Critical Infrastructure Protection Committee Minutes September 17-18, 2013 Hyatt Regency Denver Tech Center 7800 East Tufts Avenue Denver, Colorado, 80237 The Critical Infrastructure Protection Committee (CIPC) Chair Chuck Abell called the meeting to order and being duly noticed, the regular meeting on September 17, 2013 began at 1:02 p.m. (MST). CIPC Secretary Bob Canada declared a quorum to conduct business with 29 members present. The meeting announcement, agenda, and a list of attendees are attached as Exhibits A, B, and C respectively. Mr. Canada announced a quorum achieved with 29 of 31 members which includes the following proxies: 1. SPP – Mr. Eric Ervin proxy for Mr. Allen Klassen 2. NRECA – Mr. Brad Hyland proxy for Mr. Robert Richhart 3. RFC – Mr. Frank Dessuit proxy for Mr. Kent Kujala 4. SERC – Mr. Neil Phinney proxy for Mr. Tommy Clark NERC Antitrust Compliance Guidelines Mr. Canada called attention to the NERC Antitrust Compliance Guidelines distributed with the agenda and read the statement concerning publicly announced meetings. Meeting Safety Briefing The Hyatt Regency Hotel Engineering and Safety staff briefed the CIPC attendees on safety and emergency evacuations procedures to include rally points outside the hotel. Introductions of Members, Proxies, Alternates, Associates, and Others Mr. Abell called for introductions of CIPC members and other attendees, and requested all present to sign the attendance sheet for record. Note: Slides presentations from this meeting are available at: Meeting Presentations Consent Agenda Mr. Abell asked for a motion to approve the Consent Agenda, which included the posted CIPC Agenda for the March 5-6, 2013 meeting. Upon motion by Mr. David Grubbs the Consent Agenda was approved unanimously by CIPC without any changes.
Transcript
Critical Infrastructure Protection Committee Minutes September 17-18, 2013 Hyatt Regency Denver Tech Center 7800 East Tufts Avenue Denver, Colorado, 80237 The Critical Infrastructure Protection Committee (CIPC) Chair Chuck Abell called the meeting to order and being duly noticed, the regular meeting on September 17, 2013 began at 1:02 p.m. (MST). CIPC Secretary Bob Canada declared a quorum to conduct business with 29 members present. The meeting announcement, agenda, and a list of attendees are attached as Exhibits A, B, and C respectively. Mr. Canada announced a quorum achieved with 29 of 31 members which includes the following proxies:
1. SPP – Mr. Eric Ervin proxy for Mr. Allen Klassen
2. NRECA – Mr. Brad Hyland proxy for Mr. Robert Richhart
3. RFC – Mr. Frank Dessuit proxy for Mr. Kent Kujala
4. SERC – Mr. Neil Phinney proxy for Mr. Tommy Clark NERC Antitrust Compliance Guidelines
Mr. Canada called attention to the NERC Antitrust Compliance Guidelines distributed with the agenda and read the statement concerning publicly announced meetings. Meeting Safety Briefing
The Hyatt Regency Hotel Engineering and Safety staff briefed the CIPC attendees on safety and emergency evacuations procedures to include rally points outside the hotel. Introductions of Members, Proxies, Alternates, Associates, and Others
Mr. Abell called for introductions of CIPC members and other attendees, and requested all present to sign the attendance sheet for record. Note: Slides presentations from this meeting are available at: Meeting Presentations Consent Agenda Mr. Abell asked for a motion to approve the Consent Agenda, which included the posted CIPC Agenda for the March 5-6, 2013 meeting. Upon motion by Mr. David Grubbs the Consent Agenda was approved unanimously by CIPC without any changes.
