2020-04 Modifications to CIP-012 | Draft 2

Description:

Start Date: 11/30/2021
End Date: 01/24/2022

Associated Ballots:

Ballot Name Project Standard Pool Open Pool Close Voting Start Voting End
2020-04 Modifications to CIP-012 CIP-012-2 AB 2 ST 2020-04 Modifications to CIP-012 CIP-012-2 04/26/2021 05/25/2021 01/14/2022 01/24/2022
2020-04 Modifications to CIP-012 CIP-012-2 Non-Binding Poll AB 2 NB 2020-04 Modifications to CIP-012 CIP-012-2 Non-Binding Poll 04/26/2021 05/25/2021 01/14/2022 01/24/2022
2020-04 Modifications to CIP-012 Implementation Plan AB 2 OT 2020-04 Modifications to CIP-012 Implementation Plan 04/26/2021 05/25/2021 01/14/2022 01/24/2022

Filter:

Hot Answers

Jennie Wike, On Behalf of: John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6

- 0 - 0

BC Hydro appreciates the opportunity to comment and provides the following comments.

Although the Requirement 2 wording from Draft 2 of CIP-012-2 is removed however it appears that the wording of the Requirement 2 from Draft 1 has only been moved or merged into Requirement 1 of Draft 2. BC Hydro's previous concerns raised on CIP-012-2 Draft 1 appear to  still hold valid. The changes in Requirement 1 in Draft 2 of CIP-012-2 still imply a possible reliance on redundancy, which does not align with the approach taken in the other existing CIP standards, particularly CIP 002-5.1a. As availability is the purview of operations, it would be better suited to other MRS standards (e.g., IRO-010, TOP-003, TOP-001) or other applicable Standard(s) within the Operations and Planning (O&P) domain..

BC Hydro recommends removing the 'availability' requirement from CIP-012-2 and revising other MRS standards to address this need as appropriate.

Alternatively BC Hydro suggests providing a clear understanding of the term 'availability' and a clarity that it does not imply the use of redundant setups. For most of the entities, 'availability' of communication networks depends on 3rd party telecommunication providers and in the event of a line or telecommunication equipment going down, the entity is reliant on the 3rd party telecommunication providers to fix the problems. BC Hydro suggests that SDT include an exemption for the links and equipment used by 3rd party telecommunication providers as changing or enhancing the third party telecommunication infrastructure to support 'availability' may not be feasible for many entities.

BC Hydro, Segment(s) 3, 5, 1, 12/18/2018

- 0 - 0

Other Answers

DTE Energy - DTE Electric, Segment(s) 3, 5, 4, 12/8/2021

- 0 - 0

Tennessee Valley Authority, Segment(s) 1, 3, 5, 6, 10/18/2018

- 0 - 0

Manitoba Hydro agrees with the language in R1. The language could be simplified by eliminating sub-requirement R1.3 and combining with R1.1 directly. Current language: R1.3 "Identification of where the Responsible Entity applied security and availability protection(s) as required in Part 1.1" . Proposed modification to R.1.1: Identification of security and availability protection(s), including where protections are applied,  used to mitigate the risks posed by unauthorized disclosure and, unauthorized modification, and loss of availability of data used for Real-time Assessment and Real-time monitoring data while such data is being transmitted between Control Centers

Jay Sethi, On Behalf of: Manitoba Hydro - MRO - Segments 1, 3, 5, 6

- 0 - 0

While the language in R1 may address security and availability, the availability portion of this proposed standard is better suited for IRO-010, TOP-003, TOP-001 or any other applicable standard within the Operations and Planning suite of standards.  Ensuring availability of communication links through redundancy and/or diversity is a significant departure in scope from the CIP standards.  The CIP standards generally require controls and protections to be applied at the device level.  This proposed language involves protections outside of the device and, in this case, the Entity’s Electonic Security Perimeter.

Patricia Lynch, NRG - NRG Energy, Inc., 5, 1/17/2022

- 0 - 0

There is currently no definition of "availability".  AEPCO agrees with ACES comments of adding a NERC definition for "availability" or adoption a NIST definition.

 

Jennifer Bray, Arizona Electric Power Cooperative, Inc., 1, 1/18/2022

- 0 - 0

Duke Energy does not believe the SDT revised CIP-012-1 in a way that best meets the directives outlined in FERC Order No. 866. The SDT’s use of “availability protections” is unclear and would require further definition of this term versus referring to the NIST definition of availability defined as “ensuring timely and reliable access to and use of information”. Using the language “security and availability protections” leaves us with questions. We prefer the language of FERC Order No. 822 specifically directing NERC to modify the Reliability Standards to require entities to implement controls to protect communication links and data communicated between BES Control Centers. FERC Order No. 866 conveys FERC’s assertion that NERC did not address availability. We think that availability should be addressed using language that references controls to protect availability of communication links and data.  Please see Question 5 below and our suggested rewording of sub requirement 1.2.

Katie Connor, On Behalf of: Duke Energy - SERC, RF - Segments 1, 3, 5, 6

- 0 - 0

While the language in R1 may address security and availability, the availability portion of this proposed standard is better suited for IRO-010, TOP-003, TOP-001 or any other applicable standard within the Operations and Planning suite of standards.  Ensuring availability of communication links through redundancy and/or diversity is a significant departure in scope from the CIP standards.  The CIP standards generally require controls and protections to be applied at the device level.  This proposed language involves protections outside of the device and, in this case, the Entity’s Electonic Security Perimeter. 

Martin Sidor, NRG - NRG Energy, Inc., 6, 1/18/2022

- 0 - 0

The proposed language states that entities are to have a plan to mitigate the risks of a loss of availability of data while being transmitted between control centers.  As worded, this does not direct entities to implement redundant or highly avaialble communications infrastructure, which we believe is the intent of Order No. 866, but rather it directs entities to have a plan for mitigating the risks of a loss of avaialbility of the data.  We would recommend making the availability directive a stand alone requirement.    

Jennifer Malon, On Behalf of: Black Hills Corporation - MRO, WECC - Segments 1, 3, 5, 6

- 3 - 0

Matthew Jaramilla, On Behalf of: Salt River Project, WECC, Segments NA - Not Applicable

- 0 - 0

Tim Kelley, On Behalf of: Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6

- 0 - 0

Anthony Jablonski, ReliabilityFirst , 10, 1/19/2022

- 0 - 0

LaTroy Brumfield, On Behalf of: American Transmission Company, LLC, , Segments 1

- 0 - 0

Consumers Energy Company, Segment(s) 1, 3, 4, 5, 11/29/2017

- 0 - 0

MGE does not support the defining of the word "availability", as the NIST definition is sufficient.  

Joseph DePoorter, MGE Energy - Madison Gas and Electric Co., 4, 1/19/2022

- 0 - 0

Ronald Bender, Nebraska Public Power District, 5, 1/19/2022

- 0 - 0

Reclamation recommends that communications paths between Control Centers be on physically separated, redundant communications paths where feasible. Reclamation also recommends third-party vendors be included to ensure all parties are covered.

