Title: AESO Reliability Committee ARC
1AESO Reliability Committee (ARC)
2Agenda
- Action items last meeting
- Status of Reliability Standards in BC
- Update of NERCs BES definition / WECC
interpretation - AESO position on NERC ALERTS
- Standards Recommendations
- Compliance Workgroup report
- Discussion, Future Meeting Dates
3Activities in British Columbia re Reliability
Standards
- BCs 2007 Energy Plan expressed Provinces
commitment to implementing industry wide RS - BCTC has consulted with stakeholders regarding
such implementation - Utilities Commission Act amended in 2008
- BCTC to review NERC/WECC mandatory RS and provide
the BCUC with a report assessing the suitability
of those standards for adoption in BC, any
potential adverse impacts to reliability arising
from such adoption, and cost of implementing
those RS in BC - BCTC preparing an Assessment Report covering 103
NERC/WECC RS as adopted by FERC as of December
31/08 - BCUC must publish the report for comment
- Unless BCUC makes a determination that a RS is
not in the public interest, BCUC must adopt the
RS addressed in the Assessment Report if the
Commission considers the RSs are required to
maintain or achieve consistency in BC with other
jurisdictions that have adopted RS - BCUC would hold a hearing in order to reject a
RS, but not for approval - BCUC is discussing with WECC the potential to
engage WECC to assist the BCUC in carrying out
various compliance activities. No such agreement
has yet been reached.
4Update to WECC interpretation of NERC BES
Definition
- NERC BES Definition - As defined by the Regional
Reliability Organization, the electrical
generation resources, transmission lines,
interconnections with neighboring systems, and
associated equipment, generally operated at
voltages of 100 kV or higher. Radial transmission
facilities serving only load with one
transmission source are generally not included in
this definition. - May 9, 2007 - WECC response to NERC request for
a WECC Regional definition includes 9 criteria to
clarify the word generally and awaits further
direction. - The 9 WECC criteria is intended to clarify
facilities which are - (i) above 100 kV but and should not be considered
part of the bulk electric system, - (ii) below 100 kV and should be considered part
of the bulk electric system, and - (iii) radial transmission facilities serving only
load that should be considered part of the bulk
electric system. - August 2008- WECC BOD directed the RPIC to
re-examine WECC clarification
5Update to WECC interpretation of NERC BES
Definition
- Jan 29, 2009 WECC update to NERC advises WECC
BOD has not approved the WECC clarification, WECC
compliance is not using WECC clarification, WECC
does not use the clarification in execution of
its duties. - March 2009 NERC files the WECC information with
FERC and WECC initiates a BESDTF to develop
language to clarify the NERC definition of BES
using WECC the Process for Developing and
Approving WECC Standards to the extent possible
to ensure that the final work product undergoes
sufficient due process. - AESO intends to participate on the BESDTF and
will inform ARC members - Potential impact in Alberta
- Protection and Control standards RAS,
requirements to analyze misoperations, AGC
systems - Emergency Operating Procedures application on
138kV / 144kV non-radial systems - Personnel operator training requirements for
TFOs - Transmission Planning Standards potential to
increase performance requirements
6AESO Reliability Committee (ARC)
- Security Workgroup (SWG) Update
- Garry Spicer Director, Security
- 2009 03 27
7Agenda
- Security Work Group (SWG)
- SWG Status
- Security Work Group Terms of Reference Updates
- Technical Feasibility Exceptions
- NERC Alerts
- Questions
8SWG Status
- Past
- Have met once every month since Sept. 2008,
except for - Dec. 2008 (did not meet) and
- Nov. 2008 (met twice).
- Have completed a draft of AB-CIP-001-1 (Sabotage
Reporting) - Have a definition for sabotage
- NERC doesnt have this yet has caused much
confusion in U.S. - Have included concepts from NERCs rework of
CIP-002 to 009 - E.g., must implement procedures, not just write
them - Have included links to Alberta specific items
- Provincial ASSIST
- AESO OPP 808
- Has been reviewed by AESO Compliance
9SWG Status
- Present
- Draft of AB-CIP-001-1 has been sent to AESO Legal
for review - Have initiated review of NERC-CIP-002-1, Critical
Cyber Asset Identification - Working through approach to identifying critical
assets - Planned
- Aiming for AB-CIP-001-1 to be submitted for
October 2009 AUC rules cycle (pending ARC
approval) - Aiming for AB-CIP-002-1 to be submitted for
October 2009 AUC rules cycle (pending ARC
approval)
10SWG Terms of ReferenceUpdates
- Version 1.0.a
- Security Work Group Key Parameters
- The SWG will be assembled to review reliability
standards pertaining to the security requirements
of the Alberta Interconnected Electric System
facilities and cyber assets and will be comprised
of representation as required from AESO, TFOs,
GFOs, Wire Owners, PPA Owners, and Buyers. - Needed to include Wire Owners, as some standards
may apply to them - Terms of Engagement
- A member or a representative of any work group
will not be precluded from participating in the
AESOs Rules process or ultimately participating
in any related AUC proceeding. - Item 7 Error correction. AEUB had to be
updated to AUC.
11SWG Terms of ReferenceUpdates (contd)
- Appendix A ARC Work Groups Security Work
Group - Included Jack Kelly as additional SWG alternate
chair - Appendix A ARC Work Groups Compliance
Monitoring Work Group - Updated detail regarding Compliance Monitoring
Work Group
12Technical Feasibility Exceptions
- A release valve for standards
- Not valid in all cases only where explicitly
permitted - Requests reviewed against criteria
- Not technically possible
- Cannot be achieved in time to be compliant
- Safety risks or issues that outweigh the
reliability benefits - Conflict with statutory or regulatory
requirements - Costs that far exceed the benefits
- Does not relieve obligation to comply!
- Authorizes departure from strict compliance
- Requires an alternate approach
- Limited duration
- Plan to implement as a separate Alberta
Reliability Standard
13NERC Alerts
- Background
- Aurora Vulnerability
- Staged experimental cyber attack against an
electric generator - March 2007 at U.S. DoE Idaho Lab
- Some conclusions controversial
- Nonetheless demonstrated that cyber security
issues are real - Concern expressed by U.S. government
- Industry awareness and response not well
coordinated - Response by NERC Board of Trustees
- Approve five year strategic plan (November 2007)
- One of the ten goals for 2008 Critical
Infrastructure Protection - Improve the overall resiliency of the bulk power
system to threats and vulnerabilities
14NERC Alerts
- Actions taken by NERC as part of CIP Programme
- Hire a Chief Security Officer (Michael Assante)
- Ensure Rules of Procedure support CI Protection
- Coordinate with governmental agencies
- