By Rich Heidorn Jr.
FERC on Thursday proposed changes to NERC’s draft critical infrastructure protection (CIP) standard addressing the cybersecurity of real-time communications between control centers.
The Notice of Proposed Rulemaking, which builds on a proposal by NERC, seeks comment on requiring the electric reliability organization to add protections on the availability of communication links and data communicated between control centers. It also sought comment on requiring NERC to clarify the types of data that must be protected (RM18-20).
NERC proposed standard CIP-012-1 in response to FERC Order 822 (RM15-14), issued in 2016. In addition to approving seven modified CIP standards, FERC’s order directed NERC to require responsible entities to implement controls to protect communications links and sensitive data communicated between control centers. (See FERC Postpones Action on Supply Chain Protections.)
The order acknowledged that not all communication network components and data require the same level of protection because they pose different risks to bulk electric system reliability. As a result, NERC said its standards drafting team focused on the types of real-time data a control center will communicate and whether their compromise would pose a high risk to grid reliability.
NERC proposed exempting operational planning analysis data used in next-day operations, saying if there is a risk such data have been compromised, the responsible entity can verify the data prior to any impact on real-time operations. Although “an operational planning analysis factors into how an entity operates, there is less of a risk that an entity would act on compromised data from an operational planning analysis given it will base its operating actions on real-time inputs,” NERC said.
Also exempt are oral communications, which are covered by standard COM-001-3.
NERC’s proposed standard would apply to balancing authorities, generator operators, reliability coordinators, transmission operators and transmission owners that operate control centers. It would require them to identify security protections, where they are applied and the responsibilities of each entity for control centers owned or operated by different entities.
FERC’s NOPR called NERC’s proposal “largely responsive” to Order 822, saying it supports situational awareness and reliability by requiring rules to prevent the unauthorized disclosure or modification of real-time assessment and monitoring data transmitted between control centers.
But the commission said NERC’s proposal may not address all cybersecurity risks, saying it does not require protections regarding the availability of communication links and data. The commission said it disagreed with NERC’s contention that the issue of data availability is adequately covered by standards IRO-002-5 and TOP-001-4.
The commission said those two standards only require redundant and diversely routed data exchange infrastructure within control centers, not between them.
It also said the standard must be revised to add a definition of “real-time monitoring,” which is not spelled out in the standard or the NERC Glossary.
FERC said NERC has “broadly defined” real-time assessments, which RCs and transmission operators must perform every 30 minutes to identify any actual or potential exceedances of system operating limits or interconnection reliability operating limits.
But it said “real-time monitoring is not defined at all.”
“We are concerned that without further clarity, reliability standard CIP-012-1 may be implemented and enforced in an inconsistent manner,” the commission said.
Comments on the NOPR are due 60 days from publication in the Federal Register.