Critical Infrastructure Protection 101

Similar documents
CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Summary of CIP Version 5 Standards

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

When this standard has received ballot approval, the text boxes will be moved to the Guidelines and Technical Basis section of the Standard.

Cyber Security Compliance (NERC CIP V5)

CIP Cyber Security Electronic Security Perimeter(s)

Cyber Security Standards Update: Version 5 with Revisions

Alberta Reliability Standard Cyber Security Security Management Controls CIP-003-AB-5

NB Appendix CIP NB-1 - Cyber Security Personnel & Training

CIP Cyber Security Security Management Controls

Alberta Reliability Standard Cyber Security Physical Security of BES Cyber Systems CIP-006-AB-5

KEY CONSIDERATIONS FOR MIGRATING TO THE VERSION 5 NERC CIP CYBER SECURITY STANDARDS

Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5

ReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE

Cyber Security Standards Update: Version 5

NERC Cyber Security Standards

Alberta Reliability Standard Cyber Security Configuration Change Management and Vulnerability Assessments CIP-010-AB-1

Notable Changes to NERC Reliability Standard CIP-005-5

Redesigning automation network security

NERC CIP Tools and Techniques

Notable Changes to NERC Reliability Standard CIP-010-3

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

E-Commerce Security Perimeter (ESP) Identification and Access Control Process

Alberta Reliability Standard Cyber Security Personnel & Training CIP-004-AB-5.1

Lessons Learned CIP Reliability Standards

Cyber Security Standards: Version 5 Revisions. Security Reliability Program 2015

NERC CIP VERSION 5 COMPLIANCE

Entity Name ( Acronym) NCRnnnnn Risk Assessment Questionnaire

CIP v5/v6 Implementation Plan CIP v5 Workshop. Tony Purgar October 2-3, 2014

152 FERC 61,054 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. 18 CFR Part 40. [Docket No. RM ]

EnergySec Partnered Webinar with MetricStream Transitioning to NERC CIP Version 5: What Does it Mean for Electric Utilities JANUARY 28, 2015

Reclamation Manual Directives and Standards

3. Purpose: To improve the reliability of the Bulk Electric System by requiring the reporting of events by Responsible Entities.

IRA Risk Factors Update for CIP. Ben Christensen Senior Compliance Risk Analyst, Cyber Security October 14, 2015

Midwest Reliability Organization Procedure For NERC PRC-012

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Reclamation Manual Directives and Standards

CIP R2 BES Assets Containing Low Impact BCS. Lisa Wood, CISA, CBRA, CBRM Compliance Auditor Cyber Security

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework

Safety Share Who is Cleco? CIP-005-3, R5 How What

Standard CIP 007 3a Cyber Security Systems Security Management

Meeting NERC CIP Access Control Standards. Presented on February 12, 2014

TRIPWIRE NERC SOLUTION SUITE

North American Electric Reliability Corporation (NERC) Cyber Security Standard

NERC CIP Compliance. Dave Powell Plant Engineering and Environmental Performance. Presentation to 2009 BRO Forum

Implementation Plan for Version 5 CIP Cyber Security Standards

CIP R1 & R2: Configuration Change Management

Voluntary Cybersecurity Initiatives in Critical Infrastructure. Nadya Bartol, CISSP, SGEIT, 2014 Utilities Telecom Council

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

SecFlow Security Appliance Review

GE Intelligent Platforms. Meeting NERC Change Control Requirements for HMI/SCADA and Control Systems

NERC CIP Compliance with Security Professional Services

TOP 10 CHALLENGES. With suggested solutions

The first step in protecting Critical Cyber Assets is identifying them. CIP-002 focuses on this identification process.

