53
Standards Howard Gugel, Senior Director of Standards and Education Board of Trustees Meeting November 9, 2017
Standards
Howard Gugel, Senior Director of Standards and EducationBoard of Trustees MeetingNovember 9, 2017
RELIABILITY | ACCOUNTABILITY2
2018-2020 Reliability Standards Development Plan
• Status Posted for industry comment June 26 – July 25, 2017 NERC Standards Committee endorsed on October 18, 2017 Presented to Standards Oversight and Technology Committee
• Action Approve 2018-2020 Reliability Standards Development Plan
RELIABILITY | ACCOUNTABILITY3
• Reliability Benefit Perform GMD vulnerability assessments using an enhanced GMD event Require collection of GMD-related data Require deadlines for Corrective Action Plans (CAPs) and mitigation Improved transformer thermal assessment criteria
• Action Adopt TPL-007-2
Project 2013-03 Geomagnetic Disturbance Mitigation
RELIABILITY | ACCOUNTABILITY4
Special Assessment: Potential Bulk Power System Impacts Due to Severe Disruptions on the Natural Gas SystemPreliminary Findings
Thomas Coleman, Director, Reliability Assessment Board of Trustees MeetingNovember 9, 2017
RELIABILITY | ACCOUNTABILITY2
• Aliso Canyon storage facility outage underscored risks to electric generation and potential reliability issues
• Evaluate impacts to bulk power system (BPS) reliability as a result of potential disruptions and the loss of major natural gas infrastructure facilities: Key pipeline segment outages Disruption of LNG transport operations Natural gas storage disruptions
• Collaborative effort with Argonne National Laboratory analysis on critical facilities
• Advisory group established with electric and gas research organizations
Special Assessment Scope and Drivers
RELIABILITY | ACCOUNTABILITY3
Analysis Approach and Assessment Structure
• Gain better understanding of existing planning approaches
• Highlight and promote best practices
Step I: Review of Existing Studies
• Evaluate large storage facilities that are tightly coupled to electric generation (>2GW)
• Measure BPS reliability implications when storage facilities are not available
Step II: Evaluation of Gas Storage
Facilities
•Identify areas with a high density of natural gas generation
•Determine vulnerabilities and risk factors to consider in resiliency planning
Step III: Identification of
Generation Clusters
RELIABILITY | ACCOUNTABILITY4
Step 1: Review of Studies
RELIABILITY | ACCOUNTABILITY5
Step 1: Review of Studies – Key Findings
• Variety of concerns and region-specific challenges• Wide-area transmission impacts (voltage and thermal
constraints) due to loss of natural gas infrastructure are typically not studied; focus is generally on resource adequacy and resource availability
• Many respondents indicated that there were no natural gas storage facilities within their systems to evaluate
• Opportunity to learn from those with comprehensive resilience plans
RELIABILITY | ACCOUNTABILITY6
Step II: Storage Facilities
12 storage facilities have
been identified that can impact
> 2GW of generation
RELIABILITY | ACCOUNTABILITY7
Step III: Identifying Generation Risk Clusters
South CA-AZ:60 GW – 201617 GW -- Planned
East TX-OK-LA85 GW – 201628 GW – Planned
Northwest:25 GW – 20164 GW – Planned
Florida38 GW – 20165 GW – Planned
Mid-Atlantic95 GW – 201650 GW – Planned
New England11 GW – 20165 GW – Planned
Southeast55 GW – 20167 GW – Planned
* All values are approximates, various sources: EIPC, EIA-860, NERC LTRA
RELIABILITY | ACCOUNTABILITY8
• Aliso Canyon and has unique characteristics than most natural gas storage facilities
• Natural gas facility disruptions have varying impacts dependent on location and infrastructure density
• NERC’s transmission simulations demonstrates operational challenges in the event of natural gas disruptions
• Demand for natural gas has altered storage dynamics• Mitigation strategies (e.g., dual fuel) can reduce potential impacts• Natural gas supply sources have become more diversified• Recent FERC Orders continue to promote coordination• Comprehensive planning by Planning Coordinators can
significantly increase resilience
Key Findings
RELIABILITY | ACCOUNTABILITY9
• Regulators should consider fuel assurance mechanisms as they establish energy policy objectives
• In the event of an emergency, planning processes should include provisions for, and be prepared to, secure necessary air permit waivers
• Cyber and physical security needs should be diligently considered by regulators
• DOE should consider collecting data that quantifies dual fuel storage and seasonal on-site inventory
RecommendationsRegulators and Policy Makers
RELIABILITY | ACCOUNTABILITY10
• NERC registered entities should consider the loss of key natural gas infrastructure in their planning studies
