1

ERCOT/TRE Representation to NERC CIPCfor

TRE Members’ Representative Committee

Jim Brenton CISSP, ISSAP, Vice Chair NERC CIP CommitteeDavid Grubbs, PE, NERC CIPC Executive Committee

June 27, 2012

2

Critical Infrastructure Protection Committee (CIPC)

CIPC MissionAdvance the physical and cyber security of the critical electricity infrastructure of North America.

 CIPC VisionFoster information sharing, provide industry leadership and a forum for exchanging ideas and promote dialogue on key issues critical Infrastructure protection of the Bulk Electric System.

 CIPC Guiding PrinciplesContinue to strive for excellence in:– Maintain relationship with and promote information sharing with other

committees – Maintain high level of expertise – Align priorities with ERO and across the other standing committees – Ensure CIPC resources are efficiently used

3

CIPC Charter Voting Structure

CIPC(Total of 30 Voting Members)

NERC Regions(24 Total Votes)

ERCOT(3 Votes)

FRCC(3 Votes)

MRO(3 votes)

RFC(3 Votes)

SERC(3 votes)

SPP(3 Votes)

WECC(3 Votes

NPCC(3 Votes)

APPA(2 Votes)

NRECA(2 Votes)

CEA(2 Votes)

4

NERC CIPC Executive Committee Voting Structure

Charles Abell, Ameren

ChairVoting

Non-Voting Members

APPACEAEEI

EPSAIRC

NRECA

Immediate Past Chair

NERC Staff

Voting Members

Ross Johnson, Capital PowerMark Childs, Great River EnergyDavid Grubbs, City of Garland

Carl Eng, Dominion

Jim Brenton, ERCOT

Vice ChairVoting

Nathan Mitchell, APPA

Vice ChairVoting

5

NERC CEO’s Top Priority Issues for BES Reliability

Top Priority NERC CEO-Directed Task Forces• Spare Equipment Database Task Force (PC/OC)• Geomagnetic Disturbance Task Force (PC/OC/CIPC)• Severe Impact Resilience Task Force (OC/PC/CIPC)• Cyber Attack Task Force (CIPC)

CIPC Committee• Cyber Attack Task Force Non-traditional threats via cyber security

vulnerabilities formed with standing committee’s cyber expertise

CIPC Support to Operating and Planning Committees• Geomagnetic Disturbance Task Force ― Assist Operating and Planning

Committees (lead committees) by soliciting participants from CIPC• Severe Impact Resilience Task Force ― Solicit and encourage CIPC

member participation on OC task force

6

NERC CIPC Areas of Strategic Focus

1. Advisory Panel Serve as an expert advisory panel to the NERC Board of Trustees, Electric Sub-sector Coordinating Council (ESCC) and Standing Committees in the areas of physical and cyber security. Serve as an expert advisory panel to the Electricity Sector Information Sharing and Analysis Center (ES-ISAC).

2. NERC AlertsCIPC will utilize the expertise of its members and NERC staff, as well as the CIPC Executive Committee to support the timely review, coordination and dissemination of industry alerts and informational responses.

3. Guidelines and Technical ReportsCIPC will develop and maintain guidelines and technical reports on CIP matters and provide technical support to standard drafting teams (SDTs).

4. Standards and Compliance Input CIPC will support the NERC Compliance initiatives by providing timely topical expertise on matters related to cyber and physical security. CIPC will also develop and submit Standard Authorization Requests (SARs) on CIP matters as needed.

7

NERC CIPC Areas of Strategic Focus -- 2

5. BES Security MetricsCIPC will utilize the expertise of its members, NERC staff and others to provide direction, technical oversight, feedback on the collection of industry metrics, and reporting of Bulk Electric System security performance metrics.

6. Electric Sector Security ClearancesCoordinate with the Department of Homeland Security to determine and recommend appropriate U.S. Government security clearances to be available to members of the CIPC and other industry subject matter experts.

7. Support to Energy Sector Control Systems Working Group (ESCS WG) “Roadmap to Achieve Energy Delivery Systems Cyber Security”CIPC will encourage industry support of The Roadmap to Achieve Energy Delivery Systems Cyber Security prepared by the ESCS WG.  

8. Public-Private Partnership for Information SharingSupport of the ESCC is Goal #1: “Enhance situational awareness within the electricity sub-sector and with government through robust, timely, reliable, and secure information exchange”. CIPC will collaborate with ESCC to identify information sharing protocols and enhance information sharing of actionable information between government and industry.