Information Shield Solution Matrix for CIP Security Standards

NovaTech NERC CIP Compliance Document and Product Description Updated June 2015

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

NERC CIP Compliance 10/11/2011

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

SYMMETRY WHITE PAPER. Support for Critical Infrastructure Protection (CIP) Cyber Security Standards. Adam Shane

Continuous Compliance for Energy and Nuclear Facility Cyber Security Regulations

LogRhythm and NERC CIP Compliance

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

Guide to Developing a Cyber Security and Risk Mitigation Plan

A Risk-based Approach to Determining Electronic Security Perimeters and Critical Cyber Assets

NERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Open Enterprise Architectures for a Substation Password Management System

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

WHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE

Federal Energy Regulatory Commission. Small Entity Compliance Guide Mandatory Reliability Standards (Order No. 693)

Alberta Reliability Standard Cyber Security Implementation Plan for Version 5 CIP Security Standards CIP-PLAN-AB-1

Compliance Open Webinar. Thursday, August 20th, 2015

Automating NERC CIP Compliance for EMS. Walter Sikora 2010 EMS Users Conference

Standard CIP 004 3a Cyber Security Personnel and Training

Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard

The North American Electric Reliability Corporation ( NERC ) hereby submits

Keshav Sarin CIP Enforcement Analyst. BURP (Best User Reporting Practices) February 11, 2011 Marina del Rey, California

CG Automation Solutions USA

CIP Electronic Security Perimeter (ESP) - Dan Mishra FRCC Compliance Workshop May 09-13, 2011

Plans for CIP Compliance

Secure Substation Automation for Operations & Maintenance

April 28, Dear Mr. Chairman:

AURORA Vulnerability Background

121 FERC 61,143 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION

future data and infrastructure

PRC Review & Update. Phil O Donnell, WECC Manager Operations & Planning Audits

ABB Power Generation Cyber Security Users Group

Standard CIP Cyber Security Systems Security Management

ISACA North Dallas Chapter

Eric Weston Compliance Auditor Cyber Security. John Graminski Compliance Auditor Cyber Security

NERC Alert System Overview

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Cyber Security and Privacy - Program 183

Practical Considerations for Security

Utility Telecom Forum. Robert Sill, CEO & President Aegis Technologies February 4, 2008

Welcome to the CIP Workshop!


Transcription:

C L AR I T Y AS S U R AN C E R E S U LT S M I D W E S T R E LIAB I L I T Y ORGAN I Z AT I ON Critical Infrastructure Protection 101 An Introduction to CIP Version 5 Richard Burt MRO Principal Risk Assessment and Mitigation Engineer MRO CIP Version 5 Workshop February 11 and 17, 2015 Improving RELIABILITY and mitigating RISKS to the Bulk Power System

Introduction Purpose and history of the NERC Critical Infrastructure Protection (CIP) Standards Applicability of CIP Version 5 (V5) Key definitions Useful CIP V5 materials 2

Purpose of the NERC CIP Standards Address the security of cyber assets essential to the reliable operation of the bulk power system NERC CIP is the only set of mandatory cybersecurity standards in place across the critical infrastructures (water, gas, etc.) of the United States 3

History of the CIP Standards UA1200 (2003) CIP V1 (2008) CIP V2 (2009) CIP V3 (2010) CIP V4 (2012) High-level Prior to mandatory compliance First enforceable cybersecurity standards for the bulk power system, use of RBAM (Risk-Based Assessment Methodology) to determine Critical Assets Minor changes to CIP V1 - Annual review of additional processes, removed ability to accept risk in lieu of requirements, etc. Minor changes to CIP V2 escort of visitors, etc. Use of a Bright-Line Criteria (BLC) instead of RBAM Never became enforceable, due to timing of CIP V5 CIP V5+ (2013) Impact Rating Criteria (IRC) instead of BLC or RBAM, changes in technical requirements, concept of Cyber Systems instead of Critical Cyber Assets dfkjflkdskkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk (CCAs) 4 kkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkkk

History of the CIP Standards CIP Version 5 CIP V5 increased the number of CIP Standards from eight (CIP-002 through CIP-009) to ten (CIP-002 through CIP- 011) CIP-002-5 through CIP-009-5 CIP-010-1 CIP-011-1 5

History of the CIP Standards CIP Version 5 When FERC approved CIP V5, it directed NERC to make changes So.CIP V5 will be the following Standards CIP-002-5.1 CIP-003-7 CIP-004-7 CIP-005-5 CIP-006-5 CIP-007-7 CIP-008-5 CIP-009-6 CIP-010-3 CIP-011-3 6

Applicability of CIP V5 Like the rest of the NERC Standards, start with the definition of Bulk Electric System (BES) In general, the BES includes: Transmission elements connected at 100kV or higher Generation unit greater than 20MVA Generation facility greater than 75 MVA Blackstart Resources For more information, see NERC s BES Definition page www.nerc.com ->Initiatives -> BES Definition http://www.nerc.com/pa/rapa/pages/bes.aspx 7

