The CIP version 5 standard requirements for Interactive Remote Access do not include system-to-system processes using serial communications. However, study participants identified routable connectivity to an asset containing medium impact rating BES Cyber Assets as a possible security risk when there was an IP-to-serial conversion between a BES Cyber Asset and an external network. In order to help reduce this risk, while not required to demonstrate compliance, study participants chose to implement a firewall with strict inbound and outbound access permissions allowing only network traffic documented as essential to the proper functioning of the BES Cyber Asset. Also, study participants provided additional measures in their physical security plan for these types of assets to provide an extra level of protection against unauthorized access. No additional controls were implemented for relay-to-relay communications.
Full Answer
What is interactive remote access?
Interactive Remote Access means user-initiated access by a person employing a remote access client or other remote access technology using a routable protocol.
What is NERC CIP v5?
On November 22, 2013, FERC approved Version 5 of the critical infrastructure protection cybersecurity standards (CIP Version 5), which represent significant progress in mitigating cyber risks to the bulk power system.
What is NERC CIP access?
NERC Critical Infrastructure Protection (NERC CIP) is a set of requirements designed to secure the assets required for operating North America's bulk electric system.
What are the NERC CIP standards?
The NERC CIP standards require utility companies in North America to establish and adhere to a baseline set of cybersecurity measures. The goal is to ensure that appropriate security controls are in place to protect BES and its users and customers from all threats that may affect its timely and effective functioning.
Is NERC CIP mandatory?
The NERC CIP standards are the mandatory security standards that apply to entities that own or manage facilities that are part of the U.S. and Canadian electric power grid.
What does CIP stand for in Cyber Security?
The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) is a NERC movement that was formed to regulate, enforce, monitor and manage the physical and logical security of systems that manage the electrical power of grids.
What requirements must be met to obtain CIP access?
The requirements include policies meant to restrict access to physical assets, implement physical access controls, monitor unauthorized access, implement an alert system, continually monitor physical access controls, keep extensive logs of physical access, and maintain the physical access control systems over time.
Who must comply with NERC CIP standards?
The NERC is the federal entity responsible for the oversight of the Bulk Electric System (BES) for North America. Its jurisdiction applies to all owners, users, producers, and suppliers of the Bulk Electric Supply in eight provinces of Canada, one state in Mexico and all of the continental United States.
Why is NERC CIP important?
This is one of the most important standards of all. It ensures that all responsible parties have recovery plans in place in the event of a critical attack that could damage infrastructure or halt the operation of a critical asset.
How many NERC standards are there?
11 standardsThe NERC CIP consists of 11 standards that are for protection against cybersecurity attacks. Not only does it offer protection but it offers the opportunity to create help protection plans and habits within your company. Assess your NERC CIP Compliance!
What is the difference between FERC and NERC?
FERC also regulates natural gas and hydropower projects. NERC is the FERC-approved authority that develops and enforces reliability standards; annually assesses seasonal and long‐term reliability; monitors the bulk power system through system awareness; and educates, trains, and certifies industry personnel.
When did NERC standards become mandatory?
June 18, 2007 Compliance with approved NERC Reliability Standards will become mandatory and enforceable in the United States.
What does NERC CIP require to identify information that is classified as BES Cyber system information?
Standard CIP-011 exists as part of a suite of CIP Standards related to cyber security, which require the initial identification and categorization of BES Cyber Systems and require a minimum level of organizational, operational, and procedural controls to mitigate risk to BES Cyber Systems.
What is a critical cyber asset?
The Critical Infrastructure Protection (CIP) standard by the North American Electric Reliability Corporation (NERC) through version 4 has defined a “critical cyber asset” or “CCA” as any device that uses a routable protocol to communicate outside the electronic security perimeter (ESP), uses a routable protocol within ...
What CIP 003?
Standard CIP-003 requires that Responsible Entities have minimum security management controls in place to protect Critical Cyber Assets. Standard CIP-003 should be read as part of a group of standards numbered Standards CIP-002 through CIP-009.
What is a high impact BES Cyber system?
For High Impact BES Cyber Systems, where technically feasible, the physical security plan must use two or more different physical access controls to collectively allow unescorted physical access into Physical Security Perimeters to only those individuals who have authorized unescorted physical access.
Why is there a lack of clarity in the CIP version 5?
The implementation study participants found a lack of clarity in the CIP version 5 Reliability Standards because they do not specifically address remote access to serially connected BES Cyber Asset or BES Cyber Systems. Consequently, the CIP version 5 implementation study participants referred the identified issue to the CIP standards drafting team to be evaluated for future standards development.
How to reduce or eliminate risks to the reliable operation of the BES associated with connecting a BES Cyber System to?
An effective way to reduce or eliminate risks to the reliable operation of the BES associated with connecting a BES Cyber System to a communication network is to minimize connectivity to BES Cyber Systems. Following a review of all communications to BES Cyber Systems, study participants disconnected all non-essential communication paths to decrease potential attack vectors.
Increased security controls in process for the Critical Infrastructure Protection (CIP) standards
For many Bulk Power System owners and operators, there’s nothing funny about preparing for the April fool’s day 2016 deadline for North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) V5 requirements.
Version 5 Tackles Internal and Remote Access Vulnerabilities
One area where CIP V5’s stricter controls enhance grid security is in the area of Electronic Security Perimeters. Updates in V5 tackle internal and remote access vulnerabilities in three important areas:
The Need for Reference Architectures
The National Cybersecurity Center of Excellence (NCCoE) managed by NIST is addressing some of these very same Identity and Access Management (IdAM) use cases.