• Owners and operators of dual fuel generators must ensure operability
• Wholesale electric markets should continue to incentivize performance of natural gas fired generation
• Natural gas and electric industries should continue to advance operational coordination
RecommendationsIndustry
RELIABILITY | ACCOUNTABILITY11
• NERC should consider enhancing its Reliability Guidelines and/or Reliability Standards related to transmission planning and extreme event assessments
• NERC should enhance its Generator Availability Data System (GADS) database for better granularity in generator outage causes
RecommendationsNERC
RELIABILITY | ACCOUNTABILITY12
• Seeking Board of Trustees acceptance of the report, endorsement of the recommendations, and approval to publish
Next Steps
RELIABILITY | ACCOUNTABILITY13
Geomagnetic Disturbance Research – Phase IIIUpdate
John Moura, Director, Reliability Assessment and System AnalysisBoard of Trustees Meeting November 9, 2017
RELIABILITY | ACCOUNTABILITY2
• Initial scoping with the Geomagnetic Disturbance Task Force (GMDTF) in February
• NERC’s Preliminary GMD Research Work Plan filed with FERC in May 2017 Developed by NERC, Electric Power Research Institute (EPRI), and the
GMDTF to meet Order No. 830 objectives Reviewed by NERC Planning Committee (PC)
• On October 19, 2017, FERC issued an order accepting NERC’s preliminary plan and directing NERC to file a final plan within six months
• EPRI project management of the research work plan capitalizes on EPRI’s EMP research
Research Plan Development
RELIABILITY | ACCOUNTABILITY3
• Held face-to-face meeting in September to seek partnership with industry/researchers and provide plan update
• Developed Section 1600 draft data request with NERC• Task Force is a collaboration of researchers, agencies, and
utilities North American Transmission Forum NASA, Canadian Space Agency U.S. Geological Survey, Natural Resources Canada U.S. Space Weather Prediction Center U.S. National Labs Utilities from all regions in North America EPRI
GMD Task Force Update
RELIABILITY | ACCOUNTABILITY4
• NERC and EPRI partnership successful in obtaining technical support from researchers
• Research project begins in November 2017 and project runs through early 2020
• Research has begun on the following two tasks: Development of a Transformer Thermal Assessment Tool (Dec 2017)o Develop an open-source tool for modeling transformer heatingo Develop tool to conduct thermal analysis for transformers
Improve Harmonics Analysis Capability (Dec 2019)o Develop guidelines and tools for use in performing system-wide assessment of
GMD-related harmonics
Research Update
RELIABILITY | ACCOUNTABILITY5
• Order No. 830 includes directives for collecting data to “improve our collective understanding” of GMD risk Includes GIC and magnetometer data NERC is to make data available to the public
• Developed draft data request with input from GMDTF and NERC• PC will be asked to approve data request for 45-day industry
comment at December 2017 PC meeting• The final data request will be submitted to the PC and NERC
Board of Trustees for approval in 2018
Section 1600 Data Request
RELIABILITY | ACCOUNTABILITY6
Inverter Resource Performance Task Force and Level 2 Industry Recommendation UpdateJames MerloVice President, Reliability Risk ManagementNovember 9, 2017
RELIABILITY | ACCOUNTABILITY2
NERC Level 2 Alert issued 6/20/2017
• Focused on inverter-based photovoltaic resources
• Frequency and voltage performance during recent system events
• Requested information on status of controls for these resources
RELIABILITY | ACCOUNTABILITY3
• Responses account for 99% of BES registered utility grade solar
Alert Responses
Manufacturers MW Responses Inverter units1 6,232 29 3,817 2 5,124 56 5,303 3 1,323 13 761 4 854 8 786 5 684 5 461 6 634 10 837 7 537 8 968 8 403 5 247 9 361 6 576
10 360 4 284 11 207 1 272 12 30 1 30 13 20 2 32 14 2 2 4
Total 16,771 150 14,378
-
1,000
2,000
3,000
4,000
5,000
6,000
7,000
1 2 3 4 5 6 7 8 9 10 11 12 13 14
MW
Manufacturer
RELIABILITY | ACCOUNTABILITY4
• 37% or 6,244 MW were calculating frequency incorrectly• Positive response to remediation recommendations
Erroneous Frequency Calculation
Implemented Manufacturer Recommendations?MW Responses Inverter units
Yes 4,258 47 4,591 No 1,986 27 2,557 Total 6,244 74 7,148
4,258 , 68%
1,986 , 32% Yes
No
RELIABILITY | ACCOUNTABILITY5
• 84% or 14,113 MW cease output during abnormal voltage• Positive response to remediation recommendations • More work needed in this area
Momentary Cessation during Abnormal Voltage
Inverter cease output during abnormal voltages?MW Responses Inverter units
Yes 14,113 119 11,821 No 2,657 31 2,557 Total 16,771 150 14,378
14,113 , 84%
2,657 , 16%
Yes
