Thursday, June 19, 2014

Tobias Scores!

I missed the NERC CIPC meeting in Orlando last week, but I’ve heard from a couple parties about the hearty ovation Tobias Whitney of NERC received when he announced NERC’s “ruling” (or something like a ruling) on the “transfer-trip” relay question, which I have been referring to as the “far-end” relay question.  Essentially, this is the question whether a relay on a line connected to a Medium impact substation itself becomes a Medium BES Cyber System due to that fact.

What did Tobias say about this?....Envelope please…..It is NOT a Medium BCS[i]!  I’m told that great joy broke out in the room, stock values of TO/TOP’s immediately doubled, and Tobias was crowned with laurels and given the key to the city.

I certainly supported this decision (which was anticipated), but my concern was not so much whether he would say this but what he would point to as the reason for the decision.  This is because, while the relay question (really, an interpretation of Criterion 2.5 in Attachment 1 of CIP-002-5.1) is a weighty one for Transmission entities, it is actually fairly small and well-defined compared to the much more weighty issues with CIP-002-5 R1 that I have been complaining about for over a year, and recently tried to summarize in this brief 7,000-word post.    

I have said for a while that there are no longer any “legitimate” means for addressing these interpretation problems (at least not before the compliance date for v5), so somebody needs to bend the rules and basically give an interpretation, no matter that there is no solid legal basis for doing so.  I suggested a number of parties that could do this, although I didn’t mention my favorite – Judge Judy.  However, if she can’t do it I’m quite glad to have NERC do so.

But what NERC can’t do is pretend that any interpretations they give on CIP-002-5 R1 (and Attachment 1) are based strictly on the wording – because, as I’ve said many times, there can be no consistent interpretation of that requirement.  Something has to give in the wording, if you’re going to resolve the many problems with the requirement.

I first considered the transfer-trip relay question as one more example of these insoluble wording problems.  But in the middle of the night last week, an Interested Party came to me in a dream and pointed out that there was in fact a consistent interpretation of Criterion 2.5 that would remove the idea of the far-end relay automatically becoming a BES Cyber System.  Did this fill me with great joy?  Far from it!  I was now filled with dread that NERC would announce their decision on the relay question was based on this interpretation, and it would set a completely wrong precedent - by implicitly stating that any more interpretations would have to be based on the strict wording of R1.  And that is a fool’s errand if there ever was one. 

As I had said in the previous post, “I will feel a lot better about this upcoming ruling from NERC if it doesn’t try to justify itself as being a valid interpretation of the wording, but instead is simply imposed as an act of Divine fiat.”  And I’m very happy to say that Tobias did exactly that: he didn’t even try to justify his ruling based on the wording.  Rather, he said something to the effect of, “Physical location IS a determinant factor for impact classification.” 

Now, this may seem to you to be some sort of strict interpretation of the wording, but I defy you to tell me where it says this in R1 or Attachment 1.  On the contrary, it seems very clear to me that Attachment 1 tells us that any BES Cyber System that is associated with an asset/Facility in one of the Section 2 criteria is a Medium; it doesn’t matter whether it’s located at the asset in question or not (the Interested Party’s argument overrode this interpretation, but it only applies narrowly to criterion 2.5).

Essentially, by stating that physical location is the determining factor in this case, Tobias is saying that all Medium BCS must be located at the Medium impact asset with which they’re associated, period - no matter what the wording may seem to say.[ii]  This is exactly the kind of attitude NERC needs to take as they address the much deeper issues in CIP-002-5 R1.[iii]  Keep up the good work!

Note: There was a new development on this issue in August, as described in this post.

The views and opinions expressed here are my own and don’t necessarily represent the views or opinions of Honeywell.

[i] Unless it’s also routably connected to the Medium substation.

[ii] Of course, High BCS already have to be located at the High asset (control center), since the wording for them is “used by and located at” not “associated with”.

[iii] NERC released drafts of the v5 RSAWs this week.  I will discuss the CIP-002-5 RSAW in a post in the near future.  I will say that it seems pretty decent to me, and it even provides some interpretation that I agree with.  But it certainly doesn’t address all of the CIP-002-5 problems with one fell swoop.  But I never expected it to, either.


  1. The Interested Party has just emailed me this comment:

    Actually, NERC saying physical location is “the” determining factor is an interpretation that is not necessarily supported by the language of the standard. At least I support my view/interpretation/uncontestable truth with the actual language of the Criterion rather than simplifying the issue with a broad, sweeping statement that has no offered basis of support.

    I would offer to you that there is one and only one way to officially put this issue to bed, and that is a formal interpretation. A registered entity has already submitted a Request for Interpretation. I have not seen it and I do not pretend to know what question it asks other than it purportedly addresses the “far-end” (aka transfer-trip) relaying question associated with Criterion 2.5. NERC’s Rules of Procedure specifically Section 7.0 of Appendix 3A, explicitly defines the process for seeking and producing an interpretation request. NERC needs to follow that process to its proper conclusion. And, if the interpretation team needs any starting point, my previous discussion could serve as that straw man.

    I would also offer that the real issue is not the fine nuances of Criterion 2.5 (or the other Criteria). Rather, the real question that needs to be addressed through the formal interpretation process is what is meant by “associated“ as used in CIP-002-5, Attachment 1 (Impact Rating Criteria). Answer that question and the rest of the Criteria will fall into place.

  2. And now my comment on the IP's comment:

    He didn't understand that I also think Tobias' statement has no basis in the wording of the standard. But unlike the IP, I think this is great, as I explain in the post. I was worried Tobias WOULD base his ruling on the actual wording.

    An RFI is obviously the only sanctioned way to fix this problem. But an RFI will take two years, and might get turned down by FERC anyway. People need to know the answer to this question now.