Chair Abell, provided CIPC with his report, covering CIPC’s past, present, and future actions. Mr. Abell placed special emphasis upon the reports made on behalf of CIPC to the NERC Board of Trustees, Electricity Sub-sector Coordinating Council (ESCC) meeting and the Standing Committee Coordination Group. (Presentation 1) Nomination Subcommittee Report
Chair Carl Eng presented the slate of officers recommended by the subcommittee. The slate of candidates nominated was: Chair Chuck Abell, Vice Chair Jim Brenton, and Vice Chair Nathan Mitchell. Upon motion by Robert McClanahan the election was closed and the entire slate was elected by acclamation. (Presentation 2) Critical Infrastructure Protection Director’s Remarks
Mr. Brian Harrell, Associate Director of CIP Programs on behalf of Matt Blizard, Director of Critical Infrastructure Protection discussed the following topics: GridEx II, GridSecCon, CIP Transition Guidance, and the Transition Implementation Study. (Presentation 3) Overview of Cybersecurity Executive Order
Mr. Mitchell, American Public Power Association (APPA) briefed on the progress of the efforts to meet the challenges of information sharing with private sector, government, as well as the National Institute of Standards and Technology (NIST), with the task of creating a Cybersecurity practice framework in collaboration with Industry that will be used to reduce threats. (Presentation 4) Legislative Update
Mr. Mitchell also briefed CIPC on current legislative initiatives and status of their process through the U.S. House and Senate procedures. (No presentation) Subcommittee Chairs, Subgroups, and Remarks
Mr. Abell reminded the CIPC of the subcommittees, working groups and task forces, the importance of their deliverables, the CIPC Strategic Plan, expectations of progress and solicited members for volunteers to all subgroups. Operating Security Subcommittee
Electricity Sector Information Sharing Task Force (ESISTF) Chair Stephen Diebold briefed CIPC on the Electricity Sector Information Sharing Task Force report. The presentation briefed on the progress and work still contemplated for stage two of the ESISTF, which will be an outreach campaign to bolster the use of the Electricity Sector Information Sharing and Analysis Center (ES-ISAC) as the central hub of information. Future meetings will be scheduled to solicit more ES-ISAC participation of the industry on a daily basis is contemplated soon. (Presentation 5)
Grid Exercise Working Group (GEWG)
Mr. Tim Conway briefed CIPC on the progress of the planning conferences, timelines, objectives, distributed play and executive tabletop, play scenario, as well as the number of entities participating in the exercise. (Presentation 6)
Policy Subcommittee – Chair Mr. Nathan Mitchell (No Presentation) Personnel Security Clearances Task Force (PSCTF) Chair Nathan Mitchell briefed on the report approved by CIPC on June 10, 2013. A summary of the report was briefed which included key points of the report such as: the report supporting NERC’s Chief Executive Officer’s Top Priority Issue - Goal 7 and the CIPC Charter Section 3, findings that the industry could provide timely and subject matter expertise to government in a collaborative classified space. In addition, a framework provides a consistent process to select nominees for clearances. (Presentations 7 and 8) Bulk Electric System Security Metrics Working Group (BESSMWG) - (Postponed until Sept 18th) Chair James Sample briefed on their ongoing progress to include the ES-ISAC activities and experience sharing tool. In addition to, covering watch list entries, two Hydra groups, information sharing wins, and observations including slow reporting, awareness of the Experience Sharing Tool (EST) pilot, and answered questions from the industry about what to report. He further explained that the BESSMWG is entirely dependent upon ES-ISAC staff and that reporting increases leading identifying indicators. (Presentation 9) Compliance Enforcement and Input Working Group (CEIWG) Chair Paul Crist gave a progress report on the working group which covered discussions on new volunteers, future work including: guidelines and process for the Compliance Analysis Report (CAR) development, Reliability Assurance Initiative Support, and virtualization whitepaper review. (Presentation 10)
Cyber Security Subcommittee – Chair Mr. Marc Child (Presentation 11) Mr. Child gave an overview of the Cyber Security Subcommittee activities include latest activities, next steps, and CIPC actions.