No
RELIABILITY | ACCOUNTABILITY6
• Inverter Based Resource Performance Task Force (IRPTF)• Reliability Guideline: Inverter-Based Resource Performance• http://www.nerc.com/comm/PC/Pages/Inverter-Based-
Resource-Performance-Task-Force.aspx• http://www.nerc.com/pa/rrm/ea/Pages/1200-MW-Fault-
Induced-Solar-Photovoltaic-Resource-Interruption-Disturbance-Report.aspx
• http://www.nerc.com/pa/rrm/bpsa/Pages/Alerts.aspx
Way Ahead
RELIABILITY | ACCOUNTABILITY7
Supply Chain Activity UpdateKen McIntyre, Vice President and Director of Standards and ComplianceBoard of Trustees MeetingNovember 9, 2017
RELIABILITY | ACCOUNTABILITY2
• Board approved Supply Chain Standard in August• Board issued supply chain resolution to support implementation
and further analysis of supply chain risk • Petition for approval filed with FERC, September 26
Background
RELIABILITY | ACCOUNTABILITY3
• Support effective and efficient standard implementation (e.g., CIP V5 transition)
• Study supply chain risks and provide recommendations• Communicate supply chain risks to industry • Forum and Association white papers• Plan to evaluate effectiveness of supply chain standards
Board Supply Chain Resolution
RELIABILITY | ACCOUNTABILITY4
• Critical Infrastructure Protection Committee (CIPC) will establish standard implementation advisory group in December 2017
• NERC created a supply chain standard webpage for standard implementation information and references
• NERC to provide initial workshop on supply chain standard in 2018 Q1, with workshops to follow on key topic areas
• NERC and Regions to provide readiness evaluations in 2018 Q3-Q4
• NERC and Regions to conduct small entity advisory sessions in 2018 Q1-Q3
Effective and Efficient StandardImplementation
RELIABILITY | ACCOUNTABILITY5
• Engage CIPC in study design during Q4 2017 Finalize design and approach for supply chain risk study (Q1 2018) Recruit industry experts and vendors to participate in supply chain risk
study (Q1 2018) First interim deliverable due August 2018 Final report due February 2019
• Supply chain risk identification and actions CIPC to develop security guidelines to address known risks Partner with National Laboratory to identify vulnerabilities in legacy
equipment and recommend mitigation practices NERC’s E-ISAC to engage Departments of Energy and Homeland Security to
explore information sharing and supply chain risk assessments
Supply Chain Risk Study and Actions
RELIABILITY | ACCOUNTABILITY6
• NERC Alerts to communicate supply chain risks Recently issued a level 2 NERC Alert in September 2017 Utilize E-ISAC communication systems and protocols to disseminate
information
• E-ISAC including supply chain risk topic in GridEx IV
Communicate supply chain risks
RELIABILITY | ACCOUNTABILITY7
• Forums and Associations developing white papers First drafts completed Q1 2018 Final review and publish Q2 2018
• NERC to post white papers on supply chain standard webpage• NERC, Forums, and Associations to present papers to industry CIPC open meetings NERC and Regional workshops
Forums and Associations
RELIABILITY | ACCOUNTABILITY8
• ERO Enterprise will: Develop standard effectiveness evaluation plan in Q4 2018 o Consider standard effective date and implementation timeline
Continue small group advisory sessions throughout implementation Assemble auditor observations and feedback to support effectiveness
determination
• CIPC advisory group to gather and provide feedback to ERO Enterprise on standard effectiveness
Plan to Evaluate Standard Effectiveness
RELIABILITY | ACCOUNTABILITY9
• Incorporate supply chain activities in CIPC’s work plan Executive Committee discussed at August meeting Finalize work plan at December meeting Stand-up supply chain advisory group in December Present work plan to NERC Board Of Trustees in February 2018
• Finalize supply chain risk study design and resource requirements in 2018 Q1
• Update webpage• Provide quarterly updates to Board of Trustees
Immediate Next Steps
RELIABILITY | ACCOUNTABILITY10
1
E-ISAC Update
Marcus Sachs, Senior VP & Chief Security Officer, NERCBill Lawrence, Senior Director, E-ISACBoard of Trustees MeetingNovember 9, 2017TLP:WHITE
2
Summary of Q3 2017
TLP: White
• Sharing and reporting 221 E-ISAC staff posts to the portal (+3% above the quarterly average over
the past year) 60 member posts to the portal (+9%)o 36 unique organizations shared (+21%)o 10 of those 36 organizations had never shared before
421 new portal accounts (+10%)
• Engagement (monthly average during the quarter) 186 webinar attendees (-20%) 562 downloads of the daily report (+35%)
• CAISS Pilot 19 companies participating (+1 participant)
3
CRISP Statistics
2015 Total
2016 Total
2017 Q1
Total
2017 Q2
Total
2017 Q3
Total