Richard Jackson, U.S. Bureau of Reclamation, 1, 1/19/2022

- 0 - 0

The Implementation Guidance refers to a NIST definition of availability. NIST could change its definition without notifying entities. NIST’s definition is generic. We request clarification of CIP-012 availability.

 

IRO-002 and TOP-001 have Requirements that mandate for diversity and redundancy as they pertain to communications. We recommend using similar approach instead of availability for CIP-012.

Eversource Group, Segment(s) 1, 3, 9/1/2021

- 0 - 0

Texas RE appreciates the Standard Drafting Team’s (SDT) modifications to proposed CIP-012-2, R 1.1 to better address the identification of security and availability protections to mitigate the risks posed by, among other things, the loss of availability of data used for Real-time Assessments and Real-time monitoring.  Texas RE further appreciates the proposed changes to CIP-012-2, R 1.2 requiring “[i]dentification of methods to be used for the recovery of communication links used to transmit Real-time Assessment and Real-time monitoring data between Control Centers.”  Texas RE notes, however, that CIP-012-2, R1.2’s focus on “recovery” may not encompass the full range of proactive scenarios to ensure communications link availability.  For instance, entities may need to consider eliminating single points of failure in their communication links to ensure “communication link availability” rather than simply focusing on recovery from a link outage.  Texas RE recommends the SDT consider adopting explicit language requiring strategies to implement communication link availability in CIP-012-2, R 1.2 similar to that proposed by FERC in Order No. 866, paragraph 3. 

Rachel Coyne, Texas Reliability Entity, Inc., 10, 1/19/2022

- 1 - 0

We do not recommend adding availability to the scope of CIP-012, since availability of operational data is already addressed in other NERC Reliability Standards. This may be creating a conflict with other standards by including availability of data when we feel it is already included in other standards

FE Voter, Segment(s) 1, 3, 5, 6, 4, 12/20/2021

- 0 - 0

Although BPA supports the revisions made in the latest draft, the additional availability requirement is added into the standard with an ‘and’ statement and not clearly distinguished. Because availability requires significantly different controls than confidentiality or integrity, BPA recommends:

1. R1.1 should be maintained, as it is currently written, limited to confidentiality/integrity.

a) The Drafting Team should insert a new subpart (R1.2) for the availability requirement.  This will assist both entities and auditors in a cleaner approach to implementation and assessing compliance.

b) The Drafting Team should insert a new subpart (R1.2) for the availability requirement.  This will assist both entities and auditors in a cleaner approach to implementation and assessing compliance.

2. BPA appreciates that the SDT has clarified the definition of the term “availability” in the Technical Rationale and Implementation Guidance.  However, the Requirement is confusing, and it is inconsistent with the approach taken for the existing confidentiality/integrity requirement:

a. The terms “confidentiality” and “integrity” are not used in R1.1; rather, they are described as “unauthorized disclosure” and “unauthorized modification”, respectively.  They are only linked to the cybersecurity terms of Confidentiality and Integrity in the Technical Rationale, for clarity. The Drafting Team should use the same approach for Availability.

b. “Availability” means different things to cybersecurity professionals and communications professionals (who will be interpreting and implementing this Requirement): 

i. Availability in cybersecurity circles is ‘Ensuring timely and reliable access to and use of information.’  BPA agrees that this definition meets the intent of the FERC Order.

ii. Availability in communications circles is a ‘Quantitative measurement of the expected desirable performance criteria of a communications link/channel/system.’ (i.e., Block Error Rate < 10^-6, < 2 Serverly Error Seconds in 24 hours, 99.9999% uptime in any given year period, etc.) This definition doesn’t meet FERC’s intentions, but will be the first thing that comes to mind in telecom engineers who read it.

c. Because of this important and potentially confusing difference, BPA recommends that the SDT:

i. Replace “availability” in the new proposed subpart (R1.2, proposed above): “Identification of protection(s) used to ensure timely and reliable access to, and use of, Real-time Assessment and Real-time monitoring data while such data is being transmitted between Control Centers.”  

ii. The term availability should only appear in the Technical Rationale and Implementation Guidance for additional clarity, as is already done for confidentiality and integrity.

Andrea Jessup, On Behalf of: Bonneville Power Administration, WECC, Segments 1, 3, 5, 6

- 0 - 0

What exactly are “availability protections”?  Can examples be provided?

Steve Toosevich, NiSource - Northern Indiana Public Service Co., 1, 1/20/2022

- 0 - 0

The MRO NSRF (“NSRF”) generally agrees revised CIP-012-2 meets the FERC Order 866 directives;  however, to be useful the term “availability” must be clarified in the requirements.  While the NSRF appreciates the NIST definition of “availability” contained in the proposed Implementation Guidance, it is not certain that the Implementation Guidance will be endorsed by the ERO. Therefore, the NSRF recommends the SDT draft a formal definition of “Availability” for inclusion in the CIP-012-2 Standard, which could be the adoption of the NIST definition, or something similar.  The NSRF recognizes the challenges and unintended consequences associated with “availability” being added as a new definition to the NERC Glossary of Terms since “availability” is used in other standards which could be impacted. In light of that, the NSRF suggests a definition be added (and limited in scope) to the CIP-012 standard itself. 

 

Additionally, clarification of “availability” could also be included in the Technical Rationale for CIP-012. The benefits of a definition include formalization within the Standard’s vernacular, thereby reducing potential ambiguity and likelihood of different interpretations by registered entities and audit teams.   The NSRF also believes that the Measure M1 should provide examples of what types of evidence would meet the availability requirement (e.g., an entity executing plans in support of the recovery of compromised communications links and the use of back-up communications capability when primary communications are unavailable). This would provide additional clarity to the industry.

 

Similarly, while having the concepts of “diversity, redundancy, or a combination of both” in the Implementation Guidance is needed, the NSRF recommends the SDT consider including the concepts in M1 to achieve a clearer measure of what constitutes meeting the requirement.

 

Proposed R1.2 requires identification of methods used for recovery, but the SDT fails to provide any examples of methods to recover a loss of a data link.  The information currently contained in the Implementation Guidance is very broad and it would be helpful if examples are provided.  Also, CIP-009 deals with CIP assets and restoration in the event of a loss but does not contain requirements regarding communications links and, therefore, is not applicable to CIP-012. The NSRF recommends clarifying language be added to show the relation between CIP-012 and CIP-009.

 

The NSRF recommends the SDT clarify within the Implementation Guidance at Identification of Methods Used for the Recovery of Communication Links (R1.2) the phrase “This objective is consistent with TOP and IRO O&P Standards”  by identifying which standards are are being referenced.   

