standards
play

Standards Information session January 15, 2015 Direction Contrle - PowerPoint PPT Presentation

Nov 21, 2023 •262 likes •678 views

Project QC-2014-02 Public consultation on CIP Version 5 Standards Information session January 15, 2015 Direction Contrle des mouvements d'nergie Webinar Outline (instructions) Please mute your telephone during the entire webinar.

  1. Project QC-2014-02 Public consultation on CIP Version 5 Standards Information session January 15, 2015 Direction – Contrôle des mouvements d'énergie

  2. Webinar Outline (instructions) Please mute your telephone during the entire • webinar. To ask a question: • – Press the “ Lever la main ” (EN: Raise hand ) button in the toolbar. – The presenter will give you the floor during the question period. After the webinar, a summary transcription of • questions and answers will be published on the Reliability Coordinator consultation Web site. The PowerPoint presentation will also be available on • the same site in both French and English. 2

  3. Presentation Overview Introduction • – Meeting Objectives – Files Currently Before the Régie – Consultation Process Project QC-2014-02 • – Introduction to Cyber Security – Applicability of Version 5 CIP Standards – Proposed Standards (CIP-002 to CIP-011) – Effective Dates – Assessing Impact Next Steps • Q & A • 3

  4. Meeting Objectives Review reliability standards in Québec • Present the proposed standards • Provide information on the consultation process • Respond to your questions • Present the next steps • Not covered: • Issues affecting files currently before the Régie de l’énergie 4

  5. Files Currently Before the Régie File R-3699-2009 (Phase I) : • – 43 standards adopted to date (effective date TBD) – 12 standards come into force April 1, 2015 (only apply to the Coordinator and not sanctionable) – Awaiting final decision File R-3699-2009 (Phase II) • – The second agreement between the Régie, NPCC and NERC; signed September 24, 2014 – RPCQ and PSCQ were merged into a single document, the PSCAQ, pubished October 10 by the Régie – The updated Sanction Guide was filed on November 24 File R-3906-2014 (Project QC-2014-01) • – New request for adoption of 6 standards filed in August in accordance with decision D-2014-048 5

  6. Consultation Process Consultation process approved by the Régie de • l’énergie in decision D-2011-139 Prior to submitting new reliability standards, the • Coordinator must: – Advise registered entities of the reliability standards – Gather feedback from registered entities and respond to them, whenever possible – Assess impact of the standards on the entities 6

  7. Consultation Process (cont’d) Main Steps: Send consultation notice • Publish proposed standards and supporting documents • Hold period for feedback during which the entities may: • – Comment on the standards and supporting documents – Submit assessment of financial impact of proposed standards on their activities Answer feedback • Hold additional periods for feedback, as needed • File with the Régie • 7

  8. Projet QC-2014-02 Critical Infrastructure Protection Standards – CIP Version 5 8 Direction – Contrôle des mouvements d'énergie

  9. Energy sector: Critical infrastructure IT and Telecom Government Finance Water Food Health Safety Energy and Manufacturing utilities Transport 9 Hydro-Québec 9

  10. Threats 4 Components Actor Motive Vectors Targets > Activists > Greed or profit > Social engineering > Confidential information > Criminals or organized > Vengeance, anger or > Malware, pirating, > Intellectual property crime rage botnets > Goods or revenue > Disgruntled employees > Coercion (blackmail) > Pressure tactics > Strategic assets > Radicalized individuals > Pride > Break-in > Reputation > Lone wolves > Ideology or patriotism > Weapons, explosives, > Power system tools, vehicles > Terrorist organizations > Personal safety > Civil disobedience > Countries, states and > Network or ICT systems companies

  11. Increased exposure Technological Physical Exposure security risks security risks Time 11 Hydro-Québec

  12. Introduction to cyber security and physical protection of infrastructure Relevance • Technical evolution • Computer components • Interconnected smart devices • Next-generation telecommunications networks • Increased risk • New attack vectors • Larger attack surface • Increasingly sophisticated adversaries • Greater potential impact • Interconnected cyber assets • Use of control and protection systems • Coordinated attacks that target multiple vulnerabilities • Event at Metcalf substation in California 12

  13. Introduction to cyber security and physical protection of infrastructure (cont’d) Version 5 CIP Standards • Based on best practices and increased experience in computer security – NIST – ISO27002 – Evolution of previous versions (CIP v1 to v3) • Categorizes impact of electronic systems on the power generation and transmission system (“Low”, “Medium” or “High”) • Allows systems to be properly secured based on actual impact • Includes classes of administrative, logical and physical controls for prevention, detection and correction 13

