Presentation is loading. Please wait.

Presentation is loading. Please wait.

Status Report for Critical Infrastructure Protection Advisory Group

Published byBlake Walker Modified over 8 years ago

Similar presentations

Presentation on theme: "Status Report for Critical Infrastructure Protection Advisory Group"— Presentation transcript:

1 Status Report for Critical Infrastructure Protection Advisory Group
Jim Brenton Director, ERCOT Security ERCOT Board of Directors Meeting November 14, 2006

2 Expect Readiness Audits may commence starting in June 2007.
Background On May 2, 2006 NERC’s Board of Trustees adopted 8 new Reliability Standards with respect to Cyber and Physical Security effective June 1, 2006. These new standards, along with CIP-001-0: Sabotage Reporting (effective April 1,2005) comprise NERC’s Physical and Cyber Security standards and replace the Urgent Action 1200 Standard. The CIP Standards are applicable to ERCOT and a significant number of market participants. Implementation of the CIP Standards will be phased in over the next three years until entities reach Auditable Compliance for all CIP Standards. Expect Readiness Audits may commence starting in June November 14, 2006 ERCOT Board of Directors Meeting

3 Key Standard for ERCOT: CIP-002-1: Critical Cyber Asset Identification
Requirements: Identify & document a risk based assessment methodology to identify Critical Assets. Identify list of Critical Assets based on the risk based assessment methodology. Using list of Critical Assets, develop a list of associated Critical Cyber Security Assets essential to the operation of the Critical Asset. Senior management review and approval of list of Critical Assets and Critical Cyber Security Assets annually. Applicability: Reliability Coordinator Balancing Authority Interchange Authority Transmission Service Provider Transmission Owner Transmission Operator Generation Owner Generation Operator Load Serving Entity NERC Regional Reliability Organizations Exempt: Facilities regulated by the US Nuclear Regulatory Commission or the Canadian Nuclear Safety Commission. Cyber Assets associated with communication networks & data communication links between discrete Electronic Security Perimeters. November 14, 2006 ERCOT Board of Directors Meeting

4 ERCOT’s Game Plan for Compliance
ERCOT staff and Market Participants have attended NERC sponsored workshops on the CIP standards. On November 1, ERCOT hosted a Cyber Security Workshop to facilitate discussion on CIP Standard’s requirements and compliance awareness. Focus on “How to get started” toward understanding the new standards and what does it take to get ready for compliance. Technical discussion of Critical Asset determination within ERCOT. Discussed relationship between Critical Cyber Assets and Critical Assets. On November 2, ERCOT hosted an exploratory meeting with ERCOT Market Participants to determine if the ERCOT Critical Infrastructure Advisory Group (CIPAG) should be reactivated. In 2004, an original attempt at forming a ERCOT CIPAG did not proceed forward. For 2006, Market Participants in agreement to move forward with a new CIPAG. Developed a draft Mission Statement November 14, 2006 ERCOT Board of Directors Meeting

5 DRAFT 2006 CIP Advisory Group Purpose:
The ERCOT CIP Advisory Group would serve as a vehicle to facilitate and enable ERCOT entities to secure their critical assets, to become compliant, and to maintain compliance with relevant security standards. To accomplish this, the ERCOT CIPAG will: Collaborative effort Discuss security solutions Share information Communicate and clarify relevant security standards Provide guidance in security standards implementation and compliance Provide a forum for CIP discussions with State and Federal authorities DRAFT November 14, 2006 ERCOT Board of Directors Meeting

6 2006 CIPAG Proposed Governance & Activities
Immediately form a temporary Steering Committee to: Recruit Membership. Draft a charter and propose a governance structure for review by the ERCOT Board of Directors (Q1-2007). Concurrent Activities: Continue discussion of CIP standards and implementation issues: Focusing on communication, assessment methodologies, and compliance. Could possibly form subgroups if needed. Committee will meet again on December 4, 2006. Companies who have currently volunteered resources to the Steering Group: ERCOT TXU Power CenterPoint Austin Energy TXU Electric Delivery LCRA PUCT Staff City of Garland TMPA STEC Bryan Texas Utilities CPS November 14, 2006 ERCOT Board of Directors Meeting

