State commissions can select from a toolkit of regulatory approaches to promote desired utility cybersecurity behavior. One approach is to allow the industry to selfregulate, and another approach...
The Challenge of Implementing NERC's Cyber Standard
How to develop, implement, and operate a security program.
of the entity through a viable security program is a goal that is realistic.” 12
1. A “responsibility entity” is an organization that is (and has registered with the NERC to be) responsible for performing one or more functions as defined in the NERC reliability functional model. In terms of CIP-002, the standard specifically mentions the following entities: Reliability Coordinator, Balancing Authority, Interchange Authority, Transmission Service Provider, Transmission Owner, Transmission Operator, Generation Owner, Generator Operator, Load-Serving Entity, and Regional Reliability Organizations. Nuclear power organizations are exempt from the standard as well as cyber assets associated with communications networks and data communication links between discrete electronic security perimeters.
2. Bulk electric systems are the electrical generation resources, transmission lines, interconnections with neighboring systems, and associated equipment, generally operated at voltages of 100 kV or higher. Radial transmission facilities serving only load with one transmission source generally are not included in this definition.
3. Critical cyber assets are those cyber assets essential to the reliable operation of critical assets. Critical assets are defined as those facilities, systems, and equipment which, if destroyed, damaged, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the bulk electric system.
4. The definition of “bulk power system” by FERC is more comprehensive than the NERC defined “bulk electric system” (see endnote 2). Most likely, in terms of the standard, these differences will be resolved by the ERO or delegated accordingly specific to each entity’s infrastructures.
5. There certainly can be variations from this model as functional definitions are specific to the mission and responsibilities of the underlying entity.
6. For example, ISO 17799, SAS 70, API 1164, and NIST standards may need to be incorporated in the work scope.
7. The assets to be considered as critical assets include control centers, transmission substations, strategic generation resources, restoration facilities, load-shedding facilities, and special protection systems, all of which support the reliable operation of the bulk electric system.
8. NERC defines the electronic security perimeter as the logical border surrounding a network in which critical cyber assets are connected and for which access is controlled. Physical security perimeters are defined by the NERC as the six-wall border surrounding computer rooms, telecommunication rooms, operation centers, and other locations in which critical cyber assets are housed and for which access is controlled.
9. For example, workstations that have direct access to the critical cyber assets should be contained within the same electronic and physical perimeters as other critical cyber assets. Special provisions for remote access will be required.
10. The assurance that a secure network design is in place and is prudent before detailed security procedures are developed as a significant change in the network design can impact the procedure development effort, e.g., re-writes, disjointed procedures, ineffective procedures, and configuration management.
11. The functional program areas defined in this document should not be confused with the functions defined by the NERC reliability functional model. For example, an entity involved in both the generation operations function and the transmission operations function will have significant critical cyber assets