BES Definition Resources 8

BES Definition Resources 9

Applicability of CIP V5 See MRO CIP Subject Matter Expert (SME) Team CIP-002-5.1 Standard Application Guide (SAG) https://www.midwestreliability.org/mrodocu ments/cip-002-5.1%20standard%20application%20guide.p df 10

Applicability of CIP V5 Registration Functional Registration First BA (Balancing Authority) GO (Generator Owner) GOP (Generator Operator) IA (Interchange Authority) TO (Transmission Owner) TOP (Transmission Operator) RC (Reliability Coordinator) 11

Applicability of CIP V5 Registration Functional Registration First (continued) DP (Distribution Provider) with any of the following Underfrequency Load Shedding (UFLS) or Undervoltage Load Shedding (UVLS) that Is part of a load shedding program, subject to NERC Standards; AND Performs automatic load shedding under a common control system, without human operator initiation, of 300 MW or more Special Protection Systems (SPS)/Remedial Action Scheme (RAS) subject to NERC Standards Transmission Protection System subject to NERC Standards Cranking Path 12

UFLS/UVLS CIP V5 Applicability Each UFLS or UVLS System that Is part of a load shedding program that is subject to NERC Standards; AND Performs automatic load shedding under a common control system owned by the entity, without human operator initiation, of 300 MW or more In other words, the standards are meant to apply security controls to prevent an attacker from compromising a single cyber asset/system and shedding 300MW or more 13

UFLS/UVLS Applicability Example Entity has 400MW of UFLS 20 relays on separate feeders, with 20MW of load each Each relay typically senses the local frequency and makes the determination to trip, independent of the other relays In this case, the most load that can be shed under a common control system is 20MW None of the UFLS relays in this example would be subject to CIP V5 14

Applicability of CIP V5 If you are not a TO, TOP, GO, GOP, BA, RC, IA, or a DP with one of these types of systems, then CIP V5 does NOT apply No need to go any further with determination of which Facilities are impacted CIP V5 does not apply, not even Low Impact For everyone else, the focus is on the Impact Rating Criteria (Attachment 1 of CIP-002-5) 15

Impact Rating Criteria Attachment 1 is used to categorize all BES Cyber Systems as low, medium, or high impact Only Control Centers can be high Largest impact BES Facilities are medium Everything not high or medium is low Number of applicable Requirements is related to the level of impact With increasing numbers of Requirements applicable to higher-risk configurations and systems such as those that can be accessed remotely through a routable connection such as TCP/IP Requirements for Low Impact BCS are in CIP-003 16

CIP Requirements Applicability Color-Coded by System Type Source: http://www.nerc.com/ docs/standards/dt/ta ble_of_cip_v5_applic able_systems.pdf 17

Requirements and Parts CIP V5 does not use sub-requirements Requirements point to Parts Parts are applicable to different types of BCSs Example, CIP-005 R1 Implement one or more documented processes that collectively include each of the applicable requirement parts in CIP-005-5 Table R1 18

Guidelines and Technical Basis CIP-002-5.1 is 34 pages long CIP-002-3 was 3 pages long CIP V5 Standards contain notes from the Standard Drafting Team (SDT) giving further guidance on the language of the Requirements, and why certain decisions were made in the drafting process There are some inconsistencies, which will be discussed later in this workshop When in doubt, use the language of the Requirement 19

Guidelines and Technical Basis Example: CIP-002-5 Why was 300MW chosen as the threshold of UFLS/UVLS? From Guidelines and Technical Basis section of CIP-002-5: The SDT believes that the threshold should be lower than the 1500MW generation requirement since it is specifically addressing UFLS and UVLS, which are last ditch efforts to save the BES. A review of UFLS tolerances defined in UFLS program requirements to date indicates that the historical value of 300MW represents an adequate and reasonable threshold value. 20

NERC Glossary of Terms A number of new defined terms for CIP V5 http://www.nerc.com/files/glossary_of_terms.pdf These definitions are crucial to understanding and applying the CIP V5 requirements Retirement of: Critical Asset (CA) Critical Cyber Asset (CCA) 21

CIP V5 Key Definitions Cyber Asset Cyber Asset Programmable electronic devices, including the hardware, software, and data in those devices Examples Computers Intelligent Electronic Devices (IEDs) 22

