Newsroom  •  Site Map  •  Contact NERC

  
Advanced Search
 
About NERC Standards Compliance Assessments Events Analysis Programs  


Project 2009-12
Interpretation − CIP-005-1 Cyber Security Electronic Security Perimeters by PacifiCorp

Status:
The interpretation was approved by the NERC Board of Trustees on February 16, 2010.

Summary:

The request asks to clarify the following:

  • 4.2.2 indicates that the communication links between ESPs and the required supporting equipment are not in the scope of this standard.  However, in R1.3, the endpoints of a communication link between ESPs are required to be treated as "access points".  

  • Regarding 4.2.2:

  • What kind of cyber assets are referenced in 4.2.2 as "associated"? What else could be meant except the devices forming the communication link?

  • Is the communication link physical or logical? Where does it begin and terminate?

  • Regarding R1.3:

  • Please clarify what is meant by an “endpoint”?  Is it physical termination? Logical termination of OSI layer 2, layer 3, or above?

  • If “endpoint” is defined as logical and refers to layer 3 and above, please clarify if the termination points of an encrypted tunnel (layer 3) must be treated as an “access point? If two control centers are owned and managed by the same entity, connected via an encrypted link by properly applied Federal Information Processing Standards, with tunnel termination points that are within the control center ESPs and PSPs and do not terminate on the firewall but on a separate internal device, and the encrypted traffic already passes through a firewall access point at each ESP boundary where port/protocol restrictions are applied, must these encrypted communication tunnel termination points be treated as "access points" in addition to the firewalls through which the encrypted traffic has already passed?

Interpretation Process:
In accordance with the Reliability Standards Development Procedure, the interpretation must be posted for a 30-day pre-ballot review, and then balloted.  There is no public comment period for an interpretation.  Balloting will be conducted following the same method used for balloting standards.  If the interpretation is approved by its ballot pool, then the interpretation will be appended to the standard and will become effective when adopted by the NERC Board of Trustees and approved by the applicable regulatory authorities.  The interpretation will remain appended to the standard until the standard is revised through the normal standards development process.  When the standard is revised, the clarifications provided by the interpretation will be incorporated into the revised standard.

 
Draft Action Dates Results Consideration of Comments
PacifiCorp Request for
 Interpretation of CIP-005-1

Interpretation

Request for Interpretation		 Recirculation Ballot

Info>> | Vote>>		 10/16/09 - 10/26/09
(closed)		 Summary>>

Full Record>>		  
Initial Ballot

Info>> | Vote>>		 08/27/09 - 09/08/09
(closed)		 Summary>>

Full Record>>		 Consideration of Comments
Pre-ballot Review

Info>> | Join>>		 07/27/09 - 08/27/09
(closed)		    
To download a file click on the file using your right mouse button, then save it to your computer in a directory of your choice.

Documents in the PDF format require use of the Adobe Reader® software.  Free Adobe Reader® software allows anyone view and print Adobe Portable Document Format (PDF) files.   For more information download the Adobe Reader User Guide.


All comments should be forwarded to sarcomm@nerc.net.  


Legal and Privacy  :  609.452.8060 voice  :  609.452.9550 fax  :  116-390 Village Boulevard  :  Princeton, NJ 08540-5721
Washington Office: 1120 G Street, N.W. : Suite 990 : Washington, DC 20005-3801





Copyright © 2008 by the North American Electric Reliability Corporation.  :  All rights reserved.
A New Jersey Nonprofit Corporation