Cases Opened 788 1,553 532 421 425
Reports Generated 138 194 60 62 60
Site Annexes 259 442 200 319 384
CASA Automated Reports
71,000 165,852 46,293 42,689 37,769
TLP:WHITE
4
• NERC and the Regional Entities are joining CRISP in 2018 Will use same type of Information Sharing Device as currently used by
existing CRISP members Sensors will be distributed across several locations, feeding Pacific
Northwest National Laboratories as a single CRISP member
• Provides additional protection for sensitive data held and managed by the ERO
• No CRISP information will be shared with NERC and Regional Entity CMEP functional staffs As with other CRISP members, site annexes and CASA automated reporting
will go to the information technology teams for action E-ISAC analysts will assist with interpreting and developing response plans
CRISP for NERC and Regions
TLP:WHITE
5
• Modular Malware (Defense Use Case #6) – August 2, 2017• Dragonfly 2.0 – September 6, 2017• Kaspersky security software (Government report and a NERC
Alert) – September 13, 2017
Cyber Incidents and Reports
TLP:WHITE
6
• E-ISAC tracked the Kaspersky issue for several years Most information was classified, limiting what could be released DHS Binding Operational Directive 17-01, September 13, 2017 declassified
the most significant facts and directed all US federal agencies to:o Identify any use or presence of Kaspersky products on their information systems
within 30 dayso Develop detailed plans to remove and discontinue present and future use of the
products within 60 dayso Begin to implement the agency plans to discontinue use and remove the
products from information systems 90 days from the date of the directive
• E-ISAC alerted members immediately after the BOD release Published a TLP GREEN bulletin with guidance on September 15, 2017 Published a non-public Level 2 NERC Alert on October 5, 2017
Kaspersky Issue
TLP:WHITE
7
• Kaspersky anti-virus products and solutions provide broad access to files and elevated privileges on systems using their products Can be exploited by malicious cyber actors to compromise those systems
• Russian law allows Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks
• Russian government could use access provided by Kaspersky products to compromise foreign information systems Directly implicates national security Kaspersky confirmed that classified NSA information was sent to Russia
Kaspersky Threat
Sources: https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01https://www.kaspersky.com/blog/internal-investigation-preliminary-results/19894/
TLP:WHITE
8
• Kaspersky-branded products that are a potential threat: Kaspersky AntiVirus Kaspersky Internet Security Kaspersky Total Security Kaspersky Small Office Security Kaspersky Anti Targeted Attack Kaspersky Endpoint Security Kaspersky Cloud Security (Enterprise) Kaspersky Cybersecurity Services Kaspersky Private Security Network Kaspersky Embedded Systems Security
• Several private sector businesses are offering “free” removal and replacement of Kaspersky software
Kaspersky Products
9
• Initiative to overhaul existing website started in 2015• New “look and feel” launched in October 2016 Significant improvements to old portal Fixed numerous bugs and technical issues Set up conditions for successful transition to a new platform
• New contractor hired in early 2017 Developed new layout and functionality with input from MEC and other
stakeholders New site “go live” date set for November 30, 2017 Updates and additional new features will begin in January 2018
New Portal Platform
TLP:WHITE
10
• The E-ISAC’s Cyber Hygiene and Internet Risk Program leverages two initiatives at the Department of Homeland Security (DHS) Cyber Hygiene program (CyHy) Risk and Vulnerability Assessment program (RVA)
• These initiatives are federally funded and are available AT NO COST to private sector entities in the US
• Reduces industry risk by identifying cyber vulnerabilities Provides E-ISAC with meaningful security metrics Identifies areas that need improvement
• NERC and E-ISAC enrolled in CyHy in June, 2017• All Regional Entities enrolled in CyHy in July/August, 2017
CHIRP Initiative
TLP:WHITE
11
• Grid Security Conference (GridSecCon) 2017• October 17-20, 2017 in Saint Paul, Minnesota Technical training Speakers, panels, and threat briefings Security vendors Over 500 attendees
• GridSecCon 2018 will be in the WECC Region
Grid Security Conference
TLP:WHITE
12
GridEx IV is:An unclassified industry/government exercise
designed to simulate a coordinated cyber/physical attack with operational impacts
on electric and other critical infrastructuresacross North America
to improve security, resiliency, and reliability
Grid Security Exercise
November 15-16, 2017
TLP:WHITE
13 TLP:WHITE
