Post on 23-Dec-2015
1
ERCOT/TRE Representation to NERC CIPCfor
TRE Members’ Representative Committee
Jim Brenton CISSP, ISSAP, Vice Chair NERC CIP CommitteeDavid Grubbs, PE, NERC CIPC Executive Committee
June 27, 2012
2
Critical Infrastructure Protection Committee (CIPC)
CIPC MissionAdvance the physical and cyber security of the critical electricity infrastructure of North America.
CIPC VisionFoster information sharing, provide industry leadership and a forum for exchanging ideas and promote dialogue on key issues critical Infrastructure protection of the Bulk Electric System.
CIPC Guiding PrinciplesContinue to strive for excellence in:– Maintain relationship with and promote information sharing with other
committees – Maintain high level of expertise – Align priorities with ERO and across the other standing committees – Ensure CIPC resources are efficiently used
3
CIPC Charter Voting Structure
CIPC(Total of 30 Voting Members)
NERC Regions(24 Total Votes)
ERCOT(3 Votes)
FRCC(3 Votes)
MRO(3 votes)
RFC(3 Votes)
SERC(3 votes)
SPP(3 Votes)
WECC(3 Votes
NPCC(3 Votes)
APPA(2 Votes)
NRECA(2 Votes)
CEA(2 Votes)
4
NERC CIPC Executive Committee Voting Structure
Charles Abell, Ameren
ChairVoting
Non-Voting Members
APPACEAEEI
EPSAIRC
NRECA
Immediate Past Chair
NERC Staff
Voting Members
Ross Johnson, Capital PowerMark Childs, Great River EnergyDavid Grubbs, City of Garland
Carl Eng, Dominion
Jim Brenton, ERCOT
Vice ChairVoting
Nathan Mitchell, APPA
Vice ChairVoting
5
NERC CEO’s Top Priority Issues for BES Reliability
Top Priority NERC CEO-Directed Task Forces• Spare Equipment Database Task Force (PC/OC)• Geomagnetic Disturbance Task Force (PC/OC/CIPC)• Severe Impact Resilience Task Force (OC/PC/CIPC)• Cyber Attack Task Force (CIPC)
CIPC Committee• Cyber Attack Task Force Non-traditional threats via cyber security
vulnerabilities formed with standing committee’s cyber expertise
CIPC Support to Operating and Planning Committees• Geomagnetic Disturbance Task Force ― Assist Operating and Planning
Committees (lead committees) by soliciting participants from CIPC• Severe Impact Resilience Task Force ― Solicit and encourage CIPC
member participation on OC task force
6
NERC CIPC Areas of Strategic Focus
1. Advisory Panel Serve as an expert advisory panel to the NERC Board of Trustees, Electric Sub-sector Coordinating Council (ESCC) and Standing Committees in the areas of physical and cyber security. Serve as an expert advisory panel to the Electricity Sector Information Sharing and Analysis Center (ES-ISAC).
2. NERC AlertsCIPC will utilize the expertise of its members and NERC staff, as well as the CIPC Executive Committee to support the timely review, coordination and dissemination of industry alerts and informational responses.
3. Guidelines and Technical ReportsCIPC will develop and maintain guidelines and technical reports on CIP matters and provide technical support to standard drafting teams (SDTs).
4. Standards and Compliance Input CIPC will support the NERC Compliance initiatives by providing timely topical expertise on matters related to cyber and physical security. CIPC will also develop and submit Standard Authorization Requests (SARs) on CIP matters as needed.
7
NERC CIPC Areas of Strategic Focus -- 2
5. BES Security MetricsCIPC will utilize the expertise of its members, NERC staff and others to provide direction, technical oversight, feedback on the collection of industry metrics, and reporting of Bulk Electric System security performance metrics.
6. Electric Sector Security ClearancesCoordinate with the Department of Homeland Security to determine and recommend appropriate U.S. Government security clearances to be available to members of the CIPC and other industry subject matter experts.
7. Support to Energy Sector Control Systems Working Group (ESCS WG) “Roadmap to Achieve Energy Delivery Systems Cyber Security”CIPC will encourage industry support of The Roadmap to Achieve Energy Delivery Systems Cyber Security prepared by the ESCS WG.
8. Public-Private Partnership for Information SharingSupport of the ESCC is Goal #1: “Enhance situational awareness within the electricity sub-sector and with government through robust, timely, reliable, and secure information exchange”. CIPC will collaborate with ESCC to identify information sharing protocols and enhance information sharing of actionable information between government and industry.
