March 1, 2009

Helping Power Plant Control Systems Achieve NERC CIP Compliance

Jonathan Pollet and Walter Sikora

Additional Monitoring Requirements

As noted earlier, access to the cyber assets within the ESP must be controlled, monitored, and logged 24/7 year-round for both routable protocol such as IP and dial-up communications.

Although plants need to evaluate these requirements individually and determine the appropriate security-monitoring process or processes, third-party 24/7 monitoring services are commercially available to assist with compliance.

Looking Ahead

A great deal of work needs to be done in order to implement a successful program to comply with the NERC CIP cyber security standards. That being said, technical solutions do exist to support realistic compliance with the CIP-005 and CIP-007 standards.

It is important to remember that although each generating plant’s configuration of cyber assets is unique, available hardware and software appliances can be assembled to meet specific needs. Ultimately, they can provide a scalable, defense-in-depth approach to meet the CIP-005 and CIP-007 requirements for monitoring, logging, and access control to an electronic security perimeter and the cyber assets that must be protected under these standards.

— Jonathan Pollet is vice president of North American operations and Walter Sikora is vice president of security services at Industrial Defender. James Batug is the engineering manager at PPL Generation. For more information, go to www.industrialdefender.com.