 

The term “recovery” as used in R1.1.2 is very broad, and, as many entities will be dependent on telecommunication companies to restore communications, the NSRF recommends the SDT consider including a clause to mitigate compliance issues if a line goes down and it is not the entity’s fault.

 

Additionally, the task of restoring availability predominantly resides with the telecommunication provider. In the event a communication link goes down, electric reliability entities are reliant on  telecommunication provider  to restore service.  The NSRF requests the SDT add an exemption for links and equipment owned by telecommunication providers.

Kendra Buesgens, On Behalf of: MRO - MRO - Segments 1, 2, 3, 4, 5, 6

- 0 - 0

Marcus Bortman, APS - Arizona Public Service Co., 6, 1/20/2022

- 0 - 0

Dominion Energy supports the comments from EEI. In addition, we would like to emphasize particular concern around the term "availability". This should be a defined term to eliminate ambiguity and reduce confusion.  The current NIST definition used in the Technical Rational and the Implementation Guidance could be used as a basis for a definition.

Dominion, Segment(s) 3, 5, 1, 9/19/2019

- 0 - 0

Daniela Hammons, CenterPoint Energy Houston Electric, LLC, 1, 1/21/2022

- 0 - 0

While CHPD supports revisions made in the latest draft and appreciates the effort that went into consolidating R2 into R1, CHPD does not believe this revision best meets the directives of FERC Order No. 866.  Because availability requires significantly different controls than confidentiality and integrity, CHPD recommends the SDT insert a new subpart (R1.2) for the availability protections requirement.  This will assist both entities and auditors in a cleaner approach to implementing and assessing compliance.

CHPD appreciates that the SDT clarified the definition of the term “availability” in the Technical Rationale.  However, R1 is confusing with regards to availability and inconsistent with the approach taken for the existing confidentiality/integrity requirement.  The current revision remains ambiguous with the term “availability”.  Availability should be addressed using language that references controls to protect availability of communication links and data.  The Technical Rationale is helpful, and including its clear examples (e.g., “redundant communication links and data paths”) or adding a requirement table with a measures column with similar evidence examples would minimize inconsistent interpretations among Registered Entities and Regional Entities.

CHPD, Segment(s) 5, 6, 3, 1, 1/21/2022

- 0 - 0

The scope of ‘availability’ is not clear and should be furher clairified in R1 or in the Technical Rationale and/or Implmenation Guidance. Noting on page 2 of the TR the SDT does reference TOP-001 and IRO-002 (“diversity, redundancy, or a combination of both”), but it is not clear what scope of availability is also required in R1. 

Steven Rueckert, Western Electricity Coordinating Council, 10, 1/21/2022

- 0 - 0

While the NSRF appreciates the NIST definition of “availability” contained in the proposed Implementation Guidance, the NSRF recommends the SDT draft a formal definition of “availability” for inclusion in the NERC Glossary of Terms, even if it entails adoption of the NIST definition, or something similar.  By doing so, the new definition would be formalized within NERC’s vernacular and within the Standard, thereby reducing potential ambiguity and likelihood of different interpretations by registered entities and audit teams.  

 

Similarly, while having the concepts of “diversity, redundancy, or a combination of both” in the Implementation Guidance is needed, the NSRF recommends the SDT consider including the concepts in R1 to achieve a clearer requirement.

 

Proposed R1.2 requires identification of methods used for recovery, but the SDT fails to provide any examples of methods to recover a loss of a data link.  The information currently contained in the Implementation Guidance is very broad and it would be helpful if examples are provided.  Also, CIP-009 deals with CIP assets and restoration in the event of a loss but does not contain requirements regarding communications links and, therefore, is not applicable to CIP-012. The NSRF recommends clarifying language be added to show the relation between CIP-012 and CIP-009.

 

The NSRF recommends the SDT clarify within the Implementation Guidance at Identification of Methods Used for the Recovery of Communication Links (R1.2) the phrase “This objective is consistent with TOP and IRO O&P Standards”  by identifying which standards are are being referenced.   

 

The term “recovery” as used in R1.1.2 is very broad, and, as many entities will be dependent on telecommunication companies to restore communications, the NSRF recommends the SDT consider including a clause to mitigate compliance issues if a line goes down and it is not the entity’s fault.

 

Additionally, much availability relies on Telecommunication Providers that in the event they go down, we are reliant on them to bring it back up. In the event a line or their telecommunication equiptment goes down, the Registered Entity does have to rely on them to bring it back up.  The NSRF requests the SDT to add an exemption for links and equipment used by telecommunication providers.

Dwanique Spiller, On Behalf of: Berkshire Hathaway - NV Energy - WECC - Segments 5

- 0 - 0

Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1, 1/21/2022

- 0 - 0

While IESO supports the comments submitted by the ISO/RTO Council SRC and NPCC, we further amend those comments by suggesting that “availability” be considered “as defined by the Responsible Entity” within the proposed standard. This is already implied in the proposed wording, thus IESO supports the proposed standard, however an explicit statement would further clarify this

Leonard Kula, Independent Electricity System Operator, 2, 1/21/2022

- 0 - 0

While AEP agrees that R1 addresses both security and availability concerns as identified in FERC Order No. 866, potential scope creep could exist within Requirement R1.1, as it is not explicity stated that loss of data availability is due to communication link failure. Data loss can occur for a variety of of reasons, and as such, AEP recommends that R1.1 specify that data loss is due to communication link unavailability.

JT Kuehne, AEP, 6, 1/21/2022

- 0 - 0

Bryan Koyle, On Behalf of: Southern Indiana Gas and Electric Co., RF, Segments 6

- 0 - 0

Joseph Amato, On Behalf of: Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3

- 0 - 0

N&ST believes the proposed language in R1 does not fully address FERC Order 866. The Order directs NERC to modify CIP-012 to address availability of communications links and the data they carry while it’s in transit. The proposed “combination” requirement to address data confidentiality, integrity, and availability fails to identify communications links between in-scope Control Centers as requiring availability protections. The need to do so is implied in R1.2, but N&ST believes this should be made explicit. In addition, R1’s proposed language does not identify any requirement for a Responsible Entity’s CIP-012 plan(s) to include provisions for continuity of operations, as directed by the FERC Order.

Roger Fradenburgh, On Behalf of: Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1

- 0 - 0

Hot Answers

Jennie Wike, On Behalf of: John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6

- 0 - 0

CIP-012-1 is not yet in effect in British Columbia and BC Hydro has not implemented a solution to comply with CIP-012-1 yet. This question on compliance will be difficult to address at this stage and will be best answered once CIP-012-1 has been designed and implemented. As identified in response to Question # 1, BC Hydro suggests that SDT add an exemption for the links and equipment used by 3rd party telecommunication providers.

