THE ELECTRICITY SECTOR Critical Infrastructure Protection and Security Initiatives

1
THE ELECTRICITY SECTOR Critical Infrastructure
Protection and Security Initiatives

• International Facility Management Association
• October 21, 2005

2
Topics

• About NERC
• Critical Infrastructure Protection Committee
• Electricity Sector Security Initiatives
• Cyber Security Standards
• Security Guidelines
• Spare Equipment
• Control Systems
• ESISAC

3
What is NERC?

• NERC was formed in 1968
• NERC's mission is to ensure that the North
  American bulk electric system is reliable,
  adequate, and secure
• NERC now operates as a voluntary self-regulatory
  organization, relying on reciprocity, peer
  pressure and mutual self-interest
• The 2005 Energy Law provides comprehensive
  legislation that will give NERC as the Electric
  Reliability Organization (ERO) authority to
  enforce compliance with reliability standards

4
Electric Reliability Organization
Canada Alberta, British Columbia,
Manitoba, Ontario, New Brunswick, Nova Scotia,
Quebec, and Saskatchewan
United States Federal Energy Regulatory Commission
Mexico Comision Reguladora de Energia
Reliability Standards
Compliance Enforcement
Electric Reliability Organization
Regional Entities
Bulk Electric System Owners, Operators,
Users
Other ERO Members
5
Strengths of ERO Model

• Partnership between government and private sector
• Industry expertise, experience, technical
  competence
• Government oversight to assure fairness,
  openness, due process, accountability
• Recognizes international character of grid
• Interests from U.S., Canada, Mexico
• Develop single acceptable ERO solution

6
What Does NERC Do?

• Sets reliability standards
• Ensures compliance with reliability standards
• Provides education and training resources
• Conducts assessments, analyses and reports
• Facilitates information exchange and coordination
• Supports reliable system operation and planning
• Certifies reliability service organizations and
  personnel
• Coordinates critical infrastructure protection of
  the bulk electric system (ESISAC)
• Administers procedures for conflict resolution

7
North American Interconnections
8
MRO
13 RC
3 RC
1 RC
9
NERC Governance Structure

• Board of Trustees
• 9 independent members president
• 10 Member Regions
• Standing Committees
• Regional and sector representation
• Subject matter expertise

Board of Trustees
Stakeholders
Staff
Operating Committee
Planning Committee
CIP Committee
Compliance Certification Committee
Standards Authorization Committee
10
NERC Critical Infrastructure Protection Committee
(CIPC) Structure
Executive Committee Manage policy matters
regarding physical security, cyber security,
security operations provide support to working
groups and task forces serve as Electricity
Sector Coordinating Council with Pres/CEO NERC
Security Planning Improve the Electricity
Sectors ability to protect critical
infrastructure Security Guidelines WG Risk
Assessment WG Control Systems Security
WG Critical Spares TF PKI TF HEMP TF
Security Operations Develop maintain
Electricity Sector Information Sharing and
Analysis Center (ESISAC) capability to respond
to security threats incidents Outreach
WG Reporting Technologies WG Indications,
Analysis, Warnings WG IDS Pilot TF Grid
Monitoring TF
October 19, 2005
11
Electricity Sector Security Initiatives

• Respond to 2003 Blackout Recommendations
• Implement National Infrastructure Protection Plan
  for the Electricity Sector
• Electricity Sector Coordinating Council
• Vulnerability assessment
• Interdependencies
• Indications, Analysis Warnings Program
• Data/information exchange between ES and DHS
• Reporting technologies
• Threat Alert Levels Physical and Cyber
• Guidance for ES actions in response to Homeland
  Security Alert System

12
Electricity Sector Security Initiatives

• Cyber Security Standards
• Temporary standard in place permanent standard
  under development
• Security Guidelines
• Physical, Cyber, Data, etc.
• Critical Spares Project
• Control Systems Security
• High Altitude Electromagnetic Pulse
• Outreach Workshops
• International Electric Infrastructure Assurance
  Forum

13
Critical Assets

• Facilities, systems, and equipment which, if
  destroyed, degraded, or otherwise rendered
  unavailable, would affect the reliability or
  operability of the Bulk Electric System.

14
Cyber Security Standard 1200
Applies to reliability coordinators and balancing
authorities

• Requirements
• Cyber Security Policy
• Critical Cyber Assets
• Electronic Security Perimeter
• Electronic Access Controls
• Physical Security Perimeter
• Physical Access Controls
• Personnel
• Monitoring Physical Access
• Monitoring Electronic Access

• Information Protection
• Training
• Systems Management
• Test Procedures
• Electronic Incident Response Actions
• Physical Incident Response Actions
• Recovery Plans

15
Permanent Cyber Security Standard

• Requires critical cyber assets related to the
  reliable operation of the bulk electric systems
  be identified and protected
• Builds upon the concepts and requirements found
  in Cyber Security Standard 1200
• Includes process control and SCADA assets
  critical to grid reliability
• Provides additional detail to clarify technical
  requirements and compliance measures

16
Security Guidelines
17 recommended practices to mitigate risk

• Cyber Access Control
• Cyber IT Firewalls
• Cyber Intrusion Detection
• Cyber Risk Management
• Protecting Sensitive Info
• Securing Remote Access Process Control Systems
• Incident Reporting
• Physical Security Substations
• Patch Management for Control Systems
• Control System Business Network Electronic
  Connectivity

• Communications
• Emergency Plans
• Employment Background Screen
• Physical Security
• Threat Response
• Physical
• Cyber
• Vulnerability/Risk Assessment
• Continuity of Business Process

17
Spare Equipment Project

• NERC maintains a database of spare transformers
  may expand to include other critical spare
  equipment
• Defines spare equipment requirements, sharing
  protocols, acquisition, spares repositories
• Other participants EEI, EPRI, government
  agencies

18
Control Systems in Electricity Sector
System Operations Center
EMS
ICCP
Interconnected System Operations Center
SCADA
Telecom
Generating or Transmission Station
RTU
Protective Relays
BTG
Transmission Control
Data Sensors
DCS and PLC
19
Securing Control Systems

• NERC is working with the electricity sector,
  governments, other critical infrastructure
  sectors, control system vendors, and others to
• Evaluate vulnerabilities and solutions
• Assess risk
• Create plans to secure new systems
• Create plans to secure old systems
• Recognize a potential or actual attack
• Mitigate an attack on control systems

20
ESISAC

• Electricity Sector Information Sharing Analysis
  Center
• Share information within sector and with DHS and
  other agencies about real and potential threats
  and vulnerabilities
• Analyze information for trends, cross-sector
  dependencies, specific targets
• Coordinate with other ISACs
• ISAC Council
• Telecommunications Electric Power
  Interdependencies

21
http//www.esisac.com
22
(No Transcript)
23
Contacts

• NERC 609-452-8060
• ESISAC 609-452-1422
• Note Referenced materials and this presentation
  are available at
• http//www.esisac.com

TY