On April 13, the Federal Energy Regulatory Commission (FERC) proposed Version 5 Critical Infrastructure Protection Reliability Standards, CIP-002-5 through 011-5.
The entire list, which contains two new sections (the last two), includes:
CIP- 002-5 – BES Cyber Assets and Cyber Systems
CIP- 003-5 – Security Management Controls
CIP- 004-5 – Personnel and Training
CIP- 005-5 – Electronic Security Perimeters
CIP- 006-5 – Physical Security of Critical Cyber Assets
CIP- 007-5 – Systems Security Management
CIP- 008-5 – Incident Reporting and Response Planning
CIP- 009-5 – Recovery Plans for Critical Cyber Assets
CIP- 0010-5 – Configuration Management and Vulnerability Assessment
CIP- 0011-5 – Information Protection
Bulk electricity supply (BES) gets much focus. That includes defining a BES cyber asset as one that would adversely impact one or more facilities, systems or equipment at a BES site—if the asset is unavailable, degraded or misused. Three provisos exist, though:
All this would need to occur within 15 minutes of the cyber asset’s required operation or, should they occur, mis-operation or non-operation.
Anything affected, when needed, would have to already be destroyed, degraded or not available when needed.
Adverse effects would have to interfere with reliable BES operation.
An important change in Version 5 is that unofficial Version 4’s critical and non-critical classifications were recast as high, medium and low impact levels. Large control centers would be the only high-impact operation. Smaller control centers as well as generation and transmission would comprise medium-impact operations. All other operations would be low-impact.
One other substantial change jettisons the “one size fits all” security of Versions 1-4 for Version 5’s security based on the BES reliability impact.
George Reed, with the help of Factory Technologies, was looking to further automate the processes at its quarries and make Ignition an organization-wide standard.
Goodnight Midstream chose Ignition because it could fulfill several requirements: data mining and business intelligence work on the system backend; powerful Linux-based edge deployments...
In the automation world, the Purdue Model (also known as the Purdue reference model, Purdue network model, ISA 95, or the Automation Pyramid) is a well-known architectural framework...
Digital Transformation has become one of the most popular buzzwords in the automation industry, often used to describe any digital improvements to industrial technology. But what...