On October 15, 2010, the North American Electric Reliability Corporation (“NERC”) submitted in Docket No. RM06-22-000, to the Federal Energy Regulatory Commission (“FERC”), a status report concluding that all of the balance of plant within a nuclear facility is subject to the cyber security standards of the Nuclear Regulatory Commission (“NRC”), and not subject to NERC’s Critical Infrastructure Protection (“CIP”) Reliability Standards.
In Order No. 706, FERC directed NERC to determine whether the balance of a nuclear power plant facility is subject to CIP regulation. The purpose of the directive is to assure that there is no regulatory “gap” between the CIP standards and the NRC cyber security regulations. Further, in Order No. 706-B, FERC directed NERC to find “bright-line” criteria to determine whether the balance of a nuclear plant’s equipment is subject to the CIP standards. Read more....