8
NERC CIPC Areas of Strategic Focus -- 3
9. Emerging IssuesCIPC will utilize the expertise of members and NERC staff to identify emerging issues and take timely and appropriate action.
10. Focus on Balanced Approach in Bulk Electric System SecurityCIPC will emphasize a balanced cyber, physical and operational security approach on each task force or working group.
11. Analysis of Security Incidents Impacting the Bulk Electric SystemCIPC will coordinate with Operating and Planning Committees on developing a mechanism for identification and analysis of security incidents impacting Bulk Electric System
9
NERC CIPC Areas of Strategic Focus -- 4
12. CIP Training and Educational OutreachCIPC will provide meeting attendees with an opportunity to participate in physical, cyber and operational security training and educational outreach opportunities.
13. Framework for Board of Trustees/ESCC/CIPC RelationshipCIPC will work with and support the NERC Board of Trustees and ESCC as requested.
14. CIPC Member InvolvementsCIPC will utilize the expertise of the committee members by providing opportunities to participate in CIPC activities.
10
NERC CIPC – What it is not
• Does not address or comment on NERC Standards (all Standards Drafting Teams report to NERC Standards Committee)
• Does not develop SARs• Does not make recommendations on Legislation (although
generally receives a report on the status of legislation)• Generally avoids most compliance and enforcement issues,
but does write whitepapers on how to implement CIP standards
NERC CIPC concentrates on BES Security and Reliability not Compliance
11
NERC CIP Committee Subgroups
CIPC Executive Committee
Physical Security Subcommittee
Cyber Security Subcommittee
Operating Security Subcommittee
Policy Subcommittee
Protecting Sensitive Information TF
Physical Security Analysis WG
Physical Security Training WG
Control Systems Security WG
Cyber Security Analysis WG
Cyber Security Training WG
Information Sharing TF
HILF Implementation TF
NERC GridExercise WG
Cyber Attack TF
BES Security Metrics WG
Personnel Security Clearance TF
Compliance & Enforcement Input
WG
Physical Security Guideline TF
2012
2013
Existing
12
NERC CIPC Physical Security Subcommittee
– Subcommittee Chair: David Grubbs, (Garland/TRE)– Existing
• Protecting Sensitive Information TF• Chair: Nathan Mitchell, (APPA Staff)
• Physical Security Guideline TF• Chair: John Breckinridge, (KCP&L/SPP)
– New• Physical Security Analysis WG• Chair: Ross Johnson, (Capital Power/CEA)
– Future• Physical Security Training WG
Physical Security Subcommittee
Protecting Sensitive Information
TF
Physical Security Analysis
WG
Physical Security Training
WG
Physical Security Guideline
TF
13
NERC CIPC Cyber Security Subcommittee
– Subcommittee Chair: Marc Childs, (Great River Energy/MRO)– Existing
• Control System Security WG• Chair: Mark Engels, (Dominion/RFC)
• Cyber Attack TF• Chair: Mark Engels, (Dominion/RFC)
– New• Cyber Events Analysis WG• Chair: Stephen Diebold, (KCP&L/SPP)
• Cyber Security Training WG• Chair: William Whitney, (Garland/TRE)
Cyber Security Subcommittee
Control System Security
WG
Cyber Security Analysis
WG
Cyber Security Training WG
Cyber Attack TF
14
NERC CIPC Operating Security Subcommittee
– Subcommittee Chair: Carl Eng (Dominion/RFC)– New
• Information Sharing TF• Chair: Steve Diebold, (KCP&L/SPP)
• HILF Implementation TF• Chair: Bill Muston (Oncor/TRE)
– Future• NERC GridSec Exercise WG
Operating Security Subcommittee
Information Sharing TF
HILF Implementation
TF
GridSec Exercise WG
15
NERC CIPC Policy Subcommittee
– Subcommittee Chair: Nathan Mitchell (APPA Staff)– New
• BES Security Metrics WG• Chair: Jamie Sample (PG&E/WECC)
• Personnel Security Clearance TF• Chair: Jim Brenton (ERCOT/TRE)
– Future• Compliance & Enforcement Input WG
Policy Subcommittee
BES Security Metrics WG
Personnel Security Clearance TF
Compliance & Enforcement Input
WG
16
Voting Members on NERC CIP Committee
• David Grubbs / Operations & Physical, Garland – Director Regulatory Affairs & Compliance – Chairman of ERCOT CIP Working Group– Member of NERC CIPC for 4 years– Member of NERC CIPC Executive Committee – 2 years– Chairman of NERC CIPC Physical Security Subcommittee– Member of NERC SIRTF Executive Committee– Member of NERC Physical Protection Guidelines Committee – Member of NERC HILF Implementation Task Force– Participated in 2012 DoD Defense Industrial Base Study of DFW
