21
Telecom – NERC Extracts from NERC complete set of reliability standards dated Jan 2, 2020 March 5, 2020

Telecom –NERC

  • Upload
    others

  • View
    6

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Telecom –NERC

Telecom – NERCExtracts from NERC complete set of reliability standards

dated Jan 2, 2020

March 5, 2020

Page 2: Telecom –NERC

Guidelines and Technical Basis Page 49

• Rationale:• During development of this standard, text boxes were embedded within the standard to explain• the rationale for various parts of the standard. Upon BOT approval, the text from the rationale• text boxes was moved to this section.• Rationale for Requirement R1:• The requirement is intended to minimize the attack surface of BES Cyber Systems through• disabling or limiting access to unnecessary network accessible logical ports and services and• physical I/O ports.• In response to FERC Order No. 791, specifically FERC’s reference to NIST 800-53 rev. 3 security• control PE-4 in paragraph 149, Part 1.2 has been expanded to include PCAs and• nonprogrammable communications components. This increase in applicability expands the• scope of devices that receive the protection afforded by the defense-in-depth control included• in Requirement R1, Part 1.2.• The applicability is limited to those nonprogrammable communications components located• both inside a PSP and an ESP in order to allow for a scenario in which a Responsible Entity may• implement an extended ESP (with corresponding logical protections identified in CIP-006,• Requirement R1, Part 1.10). In this scenario, nonprogrammable components of the• communication network may exist out of the Responsible Entity’s control (i.e. as part of the• telecommunication carrier’s network).

Page 3: Telecom –NERC

EOP-008-2 – Loss of Control Center Functionality Pg 13

• Rationale• Rationale for Requirement R1: The phrase "data exchange capabilities" is replacing “data• communications in Requirement R1, Part 1.2.2 for the following reasons:• COM-001-1 (no longer enforceable) covered telecommunications, which could be viewed as• covering both voice and data. COM-001-2.1 (currently enforceable) focuses on "Interpersonal• Communication" and does not address data.• The topic of data exchange has historically been covered in the IRO / TOP Standards. Most• recently the revisions to the standards that came out of Project 2014-03 Revisions to TOP and• IRO Standards use the phrase "data exchange capabilities." The rationale included in the IRO-• 002-4 standard discusses the need to retain the topic of data exchange, as it is not addressed in• the COM standards.

Page 4: Telecom –NERC

FAC-001-3 — Facility Interconnection Requirements

• Requirement R3:• Originally the Parts of R3, with the exception of the first two bullets, which were added by the• Project 2010-02 drafting team, this list has been moved to the Guidelines and Technical Basis• section to provide entities with the flexibility to determine the Facility interconnection• requirements that are technically appropriate for their respective Facilities. Including them as• Parts of R3 was deemed too prescriptive, as frequently some items in the list do not apply to all• applicable entities – and some applicable entities will have requirements that are not included in• this list.• Each Transmission Owner and applicable Generator Owner should consider the following items• in the development of Facility interconnection requirements:• • Procedures for requesting a new Facility interconnection or material modification to an• existing interconnection• • Data required to properly study the interconnection• • Voltage level and MW and MVAR capacity or demand at the point of interconnection• • Breaker duty and surge protection• • System protection and coordination• • Metering and telecommunications

Page 5: Telecom –NERC

IRO-002-7 - Reliability Coordination -Monitoring and Analysis Pg 2

• R4. Each Reliability Coordinator shall provide its System Operators with the authority to approve planned outages and maintenance of its telecommunication, monitoring and analysis capabilities. [Violation Risk Factor: High] [Time Horizon: Operations Planning, Same-Day Operations, Real-time Operations]

• M4. Each Reliability Coordinator shall have, and provide upon request evidence that could include, but is not limited to, a documented procedure or equivalent evidence that will be used to confirm that the Reliability Coordinator has provided its System Operators with the authority to approve planned outages and maintenance of its telecommunication, monitoring and analysis capabilities.

Page 6: Telecom –NERC

IRO-002-7 - Reliability Coordination -Monitoring and Analysis Pg 6

Page 7: Telecom –NERC

IRO-002-7 - Reliability Coordination -Monitoring and Analysis Pg 23

Requirement R2Requirement R2 mandates that the RC perform reviews of all proposed new RAS and existing RAS proposed for functional modification, or retirement (removal from service) in its RC Area.