7 Questions

8 Additional Background Information
November 14, 2006 ERCOT Board of Directors Meeting

9 Key NERC Definitions Bulk Electric System: Critical Assets:
The electrical generation resources, transmission lines, interconnections with neighboring systems, and associated equipment, generally operated at voltages of 100 kV or higher. Radial transmission facilities serving only load with one transmission source are generally not included. Critical Assets: Facilities, systems, and equipment which, if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System. Cyber Assets: Programmable electronic devices and communication networks including hardware, software, and data. Critical Cyber Assets: Cyber Assets essential to the reliable operation of Critical Assets. November 14, 2006 ERCOT Board of Directors Meeting

10 Critical Asset Selection Process
Inputs - List of generating resources; control centers & backup control centers; system restoration, automatic load shedding, & system protection assets, etc. Steps -- Bulk Electric System Assets 1 Filtering - Risk Based Assessment (Required Document) This presentation will discuss only Steps 1 & 2 2 Critical Assets Output - List of Critical Assets (Required Document) Critical Cyber Assets Cyber Assets List of Critical Cyber Assets (Required Document) Essential to operation of critical asset and meet CIP 002 R3 Filtering - Output - Inputs - 3 4 Cyber assets supporting Critical Assets November 14, 2006 ERCOT Board of Directors Meeting

11 Step 1: Develop a List of Bulk Electric System Assets
Per CIP-002, R1.2; the following assets must be considered as input in ERCOT’s risk based assessment: Control Centers and backup Control Centers; Transmission substations that support the reliable operation of the Bulk Electric System; Generation resources that support the reliable operation of the Bulk Electric System; Systems and facilities critical to system restoration, including blackstart generators and substations in the electrical path of transmission lines used for initial system restoration; Systems and facilities critical to automatic load shedding under a common control system capable of shedding 300 MW or more; Special Protection Systems that support the reliable operation of the Bulk Electric System; and Any additional assets that support the reliable operation of the Bulk Electric System. November 14, 2006 ERCOT Board of Directors Meeting

Download ppt "Status Report for Critical Infrastructure Protection Advisory Group"

Similar presentations

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.

NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.
2004 NERC, NPCC & New England Compliance Programs John Norden Manager, Operations Training, Documentation & Compliance August 31, 2003 RC Meeting.

2004 NERC, NPCC & New England Compliance Programs John Norden Manager, Operations Training, Documentation & Compliance August 31, 2003 RC Meeting.
Federal Energy Regulatory Commission July 20091 Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
1 WECC/AESO Membership and Coordinating Operating Agreement WECC Board of Directors Meeting December 2007 Diana Pommen Director Interjurisdictional Affairs.

1 WECC/AESO Membership and Coordinating Operating Agreement WECC Board of Directors Meeting December 2007 Diana Pommen Director Interjurisdictional Affairs.
2007 Goals. Introduction Western Electricity Coordinating Council (WECC) will be primarily defined throughout the 2007 year by Electric Reliability.

2007 Goals. Introduction Western Electricity Coordinating Council (WECC) will be primarily defined throughout the 2007 year by Electric Reliability.
NERC Orientation Joint Guidance Committee WECC Leadership

NERC Orientation Joint Guidance Committee WECC Leadership
NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.

NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.
STATUS OF BULK ELECTRIC SYSTEM DEFINITION PROJECT

STATUS OF BULK ELECTRIC SYSTEM DEFINITION PROJECT
Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.

Allan Wick, CFE, CPP, PSP, PCI, CBCP Chief Security Officer WECC Joint Meeting October 8, 2014.
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)

Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009.

Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.

WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.

Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.
Project 2008-06 Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.
NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,

NERC and Regional Efforts to Ensure Reliability Dave Nevius, NERC Sr. VP David Cook, NERC VP & General Counsel Louise McCarren, WECC CEO Don Benjamin,
1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP-002-5 thru CIP-009-5 CIP-010-1 and CIP-011-1 Version 5 Filing FERC requested filing by 3/31/2013.

1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP thru CIP CIP and CIP Version 5 Filing FERC requested filing by 3/31/2013.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.

BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.
1 Eric T. Whitley Selected Relevant Experience Background Eric T. Whitley President & CEO 1831 Iron Point Road, Suite 140 Folsom, CA 95630 Tel: (916) 800-4545.

1 Eric T. Whitley Selected Relevant Experience Background Eric T. Whitley President & CEO 1831 Iron Point Road, Suite 140 Folsom, CA Tel: (916)
Generator Governor Frequency Response Alert

Generator Governor Frequency Response Alert
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.

Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.

Similar presentations

Ads by Google