  14. Proposed Reliability Standards CIP-002-5.1 – BES Cyber System Categorization • CIP-003-5 – Security Management Controls • CIP-004-5.1 – Personnel and Training • CIP-005-5 – Electronic Security Perimeters • CIP-006-5 – Physical Security of BES Cyber Systems • CIP-007-5 – Systems Security Management • CIP-008-5 – Incident Reporting and Response Planning • CIP-009-5 – Recovery Plans for BES Cyber Systems • CIP-010-1 – Configuration Change Management and Vulnerability • Assessments CIP-011-1 – Information Protection • 14

  15. New Terms Definitions to add to glossary • – Interactive Remote Access – Electronic Access Point – BES Cyber Asset – BES Cyber System – Intermediate System – Protected Cyber Assets (PCA) – CIP Senior Manager – Physical Access Control Systems (PACS) – Control Center – Electronic Access Control or – CIP Exceptional Circumstance Monitoring Systems (EACMS) – External Routable Connectivity – Dial-up Connectivity – Reportable Cyber Security Incident – BES Cyber System Information 15

  16. Applicability of Version 5 CIP Standards • Applicability section shared across the 10 Version 5 CIP standards (except exemptions) • Functions: – Balancing Authority (BA) – Distribution Provider (DP)* – Generator Operator (GOP) – Generator Owner (GO) – Interchange Authority (IA) – Reliability Coordinator (RC) – Transmission Operator (TOP) – Transmission Owner (TO) * Reduced applicability for distributors 16

  17. Applicability of Version 5 CIP Standards (cont’d) • Québec facilities: – Main transmission system facilities (RTP) – Facilities of Distribution Providers specified in the standards – Control Centers that meet the definition • RTP applicability (instead of BES) shown in the Québec Appendix to each standard 17

  18. Applicability of Version 5 CIP Standards (cont’d) • Only Distributors that own the following facility types: – Load-shedding system that is part of a load- shedding program subject to a NERC or NPCC standard AND with a load-shedding capacity of 300 MW or more – Special Protection System (SPS) or Remedial Action Scheme (RAS) subject to a NERC or NPCC standard – Transmission protection system subject to a NERC or NPCC standard – Components of cranking path for system restoration 18

  19. Applicability of Version 5 CIP Standards (cont’d) • Exemptions: – Facilities regulated by the CNSC 1 – Cyber Assets associated with communication networks and data communication links between discrete Electronic Security Perimeters (ESP) – Entities that identify that they have no BES Cyber Systems according to CIP-002 are exempted from application of the CIP-004 and CIP-011 standards. 1: Canadian Nuclear Safety Commission 19

  20. CIP-002-5.1 BES Cyber System Categorization • BES Cyber System categorization by facility impact • Each entity subject to the Applicability section must meet the following requirements: – Requirement 1: • System identification and categorization process according to Appendix 1 of the standard – Requirement 2: • Review the list at least once every 15 calendar months and have it approved 20

  21. CIP-002-5.1 BES Cyber System Categorization Summary of Appendix 1 criteria for identifying applicable assets • High Impact (1.1 to 1.4): BES Cyber Systems used and located at any of the following – RC Control Center – BA Control Center HQT only – TOP Control Center – GOP Control Center associated with a Medium Impact asset 21

  22. CIP-002-5.1 BES Cyber System Categorization • Medium Impact (2.1 to 2.13): BES Cyber System associated with any of the following – Generation resources of 1500 MW or more – Reactive resources of 1000 Mvar – Generation Facilities designated by the PC – Transmission Facilities operated at 500 kV or higher – Transmission Facilities operated between 200 kV and 500 kV – Generation or Transmission Facilities designated by the RC, PC or TP for derivation of IROLs – Transmission Facilities that connect the output of a generating station identified in 2.1 or 2.3 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Standards (code and otherwise) often talk about code standards, but many teams also use

Standards (code and otherwise) often talk about code standards, but many teams also use

Standards (code and otherwise) often talk about code standards, but many teams also use document standards, version control standards, bug reporting standards, process standards, etc goal is to reduce confusion, errors, omissions in

529 views • 5 slides
Standards in HEAnet Standards in HEAnet The great thing about standards is that there are so

Standards in HEAnet Standards in HEAnet The great thing about standards is that there are so

Standards in HEAnet Standards in HEAnet The great thing about standards is that there are so many to choose from Rachael Holt & Gareth Eason, HEAnet for TF-NOC, Zrich, 2011-06-28 Agenda Advantages of standards? What

362 views • 23 slides
Changes to Storage Standards The great thing about standards is that there are so many to

Changes to Storage Standards The great thing about standards is that there are so many to

Changes to Storage Standards The great thing about standards is that there are so many to choose from! Douglas Gilbert Linux File System + IO Workshop San Jose, February 2007 Standards shops t10.org SCSI command sets &

123 views • 8 slides
Beyond Speci fi cations: Looking at the Big Picture of Standards Arle Lommel, Standards