BC Hydro, Segment(s) 3, 5, 1, 12/18/2018

- 0 - 0

Other Answers

DTE Energy - DTE Electric, Segment(s) 3, 5, 4, 12/8/2021

- 0 - 0

Tennessee Valley Authority, Segment(s) 1, 3, 5, 6, 10/18/2018

- 0 - 0

Jay Sethi, On Behalf of: Manitoba Hydro - MRO - Segments 1, 3, 5, 6

- 0 - 0

Patricia Lynch, NRG - NRG Energy, Inc., 5, 1/17/2022

- 0 - 0

Entities are dependent on telecommunicatino carriers to maintain availability which makes R1.3 almost impossible to meet compliance with.  Providing entities with an exception in this scenario should be considered.

Jennifer Bray, Arizona Electric Power Cooperative, Inc., 1, 1/18/2022

- 1 - 0

Duke Energy takes issue with the term “availability protections” and not with the concept of availability. We prefer addressing the “where” in our rewording of sub requirement 1.4 as provided in Question 5 below.

Katie Connor, On Behalf of: Duke Energy - SERC, RF - Segments 1, 3, 5, 6

- 1 - 0

Martin Sidor, NRG - NRG Energy, Inc., 6, 1/18/2022

- 0 - 0

Black Hills Corporation has concerns with R1.1 with regards to the scenario where vendors like CAISO and SPP are providing the communications infrastructure.  Entities would be relying on the vendors to implement the security (and avaialbility) protections and the entity will not have direct access to evidence that it is in place and functional.    

Jennifer Malon, On Behalf of: Black Hills Corporation - MRO, WECC - Segments 1, 3, 5, 6

- 1 - 0

Matthew Jaramilla, On Behalf of: Salt River Project, WECC, Segments NA - Not Applicable

- 0 - 0

Tim Kelley, On Behalf of: Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6

- 0 - 0

Anthony Jablonski, ReliabilityFirst , 10, 1/19/2022

- 0 - 0

LaTroy Brumfield, On Behalf of: American Transmission Company, LLC, , Segments 1

- 0 - 0

Without access to the equipment CE doesn’t own, CE cannot definitively demonstrate that the compliance has been achieved.

Consumers Energy Company, Segment(s) 1, 3, 4, 5, 11/29/2017

- 1 - 0

Joseph DePoorter, MGE Energy - Madison Gas and Electric Co., 4, 1/19/2022

- 0 - 0

Ronald Bender, Nebraska Public Power District, 5, 1/19/2022

- 0 - 0

Richard Jackson, U.S. Bureau of Reclamation, 1, 1/19/2022

- 0 - 0

The Implementation Guidance refers to a NIST definition of availability. NIST could change its definition without notifying entities. NIST’s definition is generic. We request clarification of CIP-012 availability.

 

IRO-002 and TOP-001 have Requirements that mandate for diversity and redundancy as they pertain to communications. We recommend using similar approach instead of availability for CIP-012.

Eversource Group, Segment(s) 1, 3, 9/1/2021

- 0 - 0

Texas RE believes registered entities should be able to demonstrate compliance with the Requirement Part 1.3.

Rachel Coyne, Texas Reliability Entity, Inc., 10, 1/19/2022

- 0 - 0

We do not recommend adding availability to the scope of CIP-012, since availability of operational data is already addressed in other NERC Reliability Standards. Concept of availability between control centers would need to be clarified.

FE Voter, Segment(s) 1, 3, 5, 6, 4, 12/20/2021

- 0 - 0

Andrea Jessup, On Behalf of: Bonneville Power Administration, WECC, Segments 1, 3, 5, 6

- 0 - 0

What exactly are “availability protections”?  Can examples be provided?

Steve Toosevich, NiSource - Northern Indiana Public Service Co., 1, 1/20/2022

- 0 - 0

The NSRF requests the SDT add an exemption for the links and equipment owned by telecommunication providers. In many instances, availability resides with telecommunication providers; and in the event service is interrupted, Registered Entities are reliant on the telecommunication provider(s) to restore service. Similarly, in the event a telecommunication line or other piece of telecommunication equipment goes down, the Registered Entity is again reliant on the Telecommunication Provider(s) to address the issue(s). 

 

The term “availability” is subjective and should be clearly defined prior to approving CIP-012-2.

 

Kendra Buesgens, On Behalf of: MRO - MRO - Segments 1, 2, 3, 4, 5, 6

- 0 - 0

Marcus Bortman, APS - Arizona Public Service Co., 6, 1/20/2022

- 0 - 0

Dominion, Segment(s) 3, 5, 1, 9/19/2019

- 0 - 0

Demonstrating compliance will be difficult to prove if the communication link is provided by a third party.

Daniela Hammons, CenterPoint Energy Houston Electric, LLC, 1, 1/21/2022

- 0 - 0

CHPD has concerns demonstrating compliance for “security protections” in the common scenario where the Reliability Coordinator contracts with a telecommunications company for communication links between Control Centers operated by different Registered Entities.  These Registered Entities depend on the telecommunication company to implement the security protections and do not have direct access to evidence that it is in place and functioning.

With more descriptive “availability protections” requirement language, CHPD could more confidently demonstrate “availability protections” compliance.  Possible ways of clarifying include using alternate wording from the Technical Rationale (e.g., “redundant communication links and data paths”) or adding a requirements table with a measures column with evidence examples to minimize inconsistent interpretations among Registered Entities and Regional Entities.

CHPD, Segment(s) 5, 6, 3, 1, 1/21/2022

- 0 - 0

The scope identification of availability protections is not clear for entities using 3rd party telecommunction networks. This should be further clarified in R1 or the Technical Rationale and/or Implmentation Guidance.

Steven Rueckert, Western Electricity Coordinating Council, 10, 1/21/2022

- 0 - 0

In many instances, availability relies on telecommunication providers; and in the event service is interrupted, Registered Entities are solely reliant on the telecom providers to bring service back up. Similarly, in the event a line or telecommunication equiptment goes down, the Registered Entity is again reliant on the telecommunication providers to fix the issues.  NSRF requests the SDT add an exemption for the links and equipment used by telecommunication providers.

Dwanique Spiller, On Behalf of: Berkshire Hathaway - NV Energy - WECC - Segments 5

- 0 - 0

Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1, 1/21/2022

- 0 - 0

While IESO supports the comments submitted by the ISO/RTO Council SRC and NPCC, we further amend those comments as follows: If the “availability” be considered “as defined by the Responsible Entity” within the proposed standard, then this gives IESO the flexibility in the application of availability protections. This is already implied in the proposed wording, thus IESO supports the proposed standard, however an explicit statement would further clarify this.

Leonard Kula, Independent Electricity System Operator, 2, 1/21/2022

- 0 - 0

AEP believes it could demonstrate compliance with Requirement R1.3 if the language from the Techincal Rationale document on page 9 under General Considerations for Requirement R1 is added to the the R1 measurement language.

