ERCOT Technical Advisory Committee June 2, 2005

Slides:



Advertisements
Similar presentations
NERC Cyber Security Standards Pre-Ballot Review. Background Presidents Commission on Critical Infrastructure Protection PDD-63 SMD NOPR NERC Urgent Action.
Advertisements

Federal Energy Regulatory Commission July Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Interchange Authority Recommendations Board of Directors Meeting December 7, 2007.
NERC Critical Infrastructure Protection Advisory Group (CIP AG) Electric Industry Initiatives Reducing Vulnerability To Terrorism.
PER Update & Compliance Lessons Learned
FRCC Fall Compliance Workshop October , 2013
Recent NERC Standards Activities RSC – Jan. 5, 2011 NSRS Update Date Meeting Title (optional)
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
Standards Development: Update to IMO Regulatory Standing Committee May 14, 2003.
WebCast 5 May 2003 NERC Cyber Security Standard Overview of Proposed Cyber Security Standard.
Cyber Security 2005 ERCOT COMPLIANCE ROLLOUT Lane Robinson Reliability Analyst.
NERC Functional Model AND HOW IT RELATES TO THE ERCOT REGION
1. 11/26/2012: NERC Board of Trustees adopted CIP v5 CIP thru CIP CIP and CIP Version 5 Filing FERC requested filing by 3/31/2013.
BS Information Systems – University of Redlands BS Information Systems – University of Redlands AS Electronic Technology AS Electronic Technology Project.
Jeffery J. Gust IOWA INDUSTRIAL ENERGY GROUP FALL CONFERENCE Tuesday, October 14, 2014 MidAmerican Energy Company.
Date Texas RE Board Update to TAC November 5, 2009 Susan Vincent Director, Legal Affairs.
ERCOT’S COMPLIANCE ASSESSMENT PROGRAM Mark Henry Compliance Manager March 23, 2005.
Cyber Security Standard Workshop Status of Draft Cyber Security Standards Larry Bugh ECAR Standard Drafting Team Chair January 2005.
June 6, 2007 TAC Meeting NERC Registration Issues Andrew Gallo, Assistant General Counsel, Litigation and Business Operations ERCOT Legal Dept.
Audit & Compliance Tips Jagan Mandavilli Senior Compliance Engineer.
Critical Infrastructure Protection Update Christine Hasha CIP Compliance Lead Advisor, ERCOT TAC March 27, 2014.
Ontario Overview Dave Short Senior Regulatory Analyst, Regulatory Affairs IESO’s ERO Workshop – June 28, 2006.
GOP and QSE Relationship Jeff Whitmer Manager, Compliance Assessments Talk with Texas RE June 25, 2012.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Lisa Wood, CISA, CBRM, CBRA Compliance Auditor, Cyber Security
1 Texas Regional Entity Report December Performance Highlights ERCOT’s Control Performance Standard (NERC CPS1) score for October – Initial.
Texas Regional Entity Compliance Report TAC July 9, 2009.
Federal Energy Regulatory Commission June Cyber Security and Reliability Standards Regis F. Binder Director, Division of Logistics & Security Federal.
Entity Registration Under EPAct 2005 Public Power Council April 6, 2006 Louise McCarren Chief Executive Officer WECC.
1 Arizona Corporation Commission BTA Workshop Presenter: Steven Cobb May 23, 2008.
Nuclear Power Plant/Electric Grid Regulatory Coordination and Cooperation - ERO Perspective David R. Nevius and Michael J. Assante 2009 NRC Regulatory.
Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.
January 2008 Texas Regional Entity Report. 2 Performance Highlights ●ERCOT’s Control Performance Standard (NERC CPS1) score for November – ●Scores.
