Abb Nerc Cip
1y ago
30 Views
1 Downloads
2.84 MB
31 Pages
Report/dmca
Download PDF

Transcription

ABB NERC CIP V5 SPECIALINTEREST GROUPLOW ASSET DISCUSSION ANDFUTURE CIP VERSIONS &COMPLIANCE ACTIVITYNovember 5, 2014

TODAY’S PANEL ABB GroupTim Conway, EKC Consulting and TechnicalDirector, ICS and SCADA programs at.conwaytimothyj@gmail.comJoseph “Joe” Baxter, NERC CIP Lead, ABB HV/DC Before coming to ABB. joseph.baxter@us.abb.comJoe Doetzl, CISO and Head of Cyber Security, ABBVentyx. Joe.Doetzl@ventyx.abb.comMike Radigan, Senior Advisor, Cyber RiskManagement, ABB PSPG Mike.Radigan@us.abb.com(614) 398-6241

ADDITIONAL NERC CIP EDUCATIONALWEBINARSNERC CIP Education Webinar Series http://new.abb.com/us/about/nerc-cip-education Cyber asset grouping for Power Generation – Tim ConwayThursday, October 23, 2014 at 12:00 p.m.(Power generation specific) Learn process approaches to CIP-002-5.1 R1 as it pertains to BEScyber asset categorization.Register now: ess management and malicious software controls – Joe BaxterWednesday, October 29, 2014 at 2:00 p.m.Learn how to access control fits with CIP-004-5 and why account management is not effortless.Register now: https://www1.gotomeeting.com/register/448008129Low assets and future CIP versions – Tim Conway & Joe BaxterWednesday, November 5, 2014 at 2:00 p.m.(Power generation specific) Learn the compliance requirements for entities with low assets andaudit worksheets as well as future standard activities.Register now: ntification and review of critical transmission assets - Martin Shalhoub,Wednesday, November 12, 2014 at 2:00 p.m.Learn how to approach the guidelines and criteria highlighted by NERC to fulfill the riskassessment goal.Register now: https://www1.gotomeeting.com/register/639963169

AGENDAWhat Have we Covered CIP V5 Low Requirements SDT Activity Top 5 Items to Track FERC ResponseRAILessons learnedRFI ProcessTransition Plan

WHAT HAVE WE COVEREDSession 1 and Session 2

Addressed generationspecific systemsegmentationapproach, benefitsand risksDeveloped anddelivered arequirement mappingspreadsheetaddressing numerousfiltered approachesAddressed impacts ofERC and BES CyberSystem groupingstrategy benefits andrisksLow ImpactDeveloped anddelivered a commonframework andworkflow to performCIP V 5 MethodologyBES SystemsMethodologyCIP V5 SPECIAL INTEREST GROUPDeveloped anddelivered an analysisspreadsheet with thedifferences betweenthe V5 and V6 Lowsas they stand in theprocess todayAddressed some ofthe current relevantactivity impactingNERC CIP regulation

DATA

CIP V5 LOW REQUIREMENTS

REQUIREMENT MAPPINGCIP-002-5.1R1 - 1.3R2 - 2.1R2 - 2.2xxxR2 - 2.1R2 - 2.2R2 - 2.3R2 - 2.4R3R4xxxxxxCIP-003-5

SUMMARY OF LOW REQUIREMENTS CIP-002-5.1Attachment 1 Section 3 Update every 15 calendar months Have CIP Senior Manager approve every 15 months CIP-003-5 Cyber security policies that address the following:Cyber security awareness Physical security controls Electronic access controls for ERC and dial-up Incident response to a Cyber Security Incident Identify a CIP Senior Manager by name and anychanges within 30 calendar daysA documented process to delegate authority andupdates within 30 calendar days

SDT ACTIVITY

FERC ORDER 791Feb 32015OpenEndModify orRemove IACAddresssecuritycontrols forLowDefine andprotectcommunicationnetworksRequirementsfor transientelectronicdevices

JULY COMMENT AND BALLOTStandardQuorumWeighted 0%82.51%Definitions78.05%78.52%

CIP VERSION X ion XCIP009IAC Comm NetNo Low TransientBallot for DeadlineCIP-003-6Develop modifications tothe CIP standards toaddress security controlsfor assets containing lowimpact BES CyberSystems.CIP-010-2Develop requirements thatprotect transientelectronic devices.

LOW AND TRANSIENT ONGOING ACTIVITY

LOW AND TRANSIENT ONGOING ACTIVITY

OCTOBER COMMENT AND BALLOTBallotQuorumWeighted 67%CIP Version entationPlan83.17%93.65%82.44%79.97%81.95 %85.64 %82.20%89.07%

FINAL BALLOT10 day final ballot closes 8 PM Eastern 11/6/2014 Standards under Version X are being balloted inthe final ballot not the CIP-003-6 and CIP-010-2with Low and Transient If final ballot passes – these V6 standardswithout Low and Transient will be submitted tothe NERC BOT and then filed with FERC by Feb3, 2015 This means continued work will proceed with theremaining 791 directives and CIP-003-7 and CIP010-3 will eventually need to be industryapproved and NERC approved for submittal toFERC

MAPPINGStandardRequirement 6CIP-009-6CIP-010-2CommunicationNetwork ChangeIdentify Assess andCorrect RemovalNew Requirementxxxxxxxxxxxxxxxxxxxx2171