8

NERC CIPC Areas of Strategic Focus -- 3

9. Emerging IssuesCIPC will utilize the expertise of members and NERC staff to identify emerging issues and take timely and appropriate action.

10. Focus on Balanced Approach in Bulk Electric System SecurityCIPC will emphasize a balanced cyber, physical and operational security approach on each task force or working group.

11. Analysis of Security Incidents Impacting the Bulk Electric SystemCIPC will coordinate with Operating and Planning Committees on developing a mechanism for identification and analysis of security incidents impacting Bulk Electric System

9

NERC CIPC Areas of Strategic Focus -- 4

12. CIP Training and Educational OutreachCIPC will provide meeting attendees with an opportunity to participate in physical, cyber and operational security training and educational outreach opportunities.

13. Framework for Board of Trustees/ESCC/CIPC RelationshipCIPC will work with and support the NERC Board of Trustees and ESCC as requested.

14. CIPC Member InvolvementsCIPC will utilize the expertise of the committee members by providing opportunities to participate in CIPC activities.

10

NERC CIPC – What it is not

• Does not address or comment on NERC Standards (all Standards Drafting Teams report to NERC Standards Committee)

• Does not develop SARs• Does not make recommendations on Legislation (although

generally receives a report on the status of legislation)• Generally avoids most compliance and enforcement issues,

but does write whitepapers on how to implement CIP standards

NERC CIPC concentrates on BES Security and Reliability not Compliance

11

NERC CIP Committee Subgroups

CIPC Executive Committee

Physical Security Subcommittee

Cyber Security Subcommittee

Operating Security Subcommittee

Policy Subcommittee

Protecting Sensitive Information TF

Physical Security Analysis WG

Physical Security Training WG

Control Systems Security WG

Cyber Security Analysis WG

Cyber Security Training WG

Information Sharing TF

HILF Implementation TF

NERC GridExercise WG

Cyber Attack TF

BES Security Metrics WG

Personnel Security Clearance TF

Compliance & Enforcement Input

WG

Physical Security Guideline TF

2012

2013

Existing

12

NERC CIPC Physical Security Subcommittee

– Subcommittee Chair: David Grubbs, (Garland/TRE)– Existing

• Protecting Sensitive Information TF• Chair: Nathan Mitchell, (APPA Staff)

• Physical Security Guideline TF• Chair: John Breckinridge, (KCP&L/SPP)

– New• Physical Security Analysis WG• Chair: Ross Johnson, (Capital Power/CEA)

– Future• Physical Security Training WG

Physical Security Subcommittee

Protecting Sensitive Information

TF

Physical Security Analysis

WG

Physical Security Training

WG

Physical Security Guideline

TF

13

NERC CIPC Cyber Security Subcommittee

– Subcommittee Chair: Marc Childs, (Great River Energy/MRO)– Existing

• Control System Security WG• Chair: Mark Engels, (Dominion/RFC)

• Cyber Attack TF• Chair: Mark Engels, (Dominion/RFC)

– New• Cyber Events Analysis WG• Chair: Stephen Diebold, (KCP&L/SPP)

• Cyber Security Training WG• Chair: William Whitney, (Garland/TRE)

Cyber Security Subcommittee

Control System Security

WG

Cyber Security Analysis

WG

Cyber Security Training WG

Cyber Attack TF

14

NERC CIPC Operating Security Subcommittee

– Subcommittee Chair: Carl Eng (Dominion/RFC)– New

• Information Sharing TF• Chair: Steve Diebold, (KCP&L/SPP)

• HILF Implementation TF• Chair: Bill Muston (Oncor/TRE)

– Future• NERC GridSec Exercise WG

Operating Security Subcommittee

Information Sharing TF

HILF Implementation

TF

GridSec Exercise WG

15

NERC CIPC Policy Subcommittee

– Subcommittee Chair: Nathan Mitchell (APPA Staff)– New

• BES Security Metrics WG• Chair: Jamie Sample (PG&E/WECC)

• Personnel Security Clearance TF• Chair: Jim Brenton (ERCOT/TRE)

– Future• Compliance & Enforcement Input WG

Policy Subcommittee

BES Security Metrics WG

Personnel Security Clearance TF

Compliance & Enforcement Input

WG

16

Voting Members on NERC CIP Committee

• David Grubbs / Operations & Physical, Garland – Director Regulatory Affairs & Compliance – Chairman of ERCOT CIP Working Group– Member of NERC CIPC for 4 years– Member of NERC CIPC Executive Committee – 2 years– Chairman of NERC CIPC Physical Security Subcommittee– Member of NERC SIRTF Executive Committee– Member of NERC Physical Protection Guidelines Committee – Member of NERC HILF Implementation Task Force– Participated in 2012 DoD Defense Industrial Base Study of DFW

power restoration– Member ERCOT TAC, 1987-1996, 2010-present– Member ERCOT Board of Directors, 1994-2001– Past Chair ERCOT Network Data Support WG– Past Chair ERCOT Power Interchange Effects WG– Past Chair ERCOT Operating Guides Revision TF– U.S. Gov //SECRET// Clearance