AEP recommends M1 read as follows:

Evidence may include, but is not limited to, documented plan(s) that meet the mitigation objective of Requirement R1 and documentation demonstrating the implementation of the plan(s). Identification of where the Responsible Entity applied security and availability protection(s) as required in Part 1.1. can be accomplished with a document describing the locations of the components, diagrams indicating the locations or a combination of both, within the plan.

JT Kuehne, AEP, 6, 1/21/2022

- 0 - 0

Demonstrating compliance will be difficult to prove if the communication link is provided by a third party.

Bryan Koyle, On Behalf of: Southern Indiana Gas and Electric Co., RF, Segments 6

- 0 - 0

Joseph Amato, On Behalf of: Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3

- 0 - 0

N&ST believes this could be a difficult question to answer for some Responsible Entities, depending on their approach(s) to addressing availability protection. If the mainstay of an Entity’s CIP-012 availability protection plan is a service level agreement with a wide-area communications carrier (an option the FERC Order suggests but appears to have been ignored by the SDT), the “where” of that Entity’s protections would be in its contractual document. Similarly, the “where” might be within an Entity’s disaster recovery procedures defined for its communications and networking infrastructure. N&ST believes it is neither practical nor necessary to compel Responsible Entities to identify the “where” of its availability protections, and we therefore recommend that it be removed from R1.3. We believe R1.1’s requirement to identify and describe availability protections is sufficient.

Roger Fradenburgh, On Behalf of: Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1

- 0 - 0

Hot Answers

Jennie Wike, On Behalf of: John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6

- 0 - 0

Please refer to BC Hydro's comments on Question #2.

CIP-012-1 is not yet in effect in British Columbia and BC Hydro has not implemented a solution to comply with CIP-012-1 yet; therefore, it is not yet feasible to identify the additional costs related to the Project 2020-04 CIP-012-2 changes.

BC Hydro, Segment(s) 3, 5, 1, 12/18/2018

- 0 - 0

Other Answers

DTE Energy - DTE Electric, Segment(s) 3, 5, 4, 12/8/2021

- 0 - 0

Tennessee Valley Authority, Segment(s) 1, 3, 5, 6, 10/18/2018

- 0 - 0

Jay Sethi, On Behalf of: Manitoba Hydro - MRO - Segments 1, 3, 5, 6

- 0 - 0

NRG does not believe that these modifications meet the FERC directives in a cost effective manner.  A more cost effective solution would be to include such modifications in IRO-010, TOP-003, TOP-001, or other applicable Operations and Planning standards.  Including this verbiage in the CIP standards means the same or similar compliance activities have to be documented for multiple standards and represented in more audits (i.e. 693 and 706 standards).

Patricia Lynch, NRG - NRG Energy, Inc., 5, 1/17/2022

- 0 - 0

Jennifer Bray, Arizona Electric Power Cooperative, Inc., 1, 1/18/2022

- 0 - 0

Katie Connor, On Behalf of: Duke Energy - SERC, RF - Segments 1, 3, 5, 6

- 0 - 0

NRG does not believe that these modifications meet the FERC directives in a cost effective manner.  A more cost effective solution would be to include such modifications in IRO-010, TOP-003, TOP-001, or other applicable Operations and Planning standards.  Including this verbiage in the CIP standards means the same or similar compliance activities have to be documented for multiple standards and represented in more audits (i.e. 693 and 706 standards).

Martin Sidor, NRG - NRG Energy, Inc., 6, 1/18/2022

- 0 - 0

Black Hills Corporation does not anticipate a significant expense to achieve compliance. 

Jennifer Malon, On Behalf of: Black Hills Corporation - MRO, WECC - Segments 1, 3, 5, 6

- 0 - 0

Matthew Jaramilla, On Behalf of: Salt River Project, WECC, Segments NA - Not Applicable

- 0 - 0

Tim Kelley, On Behalf of: Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6

- 0 - 0

Anthony Jablonski, ReliabilityFirst , 10, 1/19/2022

- 0 - 0

LaTroy Brumfield, On Behalf of: American Transmission Company, LLC, , Segments 1

- 0 - 0

Consumers Energy Company, Segment(s) 1, 3, 4, 5, 11/29/2017

- 0 - 0

Joseph DePoorter, MGE Energy - Madison Gas and Electric Co., 4, 1/19/2022

- 0 - 0

Ronald Bender, Nebraska Public Power District, 5, 1/19/2022

- 0 - 0

Reclamation observes there is an environment of constant churn with reliability standards. This results in ineffective use of resources associated with the planning and adjustments required to achieve compliance with frequently changing standard versions. NERC should foster a compliance environment that allows entities to fully implement technical compliance with current standards before moving to subsequent versions.

Richard Jackson, U.S. Bureau of Reclamation, 1, 1/19/2022

- 0 - 0

No Comment

Eversource Group, Segment(s) 1, 3, 9/1/2021

- 0 - 0

Texas RE does not have comments on this question.

Rachel Coyne, Texas Reliability Entity, Inc., 10, 1/19/2022

- 0 - 0

We do not recommend adding availability to the scope of CIP-012, since availability of operational data is already addressed in other NERC Reliability Standards. Protection of availability implies physical actions to protect the communications between control centers. This is impractical given the distance between control centers.

FE Voter, Segment(s) 1, 3, 5, 6, 4, 12/20/2021

- 0 - 0

Andrea Jessup, On Behalf of: Bonneville Power Administration, WECC, Segments 1, 3, 5, 6

- 0 - 0

Without having a more thorough understanding as to what “availability protections” are, it is inderterminant as to the impact of what costs would be.

Steve Toosevich, NiSource - Northern Indiana Public Service Co., 1, 1/20/2022

- 0 - 0

The NSRF suggests the SDT identify which TOP and IRO O&P Standards are referenced in the Implementation plan at Identification of Methods Used for the Recovery of Communication Links (R1.2). If the objectives are consistent, identification may help with cost effectiveness by allowing an entity to leverage current practices of compliance with those standards.

Kendra Buesgens, On Behalf of: MRO - MRO - Segments 1, 2, 3, 4, 5, 6

- 0 - 0

Marcus Bortman, APS - Arizona Public Service Co., 6, 1/20/2022

- 0 - 0

Dominion Energy does not have enough information to make a determination.

Dominion, Segment(s) 3, 5, 1, 9/19/2019

- 0 - 0

Daniela Hammons, CenterPoint Energy Houston Electric, LLC, 1, 1/21/2022

- 0 - 0

CHPD, Segment(s) 5, 6, 3, 1, 1/21/2022

- 0 - 0

Steven Rueckert, Western Electricity Coordinating Council, 10, 1/21/2022

- 0 - 0

The NSRF suggests the SDT identify which TOP and IRO O&P Standards that are referenced in the Implementation plan at Identification of Methods Used for the Recovery of Communication Links (R1.2). If the objectives are consistent, identification may help with cost effectiveness by allowing an entity to leverage current practices of compliance with those standards.