TOP 5 ITEMS TO TRACK

FERC RESPONSE FERC Order 791The Version 6 Standards submitted will directlyaddress the directive to remove IAC They directly address the modifications to VRF’s andVSL’s They indirectly address the directive for a definitionof Communication Network, by modifying thestandards to address the reliability gap in protectionidentified by NERC NERC also has proposed a modified plan to conductthe industry survey that was directed by FERC onthe 15 min impact Await approval order and next steps forremaining 791 directives

RELIABILITY ASSURANCE INITIATIVE(RAI)Zero Tolerance and Zero Deficiency Bad SDT developed a controls based approach inwhich entities implement requirements in amanner that Identifies, Assess, correctsdeficiencies Industries Awesome, FERC Nice,but difficult to enforce FERC recommended NERC develop a complianceand enforcement approach that would empowerNERC and the Regional Entities to exercise riskbased enforcement discretion (RAI) Awesome

RAI TERMSInherent Risk Assessment (IRA) - An IRA is areview of potential risks posed by an individualregistered entity to the reliability of the BPS. Internal Control Evaluation (ICE) - theprocess by which an evaluation of entity internalcontrols takes place Monitoring Tools – RE determination of typeand frequency of compliance monitoring toolswarranted for a particular registered entity,determined by IRA and ICE processes. e%20Initiative/Public Final Application RiskBased CMEP Concepts to CIPV5 ws/Documents/RAI Spotlight Outreach%20Workshop.pdf

LESSONS LEARNEDSix Study participants – identified Impact of CIP V 5 to those participants Areas of Concern identified Challenges in understanding the CIP Standards Challenges in implementing the Requirements Challenges in building resource capability http://www.nerc.com/pa/CI/tpv5impmntnstdy/CIPv5 Implem Study Final Report Oct2014.pdf

TOPICS OF INTEREST IDENTIFIED

RFI PROCESSNERC Standards Development Process containsa formal Request for Interpretation component Historically slow With implementation of standing IDT – Fast With FERC issuance of Remand – Halted Questions remain on future of RFI process vslessons learned guidance

TRANSITION PLANWhen to transition? When is your scheduled audit? Compatibility Tables and Audit Declaration ibility%20Tables.pdf

ASSET IDENTIFICATION 0Transition%20Guidance%20FINAL.pdf

NEXT STEPSSurvey participants to gauge need for additionalsessions on specific CIP V 5 Challenges Schedule additional sessions if needed dependingon survey feedback Hold as needed deep dive conversations withcustomers who have specific questions or areas ofconcern

JOIN THE ABB DCS USERS GROUP Website: www.adcsug.comUsers of ABB control system products and servicesin the power and water industries. Top 5 reasons to join the group: Forum to: share experiences, learn and collaboratewith industry peers, measurably influence and improve ABB control products and servicesNetworking: true peer-to-peer forumsImprovement suggestions: day-to-day challenges discussed and ideas exchangedNews: related articles and information from the industryEvents calendar: stay connected with users and ABB Power GenerationPolls / surveys: express your opinion and make your voice heard“The value of a users group, and that in particular of ABB DCS Users Group, is that asa group we have more access and leverage to change and improve the product than asindividuals acting alone. It also allows us to participate in discussions that bring thebest ideas forward and facilitates sharing information that helps everyone.”ABB DCS Users Group STECO member ABB Inc.- Bill Ossman,

the final ballot not the CIP-003-6 and CIP-010-2 with Low and Transient If final ballot passes - these V6 standards without Low and Transient will be submitted to the NERC BOT and then filed with FERC by Feb 3, 2015 This means continued work will proceed with the remaining 791 directives and CIP-003-7 and CIP-

Related Books

CIP-008-6 — Cyber Security — Incident Reporting and Response . - NERC

CIP-008-6 — Cyber Security — Incident Reporting and Response . - NERC

Mapping Document Showing Translation of CIP-002-4 to CIP-009-4 into CIP .

Mapping Document Showing Translation of CIP-002-4 to CIP-009-4 into CIP .

Kuvda STATE OF INDIANA INDIANA UTILITY REGULATORY COMMISSION PETITION .

Kuvda STATE OF INDIANA INDIANA UTILITY REGULATORY COMMISSION PETITION .

September 25, 2014 ABB Power Generation DCS Users Group NERC CIP v5 .

September 25, 2014 ABB Power Generation DCS Users Group NERC CIP v5 .

Relay Models, RMI and RVI per Relay Types

Relay Models, RMI and RVI per Relay Types

Implementation Guide for Vendors and Integrators Working in NERC-CIP .

Implementation Guide for Vendors and Integrators Working in NERC-CIP .

Supply Chain Risk Assessment - NERC

Supply Chain Risk Assessment - NERC

Overview of NERC Reliability Standards - SCCE Official Site

Overview of NERC Reliability Standards - SCCE Official Site

CIP StandardsCIP Standards Version 5Version 5 Requirements & Status - NERC

CIP StandardsCIP Standards Version 5Version 5 Requirements & Status - NERC

CIP v5 Compliance Monitoring - AESO

CIP v5 Compliance Monitoring - AESO

and I SME NERC NRC - Nuclear Regulatory Commission

and I SME NERC NRC - Nuclear Regulatory Commission

PopularTags

Recent Views