NERC Submits Interpretation of CIP-006, Requirement 1.1 to FERC for Approval

On April 20, 2010, in Docket No. RD10-13, NERC submitted a proposed interpretation of Requirement R1.1 in Reliability Standard CIP-006-2, Cyber Security – Physical Security of Critical Cyber Assets, to FERC for approval. NERC explains that upon approval by FERC, the standard that includes the interpretation will be referred to as CIP-006-2c or CIP-006-3c, whichever version of the standard is in effect at the time of FERC-approval. The interpretation clarifies that, where a six-wall border cannot be established by the Responsible Entity, the alternative protection measures to control physical access to Critical Cyber Assets can either be physical or logical, so long as such alternative protection measures are the equivalent or better than a “six-wall” border. NERC explains that acceptable alternative non-physical control measures might include, for example, data encryption for protection and circuit monitoring for detection of unauthorized physical access or tampering. To read NERC’s proposed interpretation of CIP-006-2, Requirement R1.1, click here.