Bryan Owen

2-May-2012 NERC Updates

Blog Post created by Bryan Owen on May 2, 2012

Spring has sprung in most of the US and so have a plethora of bulletins from NERC – the North American Electric Reliability Corporation.


I suspect NERC is off the radar for many in the vCampus community. So as creators of cool apps for the PI System, I thought you might appreciate a roundup of recent updates from NERC.  After all the North American grid is often touted as the biggest machine ever created by humans. With that awesome factoid we can expect to find some points of interest and targets for your next innovations.


The first update topic involves the NERC critical infrastructure protection (CIP) standards. Revision 4 of the standard is now law per FERC order 761. This revision codifies “bright line” criteria on what assets are considered critical to the bulk electric system. The new criteria results in about about 29% of the installed US generation capacity designated as critical (version 4 adds about 146 generators).


Critical assets are then reviewed for critical cyber assets (CCAs) like industrial control systems with external routable connectivity. CCAs and nodes on the same network are subject to the NERC CIP requirements which include a strict auditing regime.


One of the most recent rulings from NERC involves a clarification on remote access (NERC Project 2009-26). In short, remote access creates a significant compliance burden under the existing rules. My advice for solution developers: build as much instrumentation into your application as you can.  To reuse a comment made at the UC, it is much easier to bring the bits to the experts than it is for experts to have access to critical systems.


Also buried in FERC order 761 are strong reminders to NERC to continue fixing other deficiencies in the CIP standard.  Version 5 is currently in a 2nd ballot and comment phase.  A fundamental change in version 5 is adoption of High and Medium asset classifications (everything else is considered Low). Essentially ‘everything’ will be in scope. The version 5 drafting team is also working on details in the standard that have proven to be problematic in practice.


While obvious changes are needed it is far from clear if the CIP standards are heading in the right direction to improve grid reliability. I make this comment in context of the Arizona-Southern California Outage report just released by NERC.


More than 100 notable events occurred in less than 11 minutes on September 8, 2011 that left over a million people in the dark. The report especially highlights the importance of prior planning because there was so little time for operators to react. Like the 2003 outage, automated protection systems using very conservative settings is one of the reasons operators were unable to prevent the cascading affect. In this case some of the protection schemes were found to no longer serve a valid purpose. If you are an engineer, I think you’ll enjoy reading the entire report. Otherwise, jump to appendix B and C for a quick look at the findings.


Like NERC CIP, one of the biggest challenges is knowing what parts of the bulk electric grid are critical at any given time (and understanding what that means operationally). For power grid reliability the path forward includes using more real time data and simulations tools.


Why should security be any different?