All opinions expressed herein are mine, not necessarily those of Honeywell International, Inc.
Many people involved with NERC CIP were very surprised when FERC issued their NOPR on April 18, saying they intend to approve CIP Version 5, and that Version 4 wouldn’t come into effect. I was especially surprised since I had been quite vocal for a year (in fact, for 364 days), saying that NERC entities should prepare for Version 4 compliance on April 1, 2014, and put Version 5 preparation on the back burner until after V4 came into effect.
I am now quite focused on Version 5, as some of you have already seen; since I have been closely following V5 since its conception in 2010, I feel I have a lot of knowledge to contribute to that discussion. However, I’m also not the kind of person to just turn my back on a mistake I may have made. I do want to examine what I did wrong, so I can learn a lesson for the future. And the best way I can learn about something is by writing about it – so here we are!
I don’t want to sound like John Kerry, but I was a strong proponent of the idea that Version 5 would be the next CIP version, up until I abruptly changed my opinion on April 19, 2012. When FERC issued their NOPR for Version 4 in September 2011, I put out an open letter (I wasn’t blogging then) saying that I didn’t think FERC would ever approve V4, and that they were using V4 as a kind of weapon in reserve in case NERC balked at approving Version 5 (saying in effect, “You’d better get behind Version 5, since otherwise you’ll have V4 to comply with, then V5 a couple years later”). And when FERC actually approved V4, my initial post simply affirmed that V4 wouldn’t come into effect and that V5 was still the next CIP version that NERC entities would have to plan for.
However, the next day I got an email from an astute CIP observer who said I should really rethink this position. Order 761 (which was released at the end of the day of FERC’s meeting approving V4, just like the NOPR for V5 was released at the end of the day on April 18) made it pretty clear that FERC wasn’t happy with Version 5 as it stood at the time. This meant that, even when NERC finally approved V5, FERC would come back and require changes – which would very likely push the approval date for V5 beyond the compliance date for V4 (4/1/2014), so V4 would come into effect.
From April 20, 2012 through April 18, 2013, I firmly believed that Version 4 would be the next CIP version, and I made that point loudly on a number of occasions. If I made it too loudly and offended anybody that way, I certainly apologize. Ironically, the industry was clearly coming around to that idea (and I don’t pretend I was anywhere near the prime mover in that) in the last few months (witness the V4 transition document that came out from NERC a week before the NOPR, as well as the 570 signups we had for the Honeywell/EnergySec webinar on Version 4 in March) – so there was general surprise when FERC issued their NOPR.
I was obviously wrong, then. Why did this happen? I have thought about it a lot, and I see two main reasons:
- I didn’t read FERC correctly. I had the perception that they were getting quite exasperated with NERC, especially for the length of time it was taking to approve V5 and for the fact that V5 clearly didn’t include everything they wanted included (as stated in Order 761 especially, but also Order 706). I also believed that they would actually prefer that Version 4 go into effect before V5, since it had greater asset coverage (mainly in blackstart plants and substations). However, the tone of their comments released at their meeting where they issued the V5 NOPR made it clear they were very concerned about the effect on the industry of having to comply with Version 4 and later with Version 5. They also made it clear they weren’t going to let this happen.
- I made a technical mistake. The big reason why I had switched positions on V4 after reading Order 761 was that it had laid out several mandates (not formally directives) for V5, which it was clear would never be approved by the NERC membership on their own. Those mandates were never included in Version 5 as it was submitted to FERC this January, and in the NOPR FERC made it pretty clear they weren’t going to approve V5 without them. So at some point after the V5 comment period (which will start once the NOPR is published in the Federal Register and go on for 60 days), FERC will require NERC to make these changes. NERC will then have to reconvene the SDT (I believe), they will make the changes, the membership will have to vote at least once, the Board will have to approve the changes, FERC will have to mull them over to decide whether they’re what they wanted, then finally they’ll approve the new version. It is still very unlikely this will all occur before April 1, 2014.
However, there are two mechanisms by which FERC can make this happen. One is to remand (i.e. reject) CIP Version 5. This is a total rejection – it can’t be partial. NERC would then presumably have to draw up a SAR, constitute a new SDT, spend a year or so drawing up an entirely new CIP Version 6, go through a few ballots before it’s approved, etc. – a 2-4 year process. It is very unlikely that FERC (or NERC for that matter) has the stomach to go through all of this, especially since FERC couldn’t be at all sure that the sausage that came out at the end would be any more to their liking than V5 is now.
The other mechanism is for FERC to approve Version 5, but at the same time order NERC to submit a “compliance filing” – a new version based on V5 that would correct what they want corrected. This is exactly the approach they took when they approved CIP Version 2. They mandated a compliance filing to include escorted access procedures in CIP-006, and gave NERC 90 days to file it. NERC did that, and it became Version 3.[i][i]
Hopefully, FERC will give NERC more than 90 days this time, since the changes they’re likely to require are very fundamental and far-reaching. But it really doesn’t matter as far as Version 4 is concerned. The Version 5 implementation plan says that V4 won’t come into effect if V5 is approved before 4/1/2014. In this mechanism, FERC will approve V5 before that date (and the commissioners said that explicitly in their meeting on April 18), but Version 5 will never come into effect – the changed version, called Version 6, will be what becomes enforceable. That will very likely not be delivered to FERC (let alone approved by them) before 4/1/2014.
To sum up this second mistake, I didn't understand that FERC could approve V5, yet at the same time require changes in a new version - so that V5 would be approved (and "stop the clock" on V4) but the changed version (which would come into effect) would be V6.
These were my two main mistakes. I promise not to make either of these again. Instead, I’ll find some brand new mistakes to make! This gives me something to look forward to.
[i] This is also what FERC did with CIP Version 1. They approved it in Order 706 in January 2008, but then required a whole raft of changes in a new version. The SDT that was put together in the fall of 2008 to address Order 706 was the same SDT whose work concluded at the end of 2012, when V5 was approved by the NERC membership. They ran into a few detours on the way, which is how they ended up drafting Versions 2, 3 and 4 before V5. In Order 706, FERC didn’t set a date by which the new version should be delivered; you can bet they won’t omit a due date when they order the changes in V5!