100 likes | 485 Vues
Update in NERC CIP Activities September 4, 2014. Agenda. Update on CIP-014-1 Update on Revisions to CIP Version 5 -x Posting v6 Posting Questions. Key Dates: Project 2014-04 Physical Security (CIP-014-1). NOPR for FERC Approval Issued July 17 Comments Due Sept 8
E N D
Update in NERC CIP Activities September 4, 2014
Agenda • Update on CIP-014-1 • Update on Revisions to CIP Version 5 • -x Posting • v6 Posting • Questions
Key Dates: Project 2014-04 Physical Security (CIP-014-1) • NOPR for FERC Approval Issued July 17 • Comments Due Sept 8 • Comment Responses Sept 22 • Adopted by NERC Board of Trustees May 13 • Approved by Industry Final Ballot May 5 • FERC Directive March 7
Key DatesCIP-002 to CIP-011 Revisions • CIP Standards Revisions • 45-day comment period Sept 3 – Oct 17 • Ballot Oct 8-17 • Non-Binding Poll (VRF/VSL) Oct 8-17 • RSAWs Sept 17** • SDT meeting, Austin TX Oct 22-24 • Final Ballot Oct 31 – Nov 10** **Expected date
Significant Changes to CIP-003-6 • CIP-003-6 R2 for Low Impact Assets • Requires implementation of one or more documented cyber security plan(s) • Attachment 1 includes required elements or options that may be selected to address: • Cyber security • Physical access controls • Electronic access controls • Cyber Security Incident response • Attachment 2 includes detailed measures for demonstrating compliance • Introduces 2 new definitions • Low Impact BES Cyber System Electronic Access Points (LEAP) • Low Impact External Routable Connectivity (LERC)
Significant Changes to CIP-010-2 • CIP-010-2 R4 for Transient Devices • Requires implementation of one or more documented plan(s) • Attachment 1 includes required elements or options that may be selected to address: • Transient Cyber Asset(s) Owned or Managed by the Responsible Entity • Transient Cyber Asset(s) Owned or Managed by Vendors or Contractors • Removable Media • Attachment 2 includes detailed measures for demonstrating compliance • Modifies 2 definitions, based on comments • Transient Cyber Asset • Removable Media
CIP-002 to CIP-011 Revision Postings • Single ballot for IAC language removal. • These proposed standards will be version X for the ballot. • CIP-003-X • CIP-004-X • CIP-007-X • CIP-010-X • CIP-011-X • Separate ballots for language changes • Low Impact Assets and Transient Devices. • CIP-003-6 • CIP-010-2 • Definitions – Lows • Definitions – TD • IP-v6
References • Project 2014-02 CIP Standards Version 5 Revisions • http://www.nerc.com/pa/Stand/Pages/Project-2014-XX-Critical-Infrastructure-Protection-Version-5-Revisions.aspx • Project 2014-04 Physical Security • http://www.nerc.com/pa/Stand/Pages/Project-2014-04-Physical-Security.aspx