Cyber Attack Tree Task Force (CATTF) Chair Mark Engels gave an update on their activities which included goals, structure of Amenza SecurIT Attack Tree software design, behavior indicators, BES instability activities, predictability by the compromise of communications transport, physical attack, and electronic attacks. (Presentation 12)
Cyber Security Analysis Working Group (CSAWG) Chair Eric Warakomski gave an update on the latest activities and existing liaisons with the ES-ISAC, Cyber Security Training Working Group, and Events Analysis Subcommittee. (Presentation 11)
The CIPC Meeting was concluded for the day on September 17th at 5:02 p.m. (MST) and was reconvened on September 18th at 8:02 a.m. (MST)
Physical Security Subcommittee – Chair Mr. David Grubbs (No Presentation)
Physical Security Guideline Task Force (PSGTF) Chair John Breckenridge briefed CIPC on the comments received during 30-day comment period ending on July 23, 2013. Presently out for the 45-day comment period through September 26, 2013. The PSGTF chair will seek CIPC approval to conduct an email vote after the 45-day comment period. Upon motion by Mr. David Grubbs, CIPC approved the use of an email ballot, inclusive of the Electricity Sub-sector Physical Security Guideline revised to reflect comments received, after September 26, 2013. (Presentation 13) Physical Security Working Group (PSWG) Chair Ross Johnson briefed on the working groups activities. The PSWG will research and recommend activities to improve the security of BES facilities, establish a forum for industry to share physical security challenges and threat management techniques through a collaborative process using monthly teleconferences, sharing of timely information, and being mindful of regulatory implications for entities. A solicitation of a monthly call to begin sharing physical security topics received 76 CIPC attendees for inclusion on the monthly call. The PSWG will use products of security bulletins and develop a survey for determining the needs of physical security across the NERC Regions. (Presentation 14) Security Training Working Group (STWG) Chair William Whitney briefed CIPC on the latest activities, including the results of a security survey that were sent out to CIPC, assisting in developing training subject matter for CIPC Workshops, and solicited for new members. (Presentations 15 and 16)
ES-ISAC Update
Mr. Fred Hintermister briefed CIPC on the importance of information sharing and recommendations by the PSCTF and ESITF reports were presented to CIPC. (Presentation 17) Cybersecurity Procurement Language Update for Energy Delivery Systems
Mr. Ed Goff, Duke Energy briefed on promoting cybersecurity by design through procurement language tailored to the specific needs of the energy sector, why it is necessary, phases for development, timeline, and meeting the Department of Energy’s Roadmap mission.(Presentation 18) RISC Update and the Reliability Risk Control Process Mr. Andy Rodriquez, NERC Staff briefed on goals of the RISC, prioritizations of nominations, impact upon the standing committees and integration of RISC into the ERO process. (Presentation 19) Sufficiency Review Program (SRP) Mr. Scott Mix, NERC staff briefed on the 2012 SRP overview, general Risk-Based Assessment Methodology (RBAM) observations, criteria-specific observations, critical cyber asset observations and various other observations. (Presentation 20) North American Transmission Forum (NATF) Security Practices Group Activity Update
Mr. Wayne VanOsdol (Presentation 21)
Agency Updates
Federal Energy Regulatory Commission (FERC) – Mr. David Norton Department of Homeland Security (DHS) – No report Department of Energy (DOE) – No report 2013-2014 Future Meetings
Adjournment
There being no further business and upon motion to adjourn by Mr. Brenton. The motion was approved by CIPC with adjournment at 12:06 p.m. (EST). Submitted by,
Agenda Critical Infrastructure Protection Committee September 17, 2013 | 1:00–5:00 p.m. (MST) September 18, 2013 | 8:00 a.m.–Noon (MST) Hyatt Regency Denver Tech Center 7800 East Tufts Avenue Denver, Colorado, 80237 303-779-1234
Physical Security Training Workshop September 17, 2013 | 7:30 a.m.–Noon (MST) Hyatt Regency Denver Tech Center Denver, Colorado Room: Grand Mesa D-E-F – 2nd Floor Critical Infrastructure Protection Committee Meeting Hyatt Regency Denver Tech Center CIPC Working Lunch: Atrium 123 on 2nd Floor | September 17, 2013 | Noon–1:00 p.m. (MST) September 17, 2013 | 1:00–5:00 p.m. (MST) September 18, 2013 | 8:00 a.m.–Noon (MST) Room: Grand Mesa D-E-F – 2nd Floor
Welcome and Introductions – Chair Chuck Abell
NERC Antitrust Compliance Guidelines and Public Meeting Announcement*
Agenda
1. Administrative – CIPC Secretary Bob Canada
a. Arrangement – Safety Briefing and Emergency Precautions
b. Announcement of Quorum of Voting Members
c. CIPC Roster – Page 13
d. Parliamentary Procedures – In the absence of specific provisions in this manual, all committee meetings shall be conducted in accordance with the most recent edition of Robert’s Rules of Order in all cases to which they are applicable.
