FERC Issues NOPR to Approve Reliability Standards CIP-013-1, CIP-005-6, and CIP-010-3

On January 18, 2018, in Docket No. RM17-13-000, FERC issued a notice of proposed rulemaking (NOPR) proposing to approve Reliability Standards CIP-013-1, CIP-005-6, and CIP-010-3. NERC submitted the proposed standards to address Order No. 829. In that order the Commission directed NERC to develop new or modified Reliability Standards addressing supply chain cybersecurity risk management for industrial control system hardware, software and computing and networking services associated with Bulk Electric System (BES) operations. In addition to approving the proposed standards, FERC also proposes to direct NERC to (i) modify the CIP Reliability Standards to include Electronic Access Control and Monitoring Systems (EACMS) associated with medium and high impact Bulk Electric Cyber Systems within the scope of the supply chain risk management Reliability Standards and (ii) evaluate the risks presented by Physical Access Control Systems (PACS) and Protected Cyber Assets (PCAs) as part of the study already proposed by the NERC Board of Trustees to evaluate the scope and effectiveness of the proposed standards. Comments are due 60 days after publication in the Federal Register.

To view the NOPR, click here.