RAS are unique and customized assemblages of protection and control equipment. As such,they have a potential to introduce reliability risks to the BES, if not carefully planned, designed,and installed. A RAS may be installed to address a reliability issue, or achieve an economic or operational advantage, and could introduce reliability risks that might not be apparent to aRAS-entity(ies). An independent review by a multi-disciplinary panel of subject matter experts with planning, operations, protection, telecommunications, and equipment expertise is an effective means of identifying risks and recommending RAS modifications when necessary.

Page 8: Telecom –NERC

PRC-012-2 – Remedial Action Schemes Pg 34

• Requirement R2• Requirement R2 mandates that the RC perform reviews of all proposed new RAS and existing• RAS proposed for functional modification, or retirement (removal from service) in its RC Area.• RAS are unique and customized assemblages of protection and control equipment. As such,• they have a potential to introduce reliability risks to the BES, if not carefully planned, designed,• and installed. A RAS may be installed to address a reliability issue, or achieve an economic or• operational advantage, and could introduce reliability risks that might not be apparent to a• RAS-entity(ies). An independent review by a multi-disciplinary panel of subject matter experts• with planning, operations, protection, telecommunications, and equipment expertise is an• effective means of identifying risks and recommending RAS modifications when necessary.

Page 9: Telecom –NERC

PRC-012-2 – Remedial Action Schemes

• Technical Justifications for Attachment 1 Content• Supporting Documentation for RAS Review• To perform an adequate review of the expected reliability implications of a Remedial Action• Scheme (RAS), it is necessary for the RAS-entity(ies) to provide a detailed list of information• describing the RAS to the reviewing RC. If there are multiple RAS-entities for a single RAS,• information will be needed from all RAS-entities. Ideally, in such cases, a single RAS-entity will• take the lead to compile all the data identified into a single Attachment 1.• The necessary data ranges from a general overview of the RAS to summarized results of• transmission planning studies, to information about hardware used to implement the RAS.• Coordination between the RAS and other RAS and protection and control systems will be• examined for possible adverse interactions. This review can include wide-ranging electrical• design issues involving the specific hardware, logic,

Page 10: Telecom –NERC

PRC-012-2 – Remedial Action Pg 38

• Communications: Telecommunications Channels• Telecommunications channels used for sending and receiving RAS information between• sites and/or transfer trip devices should meet at least the same criteria as other relaying protection

communication channels. Discuss performance of any non-deterministic• communication systems used (such as Ethernet).• The scheme logic should be designed so that loss of the channel, noise, or other channel• or equipment failure will not result in a false operation of the scheme.• It is highly desirable that the channel equipment and communications media (power line• carrier, microwave, optical fiber, etc.) be owned and maintained by the RAS-entity, or• perhaps leased from another entity familiar with the necessary reliability requirements.• All channel equipment should be monitored and alarmed to the dispatch center so that• timely diagnostic and repair action shall take place upon failure. Publicly switched• telephone networks are generally an undesirable option.• Communication channels should be well labeled or identified so that the personnel• working on the channel can readily identify the proper circuit. Channels between• entities should b• Control Actions• RAS action devices may include a variety of equipment such as transfer trip, protective• relays, and other control devices. These devices receive commands from the logic• processing function (perhaps through telecommunication facilities) and initiate RAS• actions at the sites where action is required. e identified with a common name at all terminals.

Page 11: Telecom –NERC

PRC-012-2 – Remedial Action Pg 40

• Documentation describing the System performance resulting from a single component failure in the RAS, except for limited impact RAS, when the RAS is intended to operate. A single component failure in a RAS not determined to be limited impact must not prevent the BES from meeting the same performance requirements (defined in Reliability

• Standard TPL-001-4 or its successor) as those required for the events and conditions for which the RAS is designed. The documentation should describe or illustrate how the design achieves this objective. [Reference NERC Reliability Standard PRC-012, R1.3]

Page 12: Telecom –NERC

CIP-012-1 – Cyber Security –Communications between Control

Centers• Page 1 of 5

• A. Introduction

• 1. Title: Cyber Security – Communications between Control Centers

• 2. Number: CIP-012-1

• 3. Purpose: To protect the confidentiality and integrity of Real-time Assessment and

• Real-time monitoring data transmitted between Control Centers.

Page 13: Telecom –NERC

CIP-013-1 – Cyber Security - Supply Chain Risk Management

• Exemptions: The following are exempt from Standard CIP-013-1:

• 4.2.3.1. Cyber Assets at Facilities regulated by the Canadian Nuclear

• Safety Commission.• 4.2.3.2. Cyber Assets associated with

communication networks and data communication links between discrete Electronic Security Perimeters (ESPs).

