Low-impact assets and NERC CIP-003-9: Should dos vs must dos – Combined Cycle Journal

Low-impact assets and NERC CIP-003-9: Should dos vs must dos

Perhaps the best way to think about how to respond to NERC-CIP-9, which seeks to protect the bulk electric system from a coordinated attack on smaller, low-impact assets which can result in a catastrophic event on the interconnected system, is this: Rather than think in terms of complying with the new standard, think about defending yourself in court after a malicious attack through your facility.

The panel of specialists in the second of three NAES webinars on the subject put it a bit more gingerly: What you should do vs what you must do. Example: Regarding remote access by vendors, a site must determine who, how, and where vendors access devices and have a program to document its methodology for remote access controls. What should you do? Suggests the panel, automate the detection of vendor access, alarm occurrences of such access (to the control room, for example), and long and record all sessions in which vendors made changes to the system.

That might not sound so terrible until you realize that some of your primary vendors might have fifty people authorized to access equipment on your site remotely.

Here’s another example: A site must have procedures to disable access to the network boundary (not the device) and physical or electronic methods for removing access. What you should do is:

  • Have granular controls per vendor
  • Test and validate controls per vendor and cyber-asset
  • Have methods for terminating a previously authorized session (even mid-session)
  • Form a global access management team with a two-man rule

There are several of these examples available in the recording of the webinar.

The panel concedes that some of the key language in the draft is fuzzy, but NERC will be making modifications during the 18 months owner/operators have to comply. The term asset, for example, is not explicitly defined in 003 (unlike in 002); thus, it is difficult to define the scope a site implementation. Another term, the asset boundary, which experts call a “term of art,” is not a NERC-defined term.

What should sites do know? That’s difficult to say, but be prepared for today’s “shoulds” to become tomorrow’s “musts.”

Access CCJ recaps and recordings of the three webinars here:

perihoki perihoki perihoki perihoki perihoki duta76 duta76 duta76 duta76 duta76 All in mahjong jalan menuju keuntungan Bermain tenang untuk jackpot berlapis Cara menjaga ritme menang terus Pak satria taklukan hambatan hidup lewat mahjong Pola mahjong bukan sekedar tebakan All in dengan hati matang menuju scatter hitam Dari nol ke maxwin dalam tujuh putaran Mahjong all in jadi titik balik finansial Mahjong membuka karier programmer Menggandakan peluang lewat spin bertingkat Modal bisnis dari spin mahjong Putaran mahjong berujung pada scatter beruntun Rasa lega saat all in membuka jalan scatter Dari scatter hitam ke hadiah besar Mahjong sumber kedua penghasilan dokter ternama Peluang emas yang jarang terulang mahjong ways Pemain pilih mahjong saat malam Pola spin gila memaksa hasil mengucur tanpa henti Scatter hitam membuka jalan cepat pemula meraih kemenangan Scatter hitam senjata rahasia mahjong ways Spin dewa memaksa scatter hitam turun Saat pikiran tenang all in jadi langkah besar Spin cepat jarang bantu strategi panjang Spin mastery mengubah putaran jadi peluang Spin murah tak lagi disepelekan setelah buka kunci scatter hitam Teknik profesional menang semua sesi Spin berlapis menarik scatter hitam Spin santai mengundang scatter hitam Spin penuh aksi memperlihatkan scatter hitam terus mengalir Teknik medapatkan hasil besar dari spin pertama
Scroll to Top