I missed the NERC CIPC meeting in Orlando
last week, but I’ve heard from a couple parties about the hearty ovation Tobias
Whitney of NERC received when he announced NERC’s “ruling” (or something like a
ruling) on the “transfer-trip” relay question, which I have been referring
to as the “far-end” relay question.
Essentially, this is the question whether a relay on a line connected to
a Medium impact substation itself becomes a Medium BES Cyber System due to that
fact.
What did Tobias say about this?....Envelope
please…..It is NOT a Medium BCS[i]! I’m told that great joy broke out in the
room, stock values of TO/TOP’s immediately doubled, and Tobias was crowned with
laurels and given the key to the city.
I certainly supported this decision (which
was anticipated), but my concern was not so much whether he would say this but
what he would point to as the reason for the decision. This is because, while the relay question (really,
an interpretation of Criterion 2.5 in Attachment 1 of CIP-002-5.1) is a weighty
one for Transmission entities, it is actually fairly small and well-defined
compared to the much more weighty issues with CIP-002-5 R1 that I have been
complaining about for over a year, and recently tried to summarize in this
brief 7,000-word post.
I have said for a while
that there are no longer any “legitimate” means for addressing these
interpretation problems (at least not before the compliance date for v5), so somebody needs to bend the rules
and basically give an interpretation, no matter that there is no solid legal basis
for doing so. I suggested a number of
parties that could do this, although I didn’t mention my favorite – Judge Judy. However, if she can’t do it I’m quite glad to
have NERC do so.
But what NERC can’t do is pretend that any interpretations
they give on CIP-002-5 R1 (and Attachment 1) are based strictly on the wording –
because, as I’ve said many times, there can be no consistent interpretation of that requirement. Something has to give in the wording, if you’re
going to resolve the many problems with the requirement.
I first considered the transfer-trip relay
question as one more example of these insoluble wording problems. But in the middle of the night last week, an Interested
Party came to me in a dream and pointed out that there was in fact a
consistent interpretation of Criterion 2.5 that would remove the idea of the
far-end relay automatically becoming a BES Cyber System. Did this fill me with great joy? Far from it!
I was now filled with dread that NERC would announce their decision on
the relay question was based on this interpretation, and it would set a
completely wrong precedent - by implicitly stating that any more
interpretations would have to be based on the strict wording of R1. And that is a fool’s errand if there ever was
one.
As I had said in the previous post,
“I will feel a lot better about this upcoming ruling from NERC if it doesn’t
try to justify itself as being a valid interpretation of the wording, but
instead is simply imposed as an act of Divine fiat.” And I’m very happy to say that Tobias did
exactly that: he didn’t even try to justify his ruling based on the wording. Rather, he said something to the effect of, “Physical
location IS a determinant factor for impact classification.”
Now, this may seem to you to be some sort of
strict interpretation of the wording, but I defy you to tell me where it says
this in R1 or Attachment 1. On the
contrary, it seems very clear to me that Attachment 1 tells us that any BES
Cyber System that is associated with
an asset/Facility in one of the Section 2 criteria is a Medium; it doesn’t
matter whether it’s located at the asset in question or not (the Interested
Party’s argument overrode this interpretation, but it only applies narrowly to
criterion 2.5).
Essentially, by stating that physical
location is the determining factor in this case, Tobias is saying that all Medium BCS must be located at the Medium
impact asset with which they’re associated, period - no matter what the wording
may seem to say.[ii] This is exactly the kind of attitude NERC
needs to take as they address the much deeper issues in CIP-002-5 R1.[iii] Keep up the good work!
Note: There was a new development on this issue in August, as described in this post.
The views and opinions expressed here are my own and don’t necessarily represent the views or opinions of Honeywell.
The views and opinions expressed here are my own and don’t necessarily represent the views or opinions of Honeywell.
[i]
Unless it’s also routably connected to the Medium substation.
[ii]
Of course, High BCS already have to be located at the High asset (control center),
since the wording for them is “used by and located at” not “associated with”.
[iii]
NERC released drafts of the v5 RSAWs this week.
I will discuss the CIP-002-5 RSAW in a post in the near future. I will say that it seems pretty decent to me,
and it even provides some interpretation that I agree with. But it certainly doesn’t address all of the
CIP-002-5 problems with one fell swoop. But
I never expected it to, either.
The Interested Party has just emailed me this comment:
ReplyDeleteActually, NERC saying physical location is “the” determining factor is an interpretation that is not necessarily supported by the language of the standard. At least I support my view/interpretation/uncontestable truth with the actual language of the Criterion rather than simplifying the issue with a broad, sweeping statement that has no offered basis of support.
I would offer to you that there is one and only one way to officially put this issue to bed, and that is a formal interpretation. A registered entity has already submitted a Request for Interpretation. I have not seen it and I do not pretend to know what question it asks other than it purportedly addresses the “far-end” (aka transfer-trip) relaying question associated with Criterion 2.5. NERC’s Rules of Procedure specifically Section 7.0 of Appendix 3A, explicitly defines the process for seeking and producing an interpretation request. NERC needs to follow that process to its proper conclusion. And, if the interpretation team needs any starting point, my previous discussion could serve as that straw man.
I would also offer that the real issue is not the fine nuances of Criterion 2.5 (or the other Criteria). Rather, the real question that needs to be addressed through the formal interpretation process is what is meant by “associated“ as used in CIP-002-5, Attachment 1 (Impact Rating Criteria). Answer that question and the rest of the Criteria will fall into place.
And now my comment on the IP's comment:
ReplyDeleteHe didn't understand that I also think Tobias' statement has no basis in the wording of the standard. But unlike the IP, I think this is great, as I explain in the post. I was worried Tobias WOULD base his ruling on the actual wording.
An RFI is obviously the only sanctioned way to fix this problem. But an RFI will take two years, and might get turned down by FERC anyway. People need to know the answer to this question now.