CIP V5 Key Definitions BES Cyber Asset BES Cyber Asset (BCA) A Cyber Asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, misoperation, or non-operation, adversely impact one or more Facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES Cyber Asset is included in one or more BES Cyber Systems. (A Cyber Asset is not a BES Cyber Asset if, for 30 consecutive calendar days or less, it is directly connected to a network within an ESP, a Cyber Asset within an ESP, or to a BES Cyber Asset, and it is used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes.) 23

BES Cyber Asset (BCA) Examples Microprocessor-based protective relay Data Concentrator Energy Management System (EMS) server System Operator Console 24

CIP V5 Key Definitions BES Cyber System BES Cyber System (BCS) One or more BES Cyber Assets logically grouped by a responsible entity to perform one or more reliability tasks for a functional entity Examples of BCS: All protective relays at a substation EMS Generation Control System (GCS) Windows servers in an EMS or GCS 25

A BCS is a group of BCAs Substation example: Substation has three relays Two are BCAs BCS grouping is up to you (more on that later) BCA versus BCS BCS Option 1 BCS Option 2 Not a BCA since it s not a Cyber Asset 26

CIP V5 Key Definitions Dial-Up Connectivity (DUC) Dial-up Connectivity A data communication link that is established when the communication equipment dials a phone number and negotiates a connection with the equipment on the other end of the link Just because a modem is being used, does not mean it is using DUC 27

CIP V5 Key Definitions Physical Security Perimeter Physical Security Perimeter The physical border surrounding locations in which BES Cyber Assets, BES Cyber Systems, or Electronic Access Control or Monitoring Systems reside, and for which access is controlled Examples include server rooms, substation control houses, etc 28

CIP V5 Key Definitions Electronic Security Perimeter Electronic Security Perimeter (ESP) The logical border surrounding a network to which BES Cyber Systems are connected using a routable protocol Think of an ESP as a network boundary 29

CIP V5 Key Definitions Electronic Access Point Electronic Access Point (EAP) A Cyber Asset interface on an Electronic Security Perimeter that allows routable communication between Cyber Assets outside an Electronic Security Perimeter and Cyber Assets inside an Electronic Security Perimeter Example of PSP, ESP, EAP: 30

CIP V5 Key Definitions Physical Access Control Systems Physical Access Control Systems (PACS) Cyber Assets that control, alert, or log access to the Physical Security Perimeter(s), exclusive of locally mounted hardware or devices at the Physical Security Perimeter such as motion sensors, electronic lock control mechanisms, and badge readers 31

CIP V5 Key Definitions Electronic Access Control or Monitoring Systems Electronic Access Control or Monitoring Systems (EACMS) Cyber Assets that perform electronic access control or electronic access monitoring of the Electronic Security Perimeter(s) or BES Cyber System(s) Includes Intermediate Systems 32

CIP V5 Key Definitions Protected Cyber Asset Protected Cyber Asset (PCA) One or more Cyber Assets connected using a routable protocol within or on an ESP that is not part of the highest impact BCS within the same ESP The impact rating of a PCA is equal to the highest rated BCS in the same ESP A Cyber Asset is not a PCA if, for 30 consecutive calendar days or less, it is connected either to a Cyber Asset within the ESP or to the network within the ESP, and it is used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes 33

Protected Cyber Assets High Watermark PCA PCAs are used to implement a High Watermark concept Even though they are not a BCA, they must be protected if they are in the ESP with a BCS that is not Low Impact 34

Other Definitions BES Cyber System Information CIP Exceptional Circumstance CIP Senior Manager Cyber Security Incident External Routable Connectivity Interactive Remote Access Intermediate System Reportable Cyber Security Incident 35

Useful CIP V5 Materials Already Mentioned MRO CIP SME Team CIP-002-5.1 SAG NERC BES Definition NERC Glossary of Terms Table of CIP V5 Applicable Systems Guidelines and Technical Basis section of Standards NERC CIP V5 Transition Program Page www.nerc.com ->Initiatives -> CIP V5 Transition http://www.nerc.com/pa/ci/pages/transition-program.aspx 36

NERC CIP V5 Transition Page 37

NERC CIP V5 Transition Page 38

Questions? 39

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information