United States: Comment Period Open For Proposed New CIP Reliability Standard Regulating The Transmission Of Data Between Control Centers

At a Glance…

In a Notice of Proposed Rulemaking (NOPR) issued on April 18, 2019,  the Federal Energy Regulatory Commission (FERC or Commission) requested comments on proposed Critical Infrastructure Protection (CIP) Reliability Standard CIP-012-1 (CIP-012-1), a new cybersecurity rule requiring responsible entities to harden communication links and secure certain types of data transmitted between the Control Centers that operate the bulk electric system. Responsible entities include balancing authorities, generator operators, reliability coordinators, transmission operators and transmission owners that own or operate a Control Center. Conceived in response to the Commission’s directive in Order No. 822, proposed CIP-012-1 envisions a tiered data security framework with data security measures to be implemented based on an assessment of risk levels (low, medium, and high) associated with various aspects of responsible entities’ Control Centers. 

In the NOPR, the Commission states that it generally supports adoption of CIP-012-1, but that it would like to also see NERC propose modifications to clarify requirements concerning Control Center communication links and the Control Center data that would be subject to the proposed rule.  

The Commission invites stakeholders to submit comments on the Commission’s NOPR regarding CIP-012-1 in FERC Docket No. RM15-14-000 by June 24, 2019.

This article is presented for informational purposes only and is not intended to constitute legal advice.