Beyond Speci fi cations: Looking at the Big Picture of Standards Arle Lommel, Standards

Beyond Speci fi cations: Looking at the Big Picture of Standards Arle Lommel, Standards Coordinator Globalization and Localization Association The GALA standards initiative promotes the e ff ective use of standards for international and

272 views • 15 slides
Apprenticeship Standards Trailblazer What are Apprenticeship Standards? Employer led

Apprenticeship Standards Trailblazer What are Apprenticeship Standards? Employer led

Apprenticeship Standards Trailblazer What are Apprenticeship Standards? Employer led and designed Apprenticeship Standards and Assessment Plans Must set out the requirements for full Occupational Competence Focused on the

281 views • 27 slides
Genomic Knowledge Standards (GKS) genomicsandhealth.org Genomic Knowledge Standards GKS aims

Genomic Knowledge Standards (GKS) genomicsandhealth.org Genomic Knowledge Standards GKS aims

Genomic Knowledge Standards (GKS) genomicsandhealth.org Genomic Knowledge Standards GKS aims to develop, adopt, and adapt standards to enable the exchange of genomic knowledge Establish framework of standards that lower barriers to

223 views • 4 slides
Standards Australia Update Standards Australia Technical Governance Review Today

Standards Australia Update Standards Australia Technical Governance Review Today

Standards Australia Update Standards Australia Technical Governance Review Today Digital Transformation Update Incubator Young Leaders About Standards Australia Nation's peak non-government, not-for-profit Standards

475 views • 25 slides
HOW STANDARDS BENEFIT MSMEs NATIONAL STANDARDS CENTRE MINISTRY OF ENERGY , MANPOWER AND INDUSTRY

HOW STANDARDS BENEFIT MSMEs NATIONAL STANDARDS CENTRE MINISTRY OF ENERGY , MANPOWER AND INDUSTRY

HOW STANDARDS BENEFIT MSMEs NATIONAL STANDARDS CENTRE MINISTRY OF ENERGY , MANPOWER AND INDUSTRY WHAT ARE STANDARDS? Standards are documents that set out specifications, procedures and guidelines that aim to ensure products, services, and

310 views • 9 slides
Standards for Biothreat Detection Standards Development in Response to Terrorism Threats ANSI

Standards for Biothreat Detection Standards Development in Response to Terrorism Threats ANSI

Standards for Biothreat Detection Standards Development in Response to Terrorism Threats ANSI Homeland Security Standards Panel Tenth Annual Plenary Meeting: Achievements from the Past Decade and Charting the Path Forward November 9, 2010

385 views • 12 slides
2010 Standards 2010 Standards at ADA.gov Applies... New Construction Alterations

2010 Standards 2010 Standards at ADA.gov Applies... New Construction Alterations

9/4/2015 DOJs 2010 ADA Standards Overview of the Appendices B and D 2010 ADA Standards to 36 CFR part 1191 (2009) -- 2004 ADA for Accessible Design for Accessible Design Guidelines... and the requirements contained in 35.151 and

554 views • 17 slides
ASHRAE 90.1 .1 Standard and Energy Modeling Standards Developing standards since 1922

ASHRAE 90.1 .1 Standard and Energy Modeling Standards Developing standards since 1922

Michelle Farrell Sustainability Chair ASHRAE 90.1 .1 Standard and Energy Modeling Standards Developing standards since 1922 Some 130 active standard or guideline projects Standards are reviewed and republished to ensure they are

302 views • 19 slides
Phil Owen Director of Professional Standards Trading Standards Institute Leading the Trading

Phil Owen Director of Professional Standards Trading Standards Institute Leading the Trading

Phil Owen Director of Professional Standards Trading Standards Institute Leading the Trading Standards Profession Introduction Consumer Landscape Implementation The Trading Standards Institute Trading Standards Practitioner

226 views • 19 slides
Com m on Core State Com m on Core State Standards Standards Student Achievement Committee

Com m on Core State Com m on Core State Standards Standards Student Achievement Committee

Com m on Core State Com m on Core State Standards Standards Student Achievement Committee 8/16/11 Assure All Students Graduate College- and Career-Ready Through Effective Use of Standards-Based Education Strategic Plan Goal 1

666 views • 18 slides
Standards in East Africa AFSEC WORKSHOP ON IMPLEMENTATION OF STANDARDS IN THE AFRICAN POWER

Standards in East Africa AFSEC WORKSHOP ON IMPLEMENTATION OF STANDARDS IN THE AFRICAN POWER

Power Interconnection Standards in East Africa AFSEC WORKSHOP ON IMPLEMENTATION OF STANDARDS IN THE AFRICAN POWER SECTOR SANDTON CONVENTION CENTRE, 27-03-2017 Eng. Jasper Oduor, Edson Engineers Contents Introduction Why standards for

198 views • 18 slides
GROUND VEHICLE STANDARDS Global Ground Vehicle Standards Bill Gouse Washington DC 1 SAE

GROUND VEHICLE STANDARDS Global Ground Vehicle Standards Bill Gouse Washington DC 1 SAE

SAE INTERNATIONAL GROUND VEHICLE STANDARDS Global Ground Vehicle Standards Bill Gouse Washington DC 1 SAE International Core Competency: Technical Standards Development SAE Standards Program Consensus Standards Development Cooperative

465 views • 23 slides
Basic Standards for Surface Water Molybdenum Standards 2010 Basic Standards for Surface

Basic Standards for Surface Water Molybdenum Standards 2010 Basic Standards for Surface

Basic Standards for Surface Water Molybdenum Standards 2010 Basic Standards for Surface Water. - Water Supply/Human Health Mo=210 g/L. - Agriculture/Cattle Mo=300 g/L. 2016 Basic Standards Issues for Molybdenum (Mo): -

136 views • 12 slides
Towards Correct Transformation: From High-Level Models to Time- Triggered Implementations H.

Towards Correct Transformation: From High-Level Models to Time- Triggered Implementations H.

Towards Correct Transformation: From High-Level Models to Time- Triggered Implementations H. GUESMI (3) , B. BEN HEDIA (1) , S. BLIUDZE (2) , M. JAN (1) and S. BENSALEM (3) (1) CEA, LIST, Embedded Real Time Systems Laboratory, 91191

169 views • 15 slides
Investor Presentation About Educomp Educomp is the largest Education company in India and the

Investor Presentation About Educomp Educomp is the largest Education company in India and the

Investor Presentation About Educomp Educomp is the largest Education company in India and the only company spread across the entire Education Ecosystem, benefiting from huge cross-selling opportunities of monetizing students across the

582 views • 28 slides
Continuing Education Department Sorbonne University Train today and tomorrow

Continuing Education Department Sorbonne University Train today and tomorrow

Continuing Education Department Sorbonne University Train today and tomorrow https://www.stages-courts.sorbonne-universite.fr Document confidentiel ne peut tre reproduit ni diffus October 2019 sans l'accord pralable de Sorbonne

534 views • 20 slides
The International Radiation Protection Association (IRPA) The international voice of the RP

The International Radiation Protection Association (IRPA) The international voice of the RP

May 2019 The International Radiation Protection Association (IRPA) The international voice of the RP profession Bernard le Guen, IRPA Executive Officer 1 Role of IRPA The international voice of RP professionals 52 Associate Societies

1.12k views • 29 slides
www.parenthese-paris.com 17, rue Notre-Dame des Victoires 75002 Paris 01 43 36 37 07

www.parenthese-paris.com 17, rue Notre-Dame des Victoires 75002 Paris 01 43 36 37 07

WE DO ONE THING AND WE DO IT WELL www.parenthese-paris.com 17, rue Notre-Dame des Victoires 75002 Paris 01 43 36 37 07 contact@parenthese-paris.com Skype : parentheseparislondon parenthese-paris.com parenthese-paris.com LETTER FROM THE U.S.

872 views • 74 slides
Promoting Youth-Led Accountability Margaret Bolaji FP2020 Youth Representative Youth Program

Promoting Youth-Led Accountability Margaret Bolaji FP2020 Youth Representative Youth Program

Accelerating Progress Through Promoting Youth-Led Accountability Margaret Bolaji FP2020 Youth Representative Youth Program Advisor, NURHI YOUNG PEOPLE ARE PART OF THE SOLUTION As young people, we increasingly recognize that we are a

494 views • 7 slides
1 Ag e nda Ge ne ra l Protoc ol in c oope ra tion with WP 4 T ime ta ble Protoc ol F oc us

1 Ag e nda Ge ne ra l Protoc ol in c oope ra tion with WP 4 T ime ta ble Protoc ol F oc us

WP 5 Consume r study imple me nta tion for fruits a nd nutrition ba la nc e Mile stone 5.1. F oc us Groups protoc ol Ka rin Zimme rma nn Sie t Sijtse ma Ma rtine L a nia u Cristina Mora Budva , 15 th of Oc tobe r 2009 1 Ag e nda Ge ne

358 views • 16 slides
The French Public Investment Bank Privileged and confidential 1 * Serving the Future Simplified

The French Public Investment Bank Privileged and confidential 1 * Serving the Future Simplified

* The French Public Investment Bank Privileged and confidential 1 * Serving the Future Simplified chart & key figures Public owned bank with 3 business lines In 2018 2540 Under the supervision and the Employees guarantee of the

303 views • 6 slides

More recommend