17

Voting Members on NERC CIP Committee

• William Whitney / Cyber, Garland – Manager Operations Technical Services– Vice Chairman of ERCOT CIP Working Group– Newly selected NERC CIPC by ERCOT CIP WG in 2012– Member of NERC CIPC Cyber Attack Task Force – Member of NERC CIPC Personal Security Clearance Task Force– Member of DHS/US-CERT ICSJWG Workforce Development

Subgroup– Chair of NERC CIPC Cyber Security Training Working Group– U.S. Gov //SECRET// Clearance

18

Voting Members on NERC CIP Committee—continued

• Jim Brenton / Cyber, ERCOT – Principal & Regional Security Coordinator– ERCOT Representative to NERC CIPC – 6+ years– NERC CIPC Vice Chairman – One year– Member of NERC CIPC Executive Committee – 3+ years– Chairman of NERC CIPC Personal Security Clearance Task Force– Member of NERC CIPC Bulk Electric System Security Metrics Working Group– Chairman, TX Private Sector Advisory Council for CI/KR Protection to the Governor – Co-founder & ERCOT Staff Facilitator ERCOT CIP Working Group – 6 years– Member of ISO/RTO Council Security Working Group – 6+ years– Member of DoE Advisory Council for Electricity Sector Cybersecurity Capability Maturity

Model (ESC2M2) Pilot Initiative requested by the White House Cyber Security Advisor to the President and the National Security Council – May 2012

– Participated in 2012 DoD Defense Industrial Base Study of DFW power restoration– Member of the Government/Industry Task Force that prepared classified report on

Remote Network Security Vulnerabilities for NERC in Feb 2010– Member of DoE Energy Sector Control Systems Working Group that prepared the 2011

DoE “Roadmap for Energy Delivery Systems Cybersecurity”– Member of NERC/NIST/DoE/Industry team that prepared the DoE “Cybersecurity Risk

Management Process Guideline” for the Electricity Subsector in 2011– Member of NERC CIP Standards Drafting Team (2008-2011)– U.S. Government //SECRET// Clearance

19

ERCOT Alternates for NERC CIP Committee

Alternates Listed on NERC Roster:

• Ann Delenela / Cyber, ERCOT Director of Security– Alternate for 6+ years– U.S. Gov //SECRET// Clearance

• Christine Hasha / Cyber, ERCOT Senior Compliance Analyst– Alternate for 2+ years– Member of NERC CIP Standards Drafting Team

• Martin Narendorf / Physical, CenterPoint Director, Substation Operations– Alternate for 3+ years

• Bill Muston / Cyber, Oncor Manager, Research & Development– Alternate for 6+ years– Co-founder and member of ERCOT CIPWG – 6 years– U.S. Gov //SECRET// Clearance

• Elias A. Villanueva / Operations, ERCOT Supervising Engineer, System Operations– Alternate for 6+ years

• Scott Rosenberger / Cyber, EFH Director, Security & Compliance– Former NERC CIPC Voting Member 2 years and Alternate for 3+ years– Former Vice Chairman ERCOT CIP WG – 2 years – Member of NERC CIP Standards Drafting Team – 5 years– U.S. Gov //SECRET// Clearance

20

Proposed Criteria for Consideration for NERC CIPC Representatives from TRE/ERCOT

• Active in ERCOT CIP Working Group Meetings and Activities• Active in NERC CIPC Working Groups, Task Forces or NERC CIP

Standards Drafting Teams• Recognized expertise and/or certification in at least one of the

following security areas:– Cyber Security; Physical Security; Control System/SCADA

Security; Operational Security; and, Security Policy, Regulations and Standards

• Company commitment for time and travel expense of participating in 8-10 out of town NERC CIPC/TF/WG meetings, two classified briefings per year, in addition to 10-12 ERCOT CIP WG meetings in Austin

• US Government //SECRET// or higher Security Clearance sponsored by the DHS, DoE, DoD, DoJ/FBI, or other Federal Department or Agency for access to Classified National Security Information related to the protection of Critical Infrastructure.

21

Questions and Discussion