power restoration– Member ERCOT TAC, 1987-1996, 2010-present– Member ERCOT Board of Directors, 1994-2001– Past Chair ERCOT Network Data Support WG– Past Chair ERCOT Power Interchange Effects WG– Past Chair ERCOT Operating Guides Revision TF– U.S. Gov //SECRET// Clearance
17
Voting Members on NERC CIP Committee
• William Whitney / Cyber, Garland – Manager Operations Technical Services– Vice Chairman of ERCOT CIP Working Group– Newly selected NERC CIPC by ERCOT CIP WG in 2012– Member of NERC CIPC Cyber Attack Task Force – Member of NERC CIPC Personal Security Clearance Task Force– Member of DHS/US-CERT ICSJWG Workforce Development
Subgroup– Chair of NERC CIPC Cyber Security Training Working Group– U.S. Gov //SECRET// Clearance
18
Voting Members on NERC CIP Committee—continued
• Jim Brenton / Cyber, ERCOT – Principal & Regional Security Coordinator– ERCOT Representative to NERC CIPC – 6+ years– NERC CIPC Vice Chairman – One year– Member of NERC CIPC Executive Committee – 3+ years– Chairman of NERC CIPC Personal Security Clearance Task Force– Member of NERC CIPC Bulk Electric System Security Metrics Working Group– Chairman, TX Private Sector Advisory Council for CI/KR Protection to the Governor – Co-founder & ERCOT Staff Facilitator ERCOT CIP Working Group – 6 years– Member of ISO/RTO Council Security Working Group – 6+ years– Member of DoE Advisory Council for Electricity Sector Cybersecurity Capability Maturity
Model (ESC2M2) Pilot Initiative requested by the White House Cyber Security Advisor to the President and the National Security Council – May 2012
– Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration– Member of the Government/Industry Task Force that prepared classified report on
Remote Network Security Vulnerabilities for NERC in Feb 2010– Member of DoE Energy Sector Control Systems Working Group that prepared the 2011
DoE “Roadmap for Energy Delivery Systems Cybersecurity”– Member of NERC/NIST/DoE/Industry team that prepared the DoE “Cybersecurity Risk
Management Process Guideline” for the Electricity Subsector in 2011– Member of NERC CIP Standards Drafting Team (2008-2011)– U.S. Government //SECRET// Clearance
19
ERCOT Alternates for NERC CIP Committee
Alternates Listed on NERC Roster:
• Ann Delenela / Cyber, ERCOT Director of Security– Alternate for 6+ years– U.S. Gov //SECRET// Clearance
• Christine Hasha / Cyber, ERCOT Senior Compliance Analyst– Alternate for 2+ years– Member of NERC CIP Standards Drafting Team
• Martin Narendorf / Physical, CenterPoint Director, Substation Operations– Alternate for 3+ years
• Bill Muston / Cyber, Oncor Manager, Research & Development– Alternate for 6+ years– Co-founder and member of ERCOT CIPWG – 6 years– U.S. Gov //SECRET// Clearance
• Elias A. Villanueva / Operations, ERCOT Supervising Engineer, System Operations– Alternate for 6+ years
• Scott Rosenberger / Cyber, EFH Director, Security & Compliance– Former NERC CIPC Voting Member 2 years and Alternate for 3+ years– Former Vice Chairman ERCOT CIP WG – 2 years – Member of NERC CIP Standards Drafting Team – 5 years– U.S. Gov //SECRET// Clearance
20
Proposed Criteria for Consideration for NERC CIPC Representatives from TRE/ERCOT
• Active in ERCOT CIP Working Group Meetings and Activities• Active in NERC CIPC Working Groups, Task Forces or NERC CIP
Standards Drafting Teams• Recognized expertise and/or certification in at least one of the
following security areas:– Cyber Security; Physical Security; Control System/SCADA
Security; Operational Security; and, Security Policy, Regulations and Standards
• Company commitment for time and travel expense of participating in 8-10 out of town NERC CIPC/TF/WG meetings, two classified briefings per year, in addition to 10-12 ERCOT CIP WG meetings in Austin
• US Government //SECRET// or higher Security Clearance sponsored by the DHS, DoE, DoD, DoJ/FBI, or other Federal Department or Agency for access to Classified National Security Information related to the protection of Critical Infrastructure.
21
Questions and Discussion