NERC to utilities: Reduce cyber security risk

In a letter to the electric utility industry, Michael Assante, chief security officer for NERC (National Electric Reliability Corporation), is delivering a diplomatic but pointed message: By trying to avoid regulation, utilities are putting the electrical system at risk. In this case, cyber security risks may have increased because of the way some electric utilities are approaching regulatory c...

05/01/2009


In a letter to the electric utility industry, Michael Assante, chief security officer for NERC (National Electric Reliability Corporation), is delivering a diplomatic but pointed message: By trying to avoid regulation, utilities are putting the electrical system at risk. In this case, cyber security risks may have increased because of the way some electric utilities are approaching regulatory compliance.

New regulations intended to protect the bulk electric grid are aimed at assets that have been classified as “critical.” The specific definition identifies assets that “if destroyed, degraded, or otherwise rendered unavailable, would affect the reliability or operability of the Bulk Electric System.” In an apparent effort to avoid regulation, utilities are reporting that they have relatively few plants and parts of their distribution networks that qualify under the definition.

NERC’s view is that the utilities are not really considering how interconnected all the parts of the system are and are therefore drastically undercounting those that should fall appropriately under the regulation. Assante’s suggestion is that utilities perform their analysis again beginning with the assumption that all assets are critical unless there are clear reasons that they can be ruled out, rather than the reverse.

As the letter states, “NERC is requesting that entities take a fresh, comprehensive look at their risk-based methodology and their resulting list of CAs [critical assets] with a broader perspective on the potential consequences to the entire interconnected system of not only the loss of assets that they own or control, but also the potential misuse of those assets by intelligent threat actors. Although it is the responsibility of the Registered Entities to identify and safeguard applicable CAs, NERC and the Regional Entities will jointly review the significant number of…entities that reported having no CAs to determine the root cause(s) and suggest appropriate corrective actions, if necessary.”

www.nerc.com





No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
2015 Top Plant: Phoenix Contact, Middletown, Pa.; 2015 Best Practices: Automation, Electrical Safety, Electrical Systems, Pneumatics, Material Handling, Mechanical Systems
A cool solution: Collaboration, chemistry leads to foundry coat product development; See the 2015 Product of the Year Finalists
Raising the standard: What's new with NFPA 70E; A global view of manufacturing; Maintenance data; Fit bearings properly
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Cyber security cost-efficient for industrial control systems; Extracting full value from operational data; Managing cyber security risks
Drilling for Big Data: Managing the flow of information; Big data drilldown series: Challenge and opportunity; OT to IT: Creating a circle of improvement; Industry loses best workers, again
Migrating industrial networks; Tracking HMI advances; Making the right automation changes
Understanding transfer switch operation; Coordinating protective devices; Analyzing NEC 2014 changes; Cooling data centers
Upgrading secondary control systems; Keeping enclosures conditioned; Diagnostics increase equipment uptime; Mechatronics simplifies machine design

Annual Salary Survey

After almost a decade of uncertainty, the confidence of plant floor managers is soaring. Even with a number of challenges and while implementing new technologies, there is a renewed sense of optimism among plant managers about their business and their future.

The respondents to the 2014 Plant Engineering Salary Survey come from throughout the U.S. and serve a variety of industries, but they are uniform in their optimism about manufacturing. This year’s survey found 79% consider manufacturing a secure career. That’s up from 75% in 2013 and significantly higher than the 63% figure when Plant Engineering first started asking that question a decade ago.

Read more: 2014 Salary Survey: Confidence rises amid the challenges

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.