Presentation is loading. Please wait.

Presentation is loading. Please wait.

Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Published byMyron Blankenship Modified over 9 years ago

Similar presentations

Presentation on theme: "Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal."— Presentation transcript:

1 Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal Energy Regulatory Commission

2 June 20092 The views expressed in this presentation do not represent the views of the Federal Energy Regulatory Commission or of the United States Disclaimer

3 Federal Energy Regulatory Commission June 20093 Increased Cyber Security Concerns Automation & Data Gathering Connectivity of Control Systems –To Corporate Computers –To Vendors Use of Wireless Communications Interest of –Nation States – the equalizer –Hackers –Criminals –To Internet –To Remote Maintenance

4 Federal Energy Regulatory Commission June 20094 Cyber Security and Reliability Standards Historically – Voluntary Standards Urgent Action Standard 1200 –Voluntary –Adopted by NERC Summit 2003 –Replaced by CIP-002-1 thru CIP-009-1, June 2006

5 Federal Energy Regulatory Commission June 20095 Enforcement of Reliability Standards Western Electricity Coordinating Council Midwest Reliability Organization Southwest Power Pool Regional Entity Texas Regional Entity Northeast Power Coordinating Council Reliability First Corp SERC Reliability Corp. Florida Reliability Coordinating Council NERC has regional delegation agreements with 8 Regional Entities

6 Federal Energy Regulatory Commission June 20096

7 Federal Energy Regulatory Commission June 20097 Standards Development Process Standard Authorization Request Drafting Team Formed Proposed Standard Developed Comments Solicited Ballot –Quorum: 75% of Ballot Pool –Approval: 2/3 of Weighted Segment Votes Re-ballot? Board of Trustees Approval FERC & Canadian Approvals (w/ Public Comments)

8 Federal Energy Regulatory Commission June 20098 Canada & Mexico 7 Canadian Provinces Interconnect With U.S.A. Different Laws – Information Protection NERC Works With Provinces to: –Establish Standards –Enforce Standards Mexico – Northwest Corner of Mexico

9 Federal Energy Regulatory Commission June 20099 Users, Owners & Operators of BPS NERC Compliance Registry Region FRCC MRO NPCC RFC SERC SPP TRE WECC TOTAL # of Registered Entities 70 117 268 357 226 115 216 473 1842

10 Federal Energy Regulatory Commission June 200910 FERC Concerns With Reliability Standards Development Process Emergency & Security Issues Process is: –Public –Slow –Uncertain on Outcome

11 Federal Energy Regulatory Commission June 200911 Areas Addressed by CIP Standards Identification of critical assets & critical cyber assets –Generating stations –Transmission stations –Control Centers

12 Federal Energy Regulatory Commission June 200912 CIP Standards Continued I. Management involvement Security of sensitive information Cyber security training Personnel risk

13 Federal Energy Regulatory Commission June 200913 CIP Standards Continued II. Physical security of critical cyber assets Change control Access control Electronic security perimeters

14 Federal Energy Regulatory Commission June 200914 CIP Standards Continued III. Incident response Recovery plans

15 Federal Energy Regulatory Commission June 200915 Critical Assets Facilities, systems, and equipment which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System. NERC April 7, 2009 Letter to Industry –Self-certification compliance survey –Results “raise concern” about identifying Critical Assets and Critical Cyber Assets –63% of Transmission Owners had at least one Critical Asset –Only 29% of Generation Owners and Generation Operators had at least one

16 Federal Energy Regulatory Commission June 200916 FERC Approval of CIP Standards Order No. 706 January 18, 2008 Required many modifications –Critical Asset identification – required a wide-area oversight –Exceptions to Compliance – required oversight & approval mechanism –Reasonable Business Judgment language – required removal –Defense in Depth –Revoke Access Authorization

17 Federal Energy Regulatory Commission June 200917 Order No. 706 Modifications Phase I (Version 2 of CIP Standards) Low-hanging fruit Reasonable Business Judgment language removed Approved by Ballot Body & NERC BoT Filed with FERC May 22 Expect two more phases

18 Federal Energy Regulatory Commission June 200918 Compliance & Enforcement Regional Entities are front line Ways of monitoring –Compliance Audits –Self-Certifications –Spot Checking –Compliance Violation Investigations –Complaints Nuclear Stations – Order No. 706 - B –Self-Reporting –Periodic Data Submittals –Exception Reporting

19 Federal Energy Regulatory Commission June 200919 Enforcement Actions Mitigation Plan Remedial Action Directive Sanctions –Monetary –Other FERC Oversight FERC Can Originate

20 Federal Energy Regulatory Commission June 200920 Smart Grid A smarter grid would permit two-way communication between the electric system and a much larger number of devices located outside of controlled utility environments Interoperability standards and protocols leave no gaps in cyber or physical security

Download ppt "Federal Energy Regulatory Commission June 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal."

Similar presentations

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.
Federal Energy Regulatory Commission July 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Reliability in British Columbia

Reliability in British Columbia
1 WECC/AESO Membership and Coordinating Operating Agreement WECC Board of Directors Meeting December 2007 Diana Pommen Director Interjurisdictional Affairs.

1 WECC/AESO Membership and Coordinating Operating Agreement WECC Board of Directors Meeting December 2007 Diana Pommen Director Interjurisdictional Affairs.
2007 Goals. Introduction Western Electricity Coordinating Council (WECC) will be primarily defined throughout the 2007 year by Electric Reliability.

2007 Goals. Introduction Western Electricity Coordinating Council (WECC) will be primarily defined throughout the 2007 year by Electric Reliability.
NERC Orientation Joint Guidance Committee WECC Leadership

NERC Orientation Joint Guidance Committee WECC Leadership
Reliability Provisions of EPAct of 2005 & FERC’s Final Rule

Reliability Provisions of EPAct of 2005 & FERC’s Final Rule
WECC Reliability Management System

WECC Reliability Management System
COMPLIANCE 101 Module One.

COMPLIANCE 101 Module One.
Revised Event Analysis Process Event Analysis Subcommittee (EAS) Process Update Team (EUT) Hassan Hamdar – FRCC Reliability Engineer, EAS Vice-Chair FRCC.

Revised Event Analysis Process Event Analysis Subcommittee (EAS) Process Update Team (EUT) Hassan Hamdar – FRCC Reliability Engineer, EAS Vice-Chair FRCC.
Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.

Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)

Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009.

Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.

Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.
Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,

NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,
1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP-002-5 thru CIP-009-5 CIP-010-1 and CIP-011-1 Version 5 Filing FERC requested filing by 3/31/2013.

1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP thru CIP CIP and CIP Version 5 Filing FERC requested filing by 3/31/2013.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.

BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.

Similar presentations

Ads by Google