2. Consent Agenda – Chair Chuck Abell
a. Draft Minutes for Approval – CIPC June 11-12, 2013
TRE Jim Brenton ERCOT Cyber TRE David Grubbs City of Garland Operations TRE Darrell Klimitcheck STEC Physical FRCC Paul McClay TECO Cyber FRCC Carter Manucy Fla Municipal Physical FRCC Joe Garmon Seminole Operations MRO Marc Child Great River Cyber MRO Paul Crist LES Physical MRO Rick Liljegren MN Power Operations NPCC John Galloway* ISO-NE Operations NPCC Greg Goodrich NYISO Cyber NPCC Benoit Tardif HQ Physical RFC Larry Bugh RFC Cyber RFC Kent Kujala Detroit Operations RFC Jeff Fuller DPL Physical SERC Chuck Abell Ameren Cyber SERC Carl Eng Dominion Operations SERC Tommy Clark SMEPA Physical SPP John Breckenridge KCPL Physical SPP Allen Klassen Westar Operations SPP Robert McClanahan AECC Cyber WECC Allen Wick* Tri-State Physical WECC Mike Mertz PNM Cyber WECC Jamey Sample PGE Operations APPA David Godfrey TMPA Physical APPA Nathan Mitchell APPA Policy CEA Chris McColm Manitoba Physical CEA Ross Johnson Capital Power Physical CEA David Dunn IESO Policy NRECA Robert Richhart Hoosier Policy NRECA David Revill Georgia Trans Policy * Denotes new representative
3. Chair’s Remarks – Chair Chuck Abell
a. Reports – Recent NERC Meetings
b. CIPC 2013-2016 Strategic Plan and Work Plan – NERC BOT Approved: August 15, 2013
c. CIPC Charter Update – Reviewed by NERC Legal Counsel with OC and PC Charters to achieve some level of consistency. When completed the CIPC Charter will be posted with redline and clean versions.
4. Nominations Subcommittee Report – Carl Eng, Chair
5. CID Director Remarks – Brian Harrell, Associate Director of CIP Programs
Compliance Enforcement and Input Working Group – Chair Paul Crist
CEIWG Charter
Report on progress of work completed and contemplated
13. Cybersecurity Subcommittee – Subcommittee Chair Marc Child
Cyber Attack Task Force – Chair Mark Engels
CATTF Charter
Report on progress of work completed and contemplated
Cyber Security Analysis Working Group – Chair Eric Warakomski
CSAWG Charter
Report on progress of work completed and contemplated
14. Physical Security Subcommittee – Subcommittee Chair David Grubbs
Electricity Sector: Physical Response Guideline Task Force – Chair John Breckenridge
PSGTF Charter Link to Guideline for Physical Security Response (Step 12) Report on CIPC comments received during 30-day comment period ending July 23, 2013. Presently out for the 45-day comment period through September 26, 2013. PSGTF chair will seek CIPC approval to conduct an email vote after the 45-day comment period.
Physical Security Working Group – Chair Ross Johnson
PSWG Charter
Report on progress of work completed and contemplated
Security Training Working Group – Chair William Whitney III
STWG Charter
Report on progress of work completed and contemplated
CIPC Training Survey conducted
15. NATF Security Practices Group Activity Update – Wayne VanOsdol
16. RISC Update and the Reliability Risk Control Process – Andy Rodriquez, NERC Staff
17. Cybersecurity Procurement Language Update for Energy Delivery Systems – Ed Goff, Duke Energy
18. 2013 Grid Security Conference Update – Brian Harrell, Associate Director CIP Programs
19. ES-ISAC Update – Fred Hintermister, NERC Staff