• 4.2.3.3. The systems, structures,

Page 14: Telecom –NERC

COM-001-3 Communications

• 1. Title: Communications

• 2. Number: COM-001-3

• 3. Purpose: To establish Interpersonal Communication capabilities necessary to maintain reliability.

Page 15: Telecom –NERC

COM-001-3 Communications• 1. Rationale for Requirement R12:• The focus of the requirement is on the capabilities that an entity must have for the purpose of• exchanging information necessary for the Reliable Operation of the BES. That is, the entity must• have the capability to communicate internally by, “any medium that allows two or more• individuals to interact, consult, or exchange information.” The standard does not prescribe the• specific type of capability (i.e., hardware or software). The determination of the appropriate• type of capability is left to the entity. Regardless, the entity must have the capability to• exchange information whenever the internal Interpersonal Communications may directly• impact operations of the BES. Therefore, the applicable entities must have the capability to• exchange information between Control Centers of that functional entity. For example, a TOP• with multiple control centers that are geographical separated must have the capability to• communicate internally between or among those control centers. The communication• capability may occur through any medium that supports Interpersonal Communication, such as• land line telephone, cellular device, Voice Over Internet Protocol (VOIP), satellite telephone,• radio, or electronic message. Also, applicable entities must have the capability to exchange• information between a Control Center and field personnel. For example, a TOP system• operator providing instruction to a field personnel to perform a reliability activity, such as• switching Facilities.• In the course of normal control center operation, system operators within a single Control• Center communicate as needed to ensure the reliability of the BES, including face-to-face• communications. These internal communications are ongoing and occur throughout the day as• part of day-to-day operations. However, these types of communications are not the focus of• this requirement. The focus is on the capability of an entity to communicate internally where• face-to-face communications are not available.

Page 16: Telecom –NERC

COM-002-4 – Operating Personnel Communications Protocols

• Introduction• 1. Title: Operating Personnel Communications

Protocols• 2. Number: COM-002-4• 3. Purpose: To improve communications for the

issuance of Operating Instructions• with predefined communications protocols to reduce

the possibility of• miscommunication that could lead to action or inaction

harmful to the reliability of the• Bulk Electric System (BES).

Page 17: Telecom –NERC

EOP-004-4 – Event Reporting

• EOP-004 - Attachment 1: Reportable Events

• NOTE: Under certain adverse conditions (e.g. severe weather, multiple events) it may not be possible to report the damage caused by an event and issue a written event report within the timing in the standard. In such cases, the affected Responsible Entity shall notify parties per Requirement R2 and provide as much information as is available at the time of the notification. Submit reports to the ERO via one of the following: e-mail: [email protected], Facsimile 404-446-9770 or Voice: 404-446-9780, select

• Option 1.

• Submit EOP-004 Attachment 2 (or DOE-OE-417) pursuant to Requirements R1 and R2.

• Rationale for Attachment 1:

• System-wide voltage reduction to maintain the continuity of the BES: The TOP is operating the system and is the only entity that would implement system-wide voltage reduction.

• Complete loss of Interpersonal Communication and Alternative Interpersonal Communication capability at a BES control center: To align EOP-004-4 with COM-001-2.1. COM-001-2.1 defined Interpersonal Communication for the NERC Glossary of Terms as: “Any medium that allows two or more individuals to interact, consult, or exchange information.” The NERC Glossary of Terms defines Alternative Interpersonal Communication as: “Any Interpersonal Communication that is able to serve as a substitute for, and does not utilize the same infrastructure (medium) as, Interpersonal Communication used for day-to-day operation.”

