Title :
NERC CIP compliance: We’ve identified our critical assets, now what?”
Author_Institution :
Southern California Edison Co., Alhambra, CA
Abstract :
As we move through the NERC CIP compliance timeline toward ldquoauditable compliancerdquo, utilities are struggling to find reasonable solutions to meet compliance expectations. By now, most utilities have developed a risk-based assessment methodology, identified the relevant critical assets, and the design and implementation of technical solutions is well underway. Unfortunately, technical solutions cannot solve some of the most difficult challenges associated with compliance. Like many standards, the NERC CIP requirements tell only the ldquowhatrdquo, and offer little in the area of ldquohowrdquo. The following paper will identify some of the early compliance barriers and provide some recommendations for those on the front lines of compliance.
Keywords :
electricity supply industry; risk management; security of data; NERC CIP compliance; North American Electric Reliability Council; critical assets; cyber security; public utilities; risk-based assessment; Best practices; Circuits; Communication system security; Costs; Digital communication; Electric shock; Environmental management; Information security; Protocols; Substations; Communication Protocols; Cyber Security; Digital Communication; Electric Systems; Gas Systems; SCADA; System Operations; Water Systems;
Conference_Titel :
Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century, 2008 IEEE
Conference_Location :
Pittsburgh, PA
Print_ISBN :
978-1-4244-1905-0
Electronic_ISBN :
1932-5517
DOI :
10.1109/PES.2008.4596272
