Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Slides:



Advertisements
Similar presentations
NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.
Advertisements

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Reliability in British Columbia
1 WECC/AESO Membership and Coordinating Operating Agreement WECC Board of Directors Meeting December 2007 Diana Pommen Director Interjurisdictional Affairs.
2007 Goals. Introduction Western Electricity Coordinating Council (WECC) will be primarily defined throughout the 2007 year by Electric Reliability.
NERC Orientation Joint Guidance Committee WECC Leadership
Reliability Provisions of EPAct of 2005 & FERC’s Final Rule
WECC Reliability Management System
COMPLIANCE 101 Module One.
Revised Event Analysis Process Event Analysis Subcommittee (EAS) Process Update Team (EUT) Hassan Hamdar – FRCC Reliability Engineer, EAS Vice-Chair FRCC.
Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.
Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,
1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP thru CIP CIP and CIP Version 5 Filing FERC requested filing by 3/31/2013.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.
Physical Security CIP NERC Standing Committees December 9-10, 2014.
ERCOT’S COMPLIANCE ASSESSMENT PROGRAM Mark Henry Compliance Manager March 23, 2005.
The Electric Reliability Organization Mandatory Reliability Standards Gerry Cauley Vice President and Director of Standards.
Mandatory Reliability Rules Implementing the Electric Reliability Organization David W. Hilt Vice President & Director of Compliance APPA Reliability Symposium.
Critical Infrastructure Protection Update Christine Hasha CIP Compliance Lead Advisor, ERCOT TAC March 27, 2014.
Ontario Overview Dave Short Senior Regulatory Analyst, Regulatory Affairs IESO’s ERO Workshop – June 28, 2006.
GOP and QSE Relationship Jeff Whitmer Manager, Compliance Assessments Talk with Texas RE June 25, 2012.
Lisa Wood, CISA, CBRM, CBRA Compliance Auditor, Cyber Security
City of Leesburg Electric Department Internal Compliance Program (ICP)
1 Arizona Corporation Commission BTA Workshop Presenter: Steven Cobb May 23, 2008.
Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.
Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.
NERC as the ERO Craig Lawrence Manager of Organization Registration, Certification, and Compliance Monitoring.
NERC Compliance Program Overview FRCC 2007 Compliance Workshop April 4 and 11, 2007.
Texas Regional Entity Update Sam Jones Interim CEO and President Board of Directors July 18, 2006.
NERC Data Collection & Coordination. Rules of Procedure: Section 1600 Overview  NERC’s authority to issue a mandatory data request in the U.S. is contained.
Actions Affecting ERCOT Resulting From The Northeast Blackout ERCOT Board Of Directors Meeting April 20, 2004 Sam Jones, COO.
1 Texas Regional Entity 2008 Budget Update May 16, 2007.
Overview of WECC and Regulatory Structure
1. 2 NERC Bulk Electric System (BES) Definition (NERC Glossary of Terms Used in Reliability Standards) FERC Order 693 FRCC Handbook Review Task Force.
Status Report for Critical Infrastructure Protection Advisory Group
FCC Field Hearing on Energy and the Environment Monday November 30, 2009 MIT Stratton Student Center, Twenty Chimneys Peter Brandien, Vice President System.
Project (COM-001-3) Interpersonal Communications Capabilities Michael Cruz-Montes, CenterPoint Energy Senior Consultant, Policy & Compliance, SDT.
Item 5d Texas RE 2011 Budget Assumptions April 19, Texas RE Preliminary Budget Assumptions Board of Directors and Advisory Committee April 19,
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
Reliability Assurance Initiative (RAI) 101 Ben Christensen Senior Compliance Risk Analyst, Cyber Security.
The Electric Reliability Organization: Getting from here to there. Gerry Cauley Director, Standards ERO Project Manager ERO Slippery Slope NERC Today Uphill.
Date CIP Standards Update Chris Humphreys Texas RE CIP Compliance.
Standing Up The New Electric Reliability Organization Ellen P. Vancko North American Electric Reliability Council.
Employee Privacy at Risk? APPA Business & Financial Conference Austin, TX September 25, 2007 Scott Mix, CISSP Manager of Situation Awareness and Infrastructure.
Electric Reliability Organization and Issues in Texas Technical Advisory Committee January 4, 2006 Jess Totten Director, Electric Industry Oversight Division.
Reliability Standards Development Plan David Taylor Manager Standards Development Standards Committee Meeting June 12-13, 2008.
1 Compliance Update June Control Performance Highlights  NERC CPS1 Performance April Performance  April performance comparison April 2007:
The Electric Reliability Organization NERC’s Proposal for a Strong and Effective ERO FRCC System Operator Seminar Spring 2006.
WECC Regional Standards Update
ERCOT Technical Advisory Committee June 2, 2005
NERC TPL Standard Overview
NERC Cyber Security Standards Pre-Ballot Review
Understanding Existing Standards:
NERC Cyber Security Standard
The Electric Reliability Organization: Getting from here to there.
Reliability Standards Development Plan
Mandatory Reliability Standards
NERC Reliability Standards Development Plan
Larry Bugh ECAR Standard Drafting Team Chair June 1, 2005
Reliability Assurance Initiative (RAI) 101
Overview of WECC and Regulatory Structure
NERC Reliability Standards Development Plan
Standards Development Process
Presentation transcript:

Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal Energy Regulatory Commission

June The views expressed in this presentation do not represent the views of the Federal Energy Regulatory Commission or of the United States Disclaimer

Federal Energy Regulatory Commission June Increased Cyber Security Concerns Automation & Data Gathering Connectivity of Control Systems –To Corporate Computers –To Vendors Use of Wireless Communications Interest of –Nation States – the equalizer –Hackers –Criminals –To Internet –To Remote Maintenance

Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Historically – Voluntary Standards Urgent Action Standard 1200 –Voluntary –Adopted by NERC Summit 2003 –Replaced by CIP thru CIP-009-1, June 2006

Federal Energy Regulatory Commission June Enforcement of Reliability Standards Western Electricity Coordinating Council Midwest Reliability Organization Southwest Power Pool Regional Entity Texas Regional Entity Northeast Power Coordinating Council Reliability First Corp SERC Reliability Corp. Florida Reliability Coordinating Council NERC has regional delegation agreements with 8 Regional Entities

Federal Energy Regulatory Commission June 20096

Federal Energy Regulatory Commission June Standards Development Process Standard Authorization Request Drafting Team Formed Proposed Standard Developed Comments Solicited Ballot –Quorum: 75% of Ballot Pool –Approval: 2/3 of Weighted Segment Votes Re-ballot? Board of Trustees Approval FERC & Canadian Approvals (w/ Public Comments)

Federal Energy Regulatory Commission June Canada & Mexico 7 Canadian Provinces Interconnect With U.S.A. Different Laws – Information Protection NERC Works With Provinces to: –Establish Standards –Enforce Standards Mexico – Northwest Corner of Mexico

Federal Energy Regulatory Commission June Users, Owners & Operators of BPS NERC Compliance Registry Region FRCC MRO NPCC RFC SERC SPP TRE WECC TOTAL # of Registered Entities

Federal Energy Regulatory Commission June FERC Concerns With Reliability Standards Development Process Emergency & Security Issues Process is: –Public –Slow –Uncertain on Outcome

Federal Energy Regulatory Commission June Areas Addressed by CIP Standards Identification of critical assets & critical cyber assets –Generating stations –Transmission stations –Control Centers

Federal Energy Regulatory Commission June CIP Standards Continued I. Management involvement Security of sensitive information Cyber security training Personnel risk

Federal Energy Regulatory Commission June CIP Standards Continued II. Physical security of critical cyber assets Change control Access control Electronic security perimeters

Federal Energy Regulatory Commission June CIP Standards Continued III. Incident response Recovery plans

Federal Energy Regulatory Commission June Critical Assets Facilities, systems, and equipment which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System. NERC April 7, 2009 Letter to Industry –Self-certification compliance survey –Results “raise concern” about identifying Critical Assets and Critical Cyber Assets –63% of Transmission Owners had at least one Critical Asset –Only 29% of Generation Owners and Generation Operators had at least one

Federal Energy Regulatory Commission June FERC Approval of CIP Standards Order No. 706 January 18, 2008 Required many modifications –Critical Asset identification – required a wide-area oversight –Exceptions to Compliance – required oversight & approval mechanism –Reasonable Business Judgment language – required removal –Defense in Depth –Revoke Access Authorization

Federal Energy Regulatory Commission June Order No. 706 Modifications Phase I (Version 2 of CIP Standards) Low-hanging fruit Reasonable Business Judgment language removed Approved by Ballot Body & NERC BoT Filed with FERC May 22 Expect two more phases

Federal Energy Regulatory Commission June Compliance & Enforcement Regional Entities are front line Ways of monitoring –Compliance Audits –Self-Certifications –Spot Checking –Compliance Violation Investigations –Complaints Nuclear Stations – Order No B –Self-Reporting –Periodic Data Submittals –Exception Reporting

Federal Energy Regulatory Commission June Enforcement Actions Mitigation Plan Remedial Action Directive Sanctions –Monetary –Other FERC Oversight FERC Can Originate

Federal Energy Regulatory Commission June Smart Grid A smarter grid would permit two-way communication between the electric system and a much larger number of devices located outside of controlled utility environments Interoperability standards and protocols leave no gaps in cyber or physical security

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.