SPP.org 1. EMS Users Group – CIP Standards The Compliance Audits Are Coming… Are You Ready?
Texas Regional Entity Update Sam Jones Interim CEO and President Board of Directors July 18, 2006.
Actions Affecting ERCOT Resulting From The Northeast Blackout ERCOT Board Of Directors Meeting April 20, 2004 Sam Jones, COO.
Overview of WECC and Regulatory Structure
Status Report for Critical Infrastructure Protection Advisory Group
“NERC Hot Topics” Marc Butts May 9, 2008 Marc Butts May 9, 2008.
Project System Protection Coordination Requirement revisions to PRC (ii) Texas Reliability Entity NERC Standards Reliability Subcommittee.
Item 5d Texas RE 2011 Budget Assumptions April 19, Texas RE Preliminary Budget Assumptions Board of Directors and Advisory Committee April 19,
WebCast 5 May 2003 Proposed NERC Cyber Security Standard Presentation to IT Standing Committee Stuart Brindley, IMO May 26, 2003.
Bill Lewis, Compliance Team Lead NERC Reliability Working Group May 16, 2013 Texas RE Update Talk with Texas RE April 25, 2013.
Problem Areas Updates Penalties FRCC Compliance Workshop September / October
Standing Up The New Electric Reliability Organization Ellen P. Vancko North American Electric Reliability Council.
COMPLIANCE ROLLOUT Vann Weldon Compliance Training Administrator March 23, 2005 NERC FUNCTIONAL MODEL REVIEW.
Standards Review Subcommittee Update August 17, 2010.
Page 1 of 13 Texas Regional Entity ROS Presentation April 16, 2009 T EXAS RE ROS P RESENTATION A PRIL 2009.
November 2, 2006 LESSONS FROM CIPAG 1 Lessons from Critical Infrastructure Group Bill Bojorquez November 2, 2006.
Overview of Texas RE Reliability Standards Process and 2008 Year in Review Judith James Manager, Reliability Standards.
Texas Regional Entity Report Mark Henry June 6, 2008.
Tony Purgar June 22,  Background  Portal Update ◦ CIP 002 thru 009 Self Certification Forms  Functional Specific (i.e. BA, RC, TOP – SCC, Other)
1 Texas Regional Entity Report November Performance Highlights  ERCOT’s Control Performance Standard (NERC CPS1) score for September –
Texas Regional Entity ROS Presentation January 15, 2009 T EXAS RE ROS P RESENTATION J ANUARY 2009.
Projects System Protection Coordination Draft 2 of TOP Texas Reliability Entity NERC Standards Reliability Subcommittee November 2, 2015.
SAR 001 DT Presentation Texas RE Presentation to SAR-001 Drafting Team Farzaneh Tafreshi Manager, Reliability Standards Texas Regional Entity.
1 Power System Restoration. 2 Not Active 3 4 Compliance Audit Process APPA E&O Technical Conference – Atlanta April 16, 2007.
Page 1 of 21 Texas Regional Entity ROS Presentation June 11, 2009 T EXAS RE ROS P RESENTATION J UNE 2009.
Southern Cross Transmission LLC Owner/Operator of a Merchant DC Tie
MOPC Meeting Oct , 2016 Little Rock, AR
Southern Cross Transmission LLC Owner/Operator of a Merchant DC Tie
NERC Entity Registration and Certification in the ERCOT Region
COM Operating Personnel Communications Protocols
NERC Cyber Security Standards Pre-Ballot Review
Understanding Existing Standards:
Larry Bugh ECAR Standard Drafting Team Chair January 2005
Larry Bugh ECAR Standard Drafting Team Chair January 2005
NERC Critical Infrastructure Protection Advisory Group (CIP AG)
NERC Cyber Security Standard
Larry Bugh ECAR Standard Drafting Team Chair June 1, 2005
Presentation transcript:

ERCOT Technical Advisory Committee June 2, 2005 Cyber Security Standard Update (Critical Infrastructure Protection) ERCOT Technical Advisory Committee June 2, 2005

Why Have a Cyber Security Standard? Documented Cases of Cyber attacks Several SCADA Systems disabled due to virus attacks EMS & SCADA Systems moving toward more standard architectures with known vulnerabilities Higher risk of cyber incidents due to inside activities August 14, 2003 Northeast Blackout No evidence of terrorist activities, but recognition that the grid is vulnerable.

Cyber Security Standard Background Cyber Security Standards Authorization Request (SAR) for Standard 1200 initiated in April 2003. The NERC Board of Trustees adopted this Standard into the NERC Compliance Enforcement Program (CEP) in August 2003. All Control Areas and Reliability Coordinators (ERCOT) in North America were expected to self-certify in the 1st Quarter 2005.

Cyber Security Standard Background (cont’d) Standard 1200 is set to expire in August 2005 and will be replaced by Standard 1300. NERC is re-organizing its Standard’s naming and number conventions. Standard 1300 is now part of the Critical Infrastructure Protection (CIP) Policy. CIP-002 thru CIP-009 will replace 1301 thru 1308. Currently proposed to become effective on November 1, 2005.

Format/Numbering Changes New standards as compared to sections in Draft Standard 1300 – Draft 1 Old Section # Topic New Std # 1301 Security Management Controls CIP-003-1 1302 Critical Cyber Assets CIP-002-1 1303 Personnel and Training CIP-004-1 1304 Electronic Security CIP-005-1 1305 Physical Security CIP-006-1 1306 Systems Security Management CIP-007-1 1307 Incident Reporting and Response Planning CIP-008-1 1308 Recovery Plans CIP-009-1

Who will the Standard Apply to? √ Reliability Coordinator (RC) Ensures the reliability of the bulk transmission system within its Reliability Authority area. This is the highest reliability authority. Balancing Authority (BA) Integrates resource plans ahead of time, and maintains load-interchange-resource balance within its metered boundary and supports system frequency in real time Interchange Authority (IA) Authorizes valid and balanced Interchange Schedules Planning Authority (PA) Plans the bulk electric system Transmission Provider (TP) Provides transmission services to qualified market participants under applicable transmission service agreements Transmission Owner (TO) Owns transmission facilities Transmission Operator (TOP) Operates and maintains the transmission facilities, and executes switching orders Distribution Provider (DP) Provides and operates the “wires” between the transmission system and the customer Generator (GOP & GO) Owns and operates generation unit(s) or runs a market for generation products that performs the functions of supplying energy and Interconnected Operations Services Purchasing-Selling Entity (PSE) The function of purchasing or selling energy, capacity and all necessary Interconnected Operations Services as required Load-Serving Entity (LSE) Secures energy and transmission (and related generation services) to serve the end user

Standard 1200 Expectations ERCOT as the Control Area & Reliability Coordinator self-certified in 1Q05 Annual self-certification is required of Control Areas and Reliability Coordinators All owner/operators of SCADA and EMS are expected to be in compliance, but are not required to self-certify There are no sanctions that can be imposed at this time

Implementation Schedule CIP-001- Sabotage Reporting Effective April 1, 2005 for RCs, BAs, TOPs, GOPs, and LSEs. CIP-002 thru CIP-009 BAs, TOPs, RCs, TPs, NERC, & RROs auditably compliant with all requirements by 2Q09. IAs, TOs, GOs, GOPs, & LSEs auditably compliant within 36 months of registration to a Functional Model function.

Proposed Implementation Plan Compliance Schedule for Standard CIP-004-1 Balancing Authorities and Transmission Operators Required to Self-certify to Urgent Action (UA) Standard 1200, and Reliability Coordinators 2nd Qtr 2006 2nd Qtr 2007 2nd Qtr 2008 2nd Qtr 2009 Requirement System Control Center Other Facilities Standard CIP-004-1 – Personnel & Training R1 SC BW AC R2 R3 R4 AC - Auditably Compliant means the entity meets the full intent of the requirement and can prove compliance to an auditor. SC - Substantially Compliant means an entity has begun the process to become compliant with a requirement, but is not yet Auditably Compliant. BW - Begin Work means a responsible entity has developed a plan to address the requirements of a standard. Implementation Plan - Draft 3 contains comparable tables for the other Draft Standards.

Proposed Implementation Plan (cont’d) Compliance Schedule for Standard CIP-004-1 Transmission Providers, those Balancing Authorities and Transmission Operators Not Required to Self-certify to UA Standard 1200, NERC, and Regional Reliability Organizations. 2nd Qtr 2006 2nd Qtr 2007 2nd Qtr 2008 Dec. 31, 2009 & Beyond Requirement All Facilities Standard CIP-004-1 – Personnel & Training R1 BW SC AC R2 R3 R4 AC - Auditably Compliant means the entity meets the full intent of the requirement and can prove compliance to an auditor. SC - Substantially Compliant means an entity has begun the process to become compliant with a requirement, but is not yet Auditably Compliant. BW - Begin Work means a responsible entity has developed a plan to address the requirements of a standard. Implementation Plan - Draft 3 contains comparable tables for the other Draft Standards.

Standard CIP-004-1 – Personnel & Training Proposed Implementation Plan (cont’d) Compliance Schedule for Standard CIP-004-1 Interchange Authorities, Transmission Owners, Generator Owners, Generator Operators, and Load-Serving Entities Registration Registration + 12 months Registration + 24 Registration + 36 months Requirement All Facilities Standard CIP-004-1 – Personnel & Training R1 BW SC AC R2 R3 R4 AC - Auditably Compliant means the entity meets the full intent of the requirement and can prove compliance to an auditor. SC - Substantially Compliant means an entity has begun the process to become compliant with a requirement, but is not yet Auditably Compliant. BW - Begin Work means a responsible entity has developed a plan to address the requirements of a standard. Implementation Plan - Draft 3 contains comparable tables for the other Draft Standards.

NERC Cyber Security Resources www.esisac.com/library-CSS-WS.htm Cyber Security Workshop Presentations www.nerc.com/~filez/standards-cyber.html NERC Urgent Action Cyber Security Standard 1200 www.nerc.com/~filez/standards/Cyber-Security-Permanent.html NERC Cyber Security Standards NERC Cyber Security Cross-Reference Draft Implementation Plan for Cyber Security Standards www.nerc.com/~filez/standards/Standards-sitemap.html NERC Reliability Standards

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.