• Complete loss of monitoring or control capability at a BES control center: Language revisions to: “Complete loss of monitoring or control capability at a BES control center for 30 continuous

Page 18: Telecom –NERC

EOP-004-4 – Event Reporting

• EOP-004 - Attachment 1: Reportable Events• NOTE: Under certain adverse conditions (e.g. severe weather, multiple events) it may not be possible to report the damage caused• by an event and issue a written event report within the timing in the standard. In such cases, the affected Responsible Entity shall• notify parties per Requirement R2 and provide as much information as is available at the time of the notification. Submit reports to• the ERO via one of the following: e-mail: [email protected], Facsimile 404-446-9770 or Voice: 404-446-9780, select• Option 1.• Submit EOP-004 Attachment 2 (or DOE-OE-417) pursuant to Requirements R1 and R2.• Rationale for Attachment 1:• System-wide voltage reduction to maintain the continuity of the BES: The TOP is operating the system and is the only entity that• would implement system-wide voltage reduction.• Complete loss of Interpersonal Communication and Alternative Interpersonal Communication capability at a BES control center: To• align EOP-004-4 with COM-001-2.1. COM-001-2.1 defined Interpersonal Communication for the NERC Glossary of Terms as: “Any• medium that allows two or more individuals to interact, consult, or exchange information.” The NERC Glossary of Terms defines• Alternative Interpersonal Communication as: “Any Interpersonal Communication that is able to serve as a substitute for, and does• not utilize the same infrastructure (medium) as, Interpersonal Communication used for day-to-day operation.”• Complete loss of monitoring or control capability at a BES control center: Language revisions to: “Complete loss of monitoring or• control capability at a BES control center for 30 continuous

Page 19: Telecom –NERC

IRO-002-7 - Reliability Coordination -Monitoring and Analysis

• A. Introduction• 1. Title: Reliability Coordination – Monitoring and

Analysis• 2. Number: IRO-002-7• 3. Purpose: To provide System Operators with the

capabilities necessary to monitor and analyze data needed to perform their reliability functions.

• 4. Applicability:• 4.1. Functional Entities:• 4.1.1. Reliability Coordinators• 5. Effective Date: See Implementation Plan

Page 20: Telecom –NERC

IRO-002-7 - Reliability Coordination -Monitoring and Analysis

• A. Introduction• 1. Title: Reliability Coordination – Monitoring and

Analysis• 2. Number: IRO-002-7• 3. Purpose: To provide System Operators with the

capabilities necessary to monitor and analyze data needed to perform their reliability functions.

• 4. Applicability:• 4.1. Functional Entities:• 4.1.1. Reliability Coordinators• 5. Effective Date: See Implementation Plan

Page 21: Telecom –NERC

Supplemental Material Pg 38

• Communications: Telecommunications Channels

• Telecommunications channels used for sending and receiving RAS information between sites and/or transfer trip devices should meet at least the same criteria as other relaying protection communication channels. Discuss performance of any non-deterministic communication systems used (such as Ethernet).

• The scheme logic should be designed so that loss of the channel, noise, or other channel or equipment failure will not result in a false operation of the scheme.

• It is highly desirable that the channel equipment and communications media (power line carrier, microwave, optical fiber, etc.) be owned and maintained by the RAS-entity, or perhaps leased from another entity familiar with the necessary reliability requirements.

• All channel equipment should be monitored and alarmed to the dispatch center so that timely diagnostic and repair action shall take place upon failure. Publicly switched telephone networks are generally an undesirable option.

• Communication channels should be well labeled or identified so that the personnel working on the channel can readily identify the proper circuit. Channels between entities should be identified with a common name at all terminals.


nerc prot coord

nerc prot coord

Documents
NERC CIP Version 5 Compliance | Simpli˜ed...NERC Compliance CIP & 693 Solution NERC CIP Version 5 Compliance | Simpli˜ed.Meeting NERC CIP v5 Head On The CIP version 5 standards represent

NERC CIP Version 5 Compliance | Simpli˜ed...NERC Compliance CIP & 693 Solution NERC CIP Version 5 Compliance | Simpli˜ed.Meeting NERC CIP v5 Head On The CIP version 5 standards represent

Documents
UK e-Science Program Core Centres 2001 (EPSRC) Research Council Pilot projects Godiva Ocean grid (NERC) Genie Earth System (NERC) e-Minerals (NERC)

UK e-Science Program Core Centres 2001 (EPSRC) Research Council Pilot projects Godiva Ocean grid (NERC) Genie Earth System (NERC) e-Minerals (NERC)

Documents
“NERC Hot Topics”

“NERC Hot Topics”

Documents
NERC Load Generating Reserves Reliability Control Standards. Martinez NERC Load... · NERC Load‐Generating Reserves Reliability Control Standards ... Nadir=59.954 Nadir=59.916=FreqCat

NERC Load Generating Reserves Reliability Control Standards. Martinez NERC Load... · NERC Load‐Generating Reserves Reliability Control Standards ... Nadir=59.954 Nadir=59.916=FreqCat

