The North American Electric Reliability Corporation (NERC) on September 18 requested Federal Energy Regulatory Commission (FERC) approval of a new Critical Infrastructure Protection (CIP) Reliability Standard, CIP-012-1. The proposed standard would require electric utilities with defined “Control Centers” to implement controls that protect sensitive data communicated between any applicable control centers. Driving the standard is a concern that these control centers can only perform their real-time reliability functions if they can receive and transmit sensitive operational data in a secure manner.
Under NERC’s petition, responsible entities would be required to develop and implement a plan to mitigate the risks posed by unauthorized modification (integrity) and unauthorized disclosure (confidentiality) of assessment and monitoring data. Those plans must include the following three components: (1) the security protection used to mitigate the risks posed by unauthorized modification and unauthorized disclosure of real-time assessment and real-time monitoring data; (2) the identification of where the utility applied the security protection; and (3) the split of responsibilities for these protections when different utilities control the communicating control centers.
Certain control centers will not trigger the requirements of CIP-012-1. The first exclusion is for facilities that would otherwise qualify as a control center, but only communicate real-time data with other control centers regarding a co-located field asset, i.e., a transmission station or generation facility. NERC determined that a compromise to such communications does not pose a heightened risk to reliability in the same manner as the communication of aggregated real-time assessment and real-time monitoring data between control centers. Under a similar rationale, oral communications are not required to be protected under CIP-012-1 because NERC concluded that operators have the ability to terminate the call and initiate a new one via trusted means if they suspect a problem with, or compromise of, the communication channel.
Under NERC’s implementation plan, CIP-012-1 would become effective on the first day of the first calendar quarter two years after FERC issues an order approving the standard. FERC has placed this petition in a rulemaking docket, indicating that FERC will issue a Notice of Proposed Rulemaking, providing an opportunity for public comment before acting on the filing.