Dwanique Spiller, On Behalf of: Berkshire Hathaway - NV Energy - WECC - Segments 5

- 0 - 0

Where new technology will be required to support availability, we have no basis to determine the cost effectiveness of implementing this standard.

Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1, 1/21/2022

- 0 - 0

Leonard Kula, Independent Electricity System Operator, 2, 1/21/2022

- 0 - 0

JT Kuehne, AEP, 6, 1/21/2022

- 0 - 0

SIGE does not agree that the modification meets FERC directives in a cost effective manner.  The proposed language for CIP-012, Requirement R1 does not provide guidance on what are acceptable measures for a Registered Entity to take to meet the requirement. There are not sufficient measures, guidelines, or technical rationale documented in the draft for a Registered Entity to design a solution that meets security goals and is cost effective. 

Bryan Koyle, On Behalf of: Southern Indiana Gas and Electric Co., RF, Segments 6

- 0 - 0

Where new technology will be required to support availability, we have no basis to determine the cost effectiveness of implementing this standard.

Joseph Amato, On Behalf of: Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3

- 0 - 0

N&ST believes that as written, the draft Implementation Guidance document strongly implies that Responsible Entities should employ redundant communication links between Control Centers to address availability, even while noting FERC’s acknowledgement that in some suburban and rural areas, this could be prohibitively expensive, of only marginal incremental benefit to availability (no options for path diversity), or both. While we agree that redundant links should be considered, we recommend the document be revised to acknowledge this may not be a viable approach to mitigating availability risks in all cases. The SDT might also consider adding some examples of emergency back-up communications links an Entity might be able to utilize if its primary communications link is down or otherwise unavailable.

N&ST notes, further, that while FERC Order 866 suggests it might be possible for a Responsible Entity to establish availability-related service level agreements with one or more network service providers, the Implementation Guidance document makes no mention of this option.

Finally, N&ST believes the scope of CIP-012’s proposed availability requirements is unclear and open to interpretation, which has the potential to have significant cost implications for some entities, especially those without fully redundant Control Center network and computing infrastructures.

Roger Fradenburgh, On Behalf of: Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1

- 0 - 0

Hot Answers

Jennie Wike, On Behalf of: John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6

- 0 - 0

As identified in answers to Questions above, at this time BC Hydro does not have sufficient information to affirm whether 24 months will be adequate to implement the solutions to comply with the changes proposed in Project 2020-04 for CIP-012.

BC Hydro, Segment(s) 3, 5, 1, 12/18/2018

- 0 - 0

Other Answers

Compliance with the availability requirement may involve the installation of back-up communications.  We are current experiencing delays in obtaining equipment necessary to install a dedicated line (six months from time of order).  This type of delivery challenge may necessitate an extension in the enforcement date for CIP-012-2.

DTE Energy - DTE Electric, Segment(s) 3, 5, 4, 12/8/2021

- 0 - 0

Tennessee Valley Authority, Segment(s) 1, 3, 5, 6, 10/18/2018

- 0 - 0

Jay Sethi, On Behalf of: Manitoba Hydro - MRO - Segments 1, 3, 5, 6

- 0 - 0

Patricia Lynch, NRG - NRG Energy, Inc., 5, 1/17/2022

- 0 - 0

Jennifer Bray, Arizona Electric Power Cooperative, Inc., 1, 1/18/2022

- 0 - 0

Katie Connor, On Behalf of: Duke Energy - SERC, RF - Segments 1, 3, 5, 6

- 0 - 0

Martin Sidor, NRG - NRG Energy, Inc., 6, 1/18/2022

- 0 - 0

Black Hills Corporation agrees that a 24 month implementation time is reasonable, however where vendors are involved that timeframe could become challenging.    

Jennifer Malon, On Behalf of: Black Hills Corporation - MRO, WECC - Segments 1, 3, 5, 6

- 0 - 0

Matthew Jaramilla, On Behalf of: Salt River Project, WECC, Segments NA - Not Applicable

- 0 - 0

Tim Kelley, On Behalf of: Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6

- 0 - 0

Anthony Jablonski, ReliabilityFirst , 10, 1/19/2022

- 0 - 0

LaTroy Brumfield, On Behalf of: American Transmission Company, LLC, , Segments 1

- 0 - 0

Consumers Energy Company, Segment(s) 1, 3, 4, 5, 11/29/2017

- 0 - 0

Joseph DePoorter, MGE Energy - Madison Gas and Electric Co., 4, 1/19/2022

- 0 - 0

Ronald Bender, Nebraska Public Power District, 5, 1/19/2022

- 0 - 0

Richard Jackson, U.S. Bureau of Reclamation, 1, 1/19/2022

- 0 - 0

This is dependent on clarity for availability.

Eversource Group, Segment(s) 1, 3, 9/1/2021

- 0 - 0

Texas RE does not have comments on this question.

Rachel Coyne, Texas Reliability Entity, Inc., 10, 1/19/2022

- 0 - 0

We do not recommend adding availability to the scope of CIP-012, since availability of operational data is already addressed in other NERC Reliability Standards, specifically the provisions of TOP-001 and IRO-002, which require redundant and diversely routed data exchange infrastructure implementation and testing. 

FE Voter, Segment(s) 1, 3, 5, 6, 4, 12/20/2021

- 0 - 0

Andrea Jessup, On Behalf of: Bonneville Power Administration, WECC, Segments 1, 3, 5, 6

- 0 - 0

Steve Toosevich, NiSource - Northern Indiana Public Service Co., 1, 1/20/2022

- 0 - 0

The need for a 24 month implementation plan is paramount to reliably and securely implement this standard.  If the standard is implemented as written, 24 months will be needed to apply the recovery procedures as outlined.  Registered Entities will need to work with their neighbors on the development of recovery plans; for example, an RTO/ISO will need to ensure recovery plans are in place for the availability of communications links with each of its members.  Also, this standard involves more than just developing a recovery plan.  Since these assets are not owned by Functional Entities subject to CIP-002, the utilization of CIP-008 and CIP-009 plans may not be relevant, and entities will have to develop their own recovery plans from scratch.  Entities will have to work with telecommunication providers to set up new links and test them for recovery if they have not already done so.  Finally, if supply chain issues cause delays in obtaining the required components needed for industry to fully implement V1 of this standard, then extra time will be needed for implementation until the supply chain issues are mitigated and resources are available.

Kendra Buesgens, On Behalf of: MRO - MRO - Segments 1, 2, 3, 4, 5, 6

- 0 - 0

Marcus Bortman, APS - Arizona Public Service Co., 6, 1/20/2022

- 0 - 0

Dominion, Segment(s) 3, 5, 1, 9/19/2019

- 0 - 0

Daniela Hammons, CenterPoint Energy Houston Electric, LLC, 1, 1/21/2022

- 0 - 0

CHPD, Segment(s) 5, 6, 3, 1, 1/21/2022

- 0 - 0

WECC proposes the SDT consider changing to a 12 or 18-month Implementation Plan.

