshop May 09-13, 2011 1 Purpose Specific NERC CIP-005 Requirements Underlying fundamentals of the ESP architecture Building
More informationPlans for CIP Compliance
Testing Procedures & Recovery Plans for CIP Compliance DECEMBER 16, 2009 Developed with: Presenters Bart Thielbar, CISA Senior Research hanalyst Sierra Energy Group, a Division of Energy Central Primer
More informationSecure Substation Automation for Operations & Maintenance
Secure Substation Automation for Operations & Maintenance Byron Flynn GE Energy 1. Abstract Today s Cyber Security requirements have created a need to redesign the Station Automation Architectures to provide
More informationApril 28, 2009. Dear Mr. Chairman:
April 28, 2009 The Honorable Edward J. Markey Chairman Subcommittee on Energy and Environment Committee on Energy and Commerce U.S. House of Representatives Washington, D.C. 20515 Dear Mr. Chairman: I
More informationAURORA Vulnerability Background
AURORA Vulnerability Background Southern California Edison (SCE) September 2011-1- Outline What is AURORA? Your Responsibility as a Customer Sectors Impacted by AURORA Review of Regulatory Agencies History
More information121 FERC 61,143 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION
121 FERC 61,143 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Joseph T. Kelliher, Chairman; Suedeen G. Kelly, Marc Spitzer, Philip D. Moeller, and Jon Wellinghoff.
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationPRC-005-2 Review & Update. Phil O Donnell, WECC Manager Operations & Planning Audits
PRC-005-2 Review & Update Phil O Donnell, WECC Manager Operations & Planning Audits 2 PRC-005-2 Quick Review of the Requirements The extra things you need to do Version 1 Version 2 Transition Notes System
More informationABB Power Generation Cyber Security Users Group
August 28, 2014 ABB Power Generation Cyber Security Users Group ABB Group August 28, 2014 Slide 1 Registration Peer Group Survey ABB Group August 28, 2014 Slide 2 ABB Group August 28, 2014 Slide 3 Registration
More informationStandard CIP 007 3 Cyber Security Systems Security Management
A. Introduction 1. Title: Cyber Security Systems Security Management 2. Number: CIP-007-3 3. Purpose: Standard CIP-007-3 requires Responsible Entities to define methods, processes, and procedures for securing
More informationISACA North Dallas Chapter
ISACA rth Dallas Chapter Business Continuity Planning Observations of Critical Infrastructure Environments Ron Blume, P.E. Ron.blume@dyonyx.com 214-280-8925 Focus of Discussion Business Impact Analysis
More informationEric Weston Compliance Auditor Cyber Security. John Graminski Compliance Auditor Cyber Security
Eric Weston Compliance Auditor Cyber Security John Graminski Compliance Auditor Cyber Security CIP Advanced Workshop Agenda CIP-007-6 September 9-10, 2015 Salt Lake City, UT 2 Agenda CIP-007-6 Overview
More informationNERC Alert System Overview
NERC Alert System Overview Todd Thompson, CIP Investigator todd.thompson@nerc.net Chris Lada, Situation Awareness Coordinator chris.lada@nerc.net About NERC: Mission To ensure the reliability of the North
More informationNSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense
NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense Cyber Investigations Data Management Systems Security Data Security Analysis Digital Forensics Health Care Security Industrial
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationPractical Considerations for Security
Practical Considerations for Security Steven Hodder GE Digital Energy, Multilin 1. Introduction This paper has been prepared to outline some practical security strategies for protection & control engineers
More informationUtility Telecom Forum. Robert Sill, CEO & President Aegis Technologies February 4, 2008
Utility Telecom Forum Robert Sill, CEO & President Aegis Technologies February 4, 2008 1 Agenda Asked to describe his job, Mike Selves, director of Emergency Management and Homeland Security in Johnson
More informationWelcome to the CIP Workshop!
Welcome to the CIP Workshop! Download Materials @ SPP.org ->Regional Entity ->2015 CIP Workshop: Questions or Comments? Email reworkshop@spp.org Please wait for a microphone Submit via online form on workshop
More informationNERC CIP Implementation Prepared by David Grubbs City of Garland NERC Critical Infrastructure Protection Committee (CIPC) Municipal Systems are well represented on the NERC CIPC Committee David Grubbs,
More information