Documents
UKWRIP, NERC & UKWIR

UKWRIP, NERC & UKWIR

Documents
NERC Earth Observation Data Acquisition & Analysis Service The NERC Earth Observation Data Acquisition and Analysis Service (NEODAAS) is a NERC service

NERC Earth Observation Data Acquisition & Analysis Service The NERC Earth Observation Data Acquisition and Analysis Service (NEODAAS) is a NERC service

Documents
and Budget - NERC · NERC | 2021 Business Plan and Budget – Final | August 13, 2020 1 About NERC . Overview NERC is a not-for-profit entity organized under the New Jersey Nonprofit

and Budget - NERC · NERC | 2021 Business Plan and Budget – Final | August 13, 2020 1 About NERC . Overview NERC is a not-for-profit entity organized under the New Jersey Nonprofit

Documents
NERC MOH CS COVID UPDATE 31.12 - health.go.ke€¦ · Title: NERC MOH CS COVID UPDATE 31.12.2020 Author: CamScanner Subject: NERC MOH CS COVID UPDATE 31.12.2020

NERC MOH CS COVID UPDATE 31.12 - health.go.ke€¦ · Title: NERC MOH CS COVID UPDATE 31.12.2020 Author: CamScanner Subject: NERC MOH CS COVID UPDATE 31.12.2020

Documents
NERC Compliance Operations - WSPP€¦ · NERC Compliance Operations Michael Moon. ... NERC E&M. Processing. 271. NERC Legal. ... (Reliability Standards Audit Worksheets)

NERC Compliance Operations - WSPP€¦ · NERC Compliance Operations Michael Moon. ... NERC E&M. Processing. 271. NERC Legal. ... (Reliability Standards Audit Worksheets)

Documents
Meeting Notes - NERC

Meeting Notes - NERC

Documents
NERC Data Grid

NERC Data Grid

Documents
White Paper - NERC

White Paper - NERC

Documents
NERC - CIP (rev2)

NERC - CIP (rev2)

Documents
Lesson Learned - NERC

Lesson Learned - NERC

Documents
Comment Report - NERC

Comment Report - NERC

Documents
NERC TPL-001-4 Standard Overview - oasis.oati.com's_NERC... · NERC TPL-001-4 Standard Overview ... the NERC Standards Committee ... Infrastructure Protection and Operations and Planning

NERC TPL-001-4 Standard Overview - oasis.oati.com's_NERC... · NERC TPL-001-4 Standard Overview ... the NERC Standards Committee ... Infrastructure Protection and Operations and Planning

Documents
NERC Policies

NERC Policies

Documents
Cold Weather - NERC

Cold Weather - NERC

Documents
Mofing Poster - NERC

Mofing Poster - NERC

Documents
NERC MOD B: Proposals and discussion regarding improvements to NERC Reliability Standards MOD-010 through MOD-015 Steven Noess, NERC Standards Developer

NERC MOD B: Proposals and discussion regarding improvements to NERC Reliability Standards MOD-010 through MOD-015 Steven Noess, NERC Standards Developer

Documents
NERC Report

NERC Report

Documents
RRS Discovery - NERC

RRS Discovery - NERC

Documents
NERC ROBOT PRESENTATION.pdf

NERC ROBOT PRESENTATION.pdf

Documents
The NERC Metadata Gateway: a product of the NERC DataGrid

The NERC Metadata Gateway: a product of the NERC DataGrid

Documents
CIP-014 - Home - FRCC Home & CIP-006 Threat Vulnerability ... (reference NERC CIP-014, page 9) NERC Visit •NERC SRP and NERC Physical Security Group representative and FRCC team

CIP-014 - Home - FRCC Home & CIP-006 Threat Vulnerability ... (reference NERC CIP-014, page 9) NERC Visit •NERC SRP and NERC Physical Security Group representative and FRCC team

Documents
Risk Areas - NERC

Risk Areas - NERC

Documents
NERC CIP Compliance

NERC CIP Compliance

Documents
NERC CIP Information Protection - StarChapter...NERC CIP Information Protection 1 Eric Ruskamp Manager, Regulatory Compliance September 13, 2017 Agenda NERC History NERC Compliance

NERC CIP Information Protection - StarChapter...NERC CIP Information Protection 1 Eric Ruskamp Manager, Regulatory Compliance September 13, 2017 Agenda NERC History NERC Compliance

Documents
Theme 2011 Nerc

Theme 2011 Nerc

Documents