Steven Rueckert, Western Electricity Coordinating Council, 10, 1/21/2022

- 0 - 0

Dwanique Spiller, On Behalf of: Berkshire Hathaway - NV Energy - WECC - Segments 5

- 0 - 0

Consider current supply chain landscape impacts to procuring technology to support this implementation 

Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1, 1/21/2022

- 0 - 0

Leonard Kula, Independent Electricity System Operator, 2, 1/21/2022

- 0 - 0

JT Kuehne, AEP, 6, 1/21/2022

- 0 - 0

Bryan Koyle, On Behalf of: Southern Indiana Gas and Electric Co., RF, Segments 6

- 0 - 0

Joseph Amato, On Behalf of: Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3

- 0 - 0

Roger Fradenburgh, On Behalf of: Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1

- 0 - 0

Hot Answers

Jennie Wike, On Behalf of: John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; John Merrell, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Marc Donaldson, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Hien Ho, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Terry Gifford, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6; Ozan Ferrin, Tacoma Public Utilities (Tacoma, WA), 1,3,4,5,6

- 0 - 0

BC Hydro suggests adding more clarity to term 'availability' by providing a more detailed definition. Although the SDT has proposed the use of the NIST definition of "Ensuring timely and reliable access to and use of information" for defining the term 'availability' in the Technical Rationale document, a more detailed and specific definition concerning the application and use, specifically at NERC entities, will help improve a clear understanding and easier implementation. BC Hydro also suggests including some pertinent use cases and examples.

BC Hydro, Segment(s) 3, 5, 1, 12/18/2018

- 0 - 0

Other Answers

DTE Energy - DTE Electric, Segment(s) 3, 5, 4, 12/8/2021

- 0 - 0

Tennessee Valley Authority, Segment(s) 1, 3, 5, 6, 10/18/2018

- 0 - 0

Jay Sethi, On Behalf of: Manitoba Hydro - MRO - Segments 1, 3, 5, 6

- 0 - 0

Please see comments provided above

Patricia Lynch, NRG - NRG Energy, Inc., 5, 1/17/2022

- 0 - 0

Thank you for the opportunity to comment.

Jennifer Bray, Arizona Electric Power Cooperative, Inc., 1, 1/18/2022

- 0 - 0

Following is Duke Energy’s suggested rewording of the SDT’s proposed draft sub requirements for R1. We appreciate the effort that went into consolidating R2 into R1 and the opportunity to provide feedback.

1.1  Identification of security protection(s), the Responsible Entity applied to mitigate the risks posed by unauthorized disclosure or unauthorized modification of data used for Real-time Assessment and Real-time monitoring while such data is being transmitted between Control Centers.

1.2 Identification of controls, the Responsible Entity implemented to protect the availability of communication links used to transmit data between Control Centers for Real-time Assessment and Real-time monitoring as to ensure timely and accurate data communication.

1.3  Identification of methods by the Responsible Entity, to be used for the recovery of communication links to transmit Real-time Assessment and Real-time monitoring data between Control Centers.

1.4 Identification of where the Responsible Entity has applied the protections and controls identified in Parts 1.1 and 1.2; and

1.5  If the Control Centers are owned or operated by different Responsible Entities, identification of the responsibilities of each Responsible Entity for applying protections and controls to data being transmitted between Control Centers as required in Parts 1.1 and 1.2.

FERC Order No. 866 spoke directly to recovery. Recovery in the standard aligns with this; however, restoration and recovery are both used in the Implementation Guidance. We are requesting clarification if “recovery and restoration” are meant to be interchangeable. We recommend that the Implementation Guidance solely reference the term recovery, since recovery and restoration have different technical implications

Katie Connor, On Behalf of: Duke Energy - SERC, RF - Segments 1, 3, 5, 6

- 1 - 0

Martin Sidor, NRG - NRG Energy, Inc., 6, 1/18/2022

- 0 - 0

Jennifer Malon, On Behalf of: Black Hills Corporation - MRO, WECC - Segments 1, 3, 5, 6

- 0 - 0

Matthew Jaramilla, On Behalf of: Salt River Project, WECC, Segments NA - Not Applicable

- 0 - 0

Tim Kelley, On Behalf of: Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Goi, Sacramento Municipal Utility District, 1,3,4,5,6; Nicole Looney, Sacramento Municipal Utility District, 1,3,4,5,6; Kevin Smith, Balancing Authority of Northern California, 1; Charles Norton, Sacramento Municipal Utility District, 1,3,4,5,6; Foung Mua, Sacramento Municipal Utility District, 1,3,4,5,6

- 0 - 0

Anthony Jablonski, ReliabilityFirst , 10, 1/19/2022

- 0 - 0

ATC supports the SDT’s approach to permit each Registered Entity to define availability within a CIP-012 plan, as opposed to having this term defined in the glossary of terms. Defining “availability” in the glossary of terms would be too prescriptive an approach especially considering the prevalent use of this word is in other Reliability Standards, and the broad ranging impacts and unintended consequences that a definition could have on other mandatory regulations outside the scope of this SDT’s SAR. ATC appreciates the flexibility this draft provides entities and supports objective-based requirements that steer away from one-size-fits-all definitions.

LaTroy Brumfield, On Behalf of: American Transmission Company, LLC, , Segments 1

- 3 - 0

Consumers Energy Company, Segment(s) 1, 3, 4, 5, 11/29/2017

- 0 - 0

NONE

Joseph DePoorter, MGE Energy - Madison Gas and Electric Co., 4, 1/19/2022

- 0 - 0

NPPD supports the SDT’s approach to permit each Registered Entity to define availability within a CIP-012 plan, as opposed to having this term defined in the glossary of terms. Defining “availability” in the glossary of terms would be too prescriptive an approach. NPPD appreciates the flexibility this draft provides entities and supports objective-based requirements that steer away from one-size-fits-all definitions.

Ronald Bender, Nebraska Public Power District, 5, 1/19/2022

- 2 - 0

The terminology continues to be confusing, especially for those unfamiliar with the underlying FERC Order. The concepts could be explained in R1 using simple, plain language.

The changes proposed are a significant increase in the scope of the standard, which will have a substantial impact on affected entities and should not be taken without appropriate consideration. Some communications paths are already covered under other NERC standards.

Proposed R1.2 recovery plans should be included under CIP-009 instead of CIP-012-2.

To minimize churn among standard versions, Reclamation recommends the SDT fully scope each project before developing proposed modifications to ensure all of FERC’s desired requirements are included, thereby precluding the need for FERC to order approval with additional modifications. For CIP-012, Reclamation recommends the SDT coordinate changes with Projects 2016-02 and Project 2019-03. This will reduce the chance that standards conflict with one another and will better align related standards.

Richard Jackson, U.S. Bureau of Reclamation, 1, 1/19/2022

- 0 - 0

Eversource Group, Segment(s) 1, 3, 9/1/2021

- 0 - 0

Texas RE noticed a potential reliability gap between proposed CIP-012-2 and CIP-008-6.  CIP-008-6 seeks to “mitigate the risk to the reliable operation of the BES as a result of a Cyber Security Incident by specifying incident response requirements” (CIP-008-6 Purpose Statement).  The definitions of Cyber Security Incident and Reportable Cyber Security Incident may not cover cyberattacks targeted toward disrupting the confidentiality, integrity, or availability of Control Center communications.  Texas RE recommends the definitions of Cyber Security Incident, Reportable Cyber Security Incident, and the applicable systems column of CIP-008-6 be modified to explicitly include situations where the confidentiality, integrity, or availability of Control Center communications is targeted.  

Rachel Coyne, Texas Reliability Entity, Inc., 10, 1/19/2022

- 0 - 0

There is nothing in Guidance Document that provides information on protections for availability of data.  The guidance deals with confidentially and integrity of data.

FE Voter, Segment(s) 1, 3, 5, 6, 4, 12/20/2021

- 0 - 0

Andrea Jessup, On Behalf of: Bonneville Power Administration, WECC, Segments 1, 3, 5, 6

- 0 - 0

Steve Toosevich, NiSource - Northern Indiana Public Service Co., 1, 1/20/2022

- 0 - 0

Kendra Buesgens, On Behalf of: MRO - MRO - Segments 1, 2, 3, 4, 5, 6

- 0 - 0

Marcus Bortman, APS - Arizona Public Service Co., 6, 1/20/2022

- 0 - 0

As mentioned above, Dominion Energy supports EEIs comments. In addition, Dominion Energy has the following suggestion for language in R1.2 that would allow this requirement to be actionable by industry:

Identification of methods to be used for the recovery of communication link components controlled by each Responsible Entity and response plans used for the recovery of communication links not controlled by the Responsible Entity used to transmit Real-Time Assessment and Real-time monitoring data between Control Centers.

Dominion, Segment(s) 3, 5, 1, 9/19/2019

- 0 - 0

Daniela Hammons, CenterPoint Energy Houston Electric, LLC, 1, 1/21/2022

- 0 - 0

With the content of the previous R1.2 moved to R1.3, the updated R1.2 deals with recovery methods that appear to go beyond the FERC Order No. 866 directive and aren’t applicable to many Registered Entities.  Communications links between Control Centers operated by different Registered Entities are dependent on telecommunication companies.  For many Registered Entities, the method to recover a link is a support call to their region’s contracted telecommunication provider.

CHPD, Segment(s) 5, 6, 3, 1, 1/21/2022

- 0 - 0

The Implmentation Guidance and Technical Rationale appear to infer encryption is the only method to meet the security objectives to mitigate the risks posed by unauthorized disclosure, unauthorized modification of applicable data. Consider providing examples an entity could altnatively consider to also meet the security objectives.

For example:

1.      An entity owned, operated and managed communication link.

2.      Monitoring, detecting, alerting and response to any possible unauthorized disclosure or unauthorized modification of applicable data transmitted on a ­­­communication link between Control Centers.

Steven Rueckert, Western Electricity Coordinating Council, 10, 1/21/2022

- 0 - 0

None at this time.

Dwanique Spiller, On Behalf of: Berkshire Hathaway - NV Energy - WECC - Segments 5

- 0 - 0

Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1, 1/21/2022

- 0 - 0

The current wording of the proposed standard gives IESO the flexibility to address the availability controls of the data itself in addition to the just the availability controls associated with solely with the communications link.

 

IESO recommends that that the definition of term “availability” be futher clarified with the addition of the wording “as determined by the Responsible Entity”

Leonard Kula, Independent Electricity System Operator, 2, 1/21/2022

- 0 - 0

AEP appreciates the efforts of the SDT on this project. Please see below for additional comments.

While AEP agrees that creating a plan to account for the security and availability of Real-time Assessment and Real-time monitoring data is crucial as part of FERC Order No. 866, we believe the revisions to CIP-012-2 need to be more prescriptive to capture the expected contents of the plan. For example, page 4 of the Technical Rationale document lays out an expectation and relationship with CIP-008 and CIP-009 plans, “The SDT recognized that Responsible Entities may already have plans to address these contingencies in their CIP-008 and CIP-009 plan(s) and these could be referenced as part of their CIP-012 plan to meet the requirement and avoid duplication of effort.”

However, the applicable systems for CIP-008 and CIP-009 are different than the devices that would receive protections for CIP-012. With that in mind, AEP suggests that NERC take either of the following action:

(1)  Create the desired components of CIP-008 and CIP-009 as explicit requirements and sub-requirements within CIP-012; or

(2)  Create a new classification for CIP-012 devices (e.g., “associated networking equipment”) and determine the specific requirements within the other CIP standards that apply to that classification.

JT Kuehne, AEP, 6, 1/21/2022

- 0 - 0

Bryan Koyle, On Behalf of: Southern Indiana Gas and Electric Co., RF, Segments 6

- 0 - 0

No comments.

Joseph Amato, On Behalf of: Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3; Terry Harbour, Berkshire Hathaway Energy - MidAmerican Energy Co., 1,3

- 0 - 0

N&ST believes that both the proposed availability language of CIP-012 R1 and the accompanying draft Implementation Guidance lack sufficient clarity regarding the scope of a Responsible Entity’s CIP-012 availability obligations: Where do they begin and end? The Implementation Guidance document seems to suggest that inter- Control Center communications channels subject to CIP-012 should include literally everything either utilizing or comprising those channels, including the sending and receiving hosts. Evidence supporting this opinion includes the statement, “The SDT also recognizes that the availability components within the plan may or may not be applied to Cyber Assets identified as BES Cyber Assets.” Should Entities include ICCP servers, which are almost always identified as BES Cyber Systems and, for High and Medium Impact, located within Electronic Security Perimeters, in their CIP-012 availability plans? If so, will Entities with only single ICCP servers be expected to procure additional ones for redundancy? N&ST is concerned that by discussing endpoint hosts, the SDT may be expanding the scope of CIP-012 beyond FERC’s mandate. At the very least, the draft Implementation Guidance raises questions we believe the SDT should answer. If it does not, experience suggests to us that NERC and/or the Regions will.

Additional Guidance document statements and phrases that N&ST believes need clarification include:

“Availability protection can be shown with network diagrams showing multiple circuits, redundant systems, application details or other documentation describing the protections used.”

What kind of systems? Switches? Routers? Endpoint hosts? The SDT should provide examples.

The phrase, “entire communications link” is used several times. The SDT should define what this means, as well as whether or not endpoints are subject to CIP-012.

Roger Fradenburgh, On Behalf of: Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1; Nicholas Lauriat, Network and Security Technologies, 1

- 0 - 0