NERC Critical Infrastructure Protection Committee (CIPC) Highlights John Hochevar, ATC MRO Board of Directors Meeting October 4, 2018
NERC CIPC MRO Representatives Encompass Four Industry Sectors and Cyber, Physical, and Operations Security Voting Members: • Cyber: Marc Child, Great River Energy • Physical: Paul Crist, Lincoln Electric System • Operations: Damon Ounsworth, Saskatchewan Power Alternate Voting Members: • Cyber: John Hochevar, American Transmission Company • Physical: Mike Kraft, Basin Electric Power Cooperative • Operations: Armin Boschmann, Manitoba Hydro At Large Security Members: • Steen Fjalstad, Midwest Reliability Organization 2
NERC CIPC Organizational Chart
1. Meeting Agenda – 9/2018 Minneapolis Charter update approved • SPP seats removed • 28 voting members remain • Executive Committee considering new voting seat for IRO/RTO Council Supply Chain • EPRI Supply Chain Risk Report submitted to NERC & FERC • “Open Letter to Vendors” – work is progressing • Liaison established with Idaho National Lab for legacy systems testing • Potential for six new guidelines, new shortened format ─ Cloud services, secure hardware delivery, provenance, threat-informed procurement, risk mgmt lifecycles, open-source technology
2. Meeting Agenda – 9/2018 Minneapolis Cloud security • FedRAMP & encryption as access control • Tabletop exercise under development Workplan items • Physical – key management guideline • Cyber/physical – fuel handling SCADA systems for Generation • Cyber – FERC remote access study findings • Compliance – Voice over IP • New whitepaper being debated ─ “Applying core CIP controls to non-BES technologies” ─ Scope might include: Customer information systems, distribution management systems, asset management systems, outage management systems, synchrophasers, inverters, voice-over-IP phone systems, natural gas fuel-handling SCADA systems & associated HMIs
Recommend
More recommend
