Cybersecurity, Reliability & CIP

After pleading with Congress for so many years, and then at last winning the requisite legislative authority to impose mandatory and enforceable standards for electric reliability, to replace its legacy system of voluntary compliance, NERC finds itself at a curious juncture. It wants to slow the transition.

The North American electric power grid has suffered several significant outages in recent years. These events and other incidents around the world spotlight the need for enforceable grid-reliability standards, wide-area visibility of the health of the power system, and real-time monitoring of grid-reliability performance to prevent blackouts. Effective reliability management requires real-time tools and technologies that can detect standards violations so that timely corrective or preventive actions can be taken.

In May 2, 2006, the NERC board of trustees adopted the Critical Infrastructure Protection Cyber Security Standard. This article provides some answers to questions in the form of security program development, implementation, and operation.

FERC staff’s Preliminary Assessment of NERC’s proposed reliability standards identified a number of potential deficiencies, many of which NERC plans to address. What adjustments must be made by users, owners, and operators of the bulk power system in the new era of mandatory compliance?

Utilities are preparing for the eventual enforcement of new reliability rules from the North American Electric Reliability Council. As the Federal Energy Regulatory Commission continues its review of the proposed standards, we take a closer look at the effect of these rules on cyber-security, and offer a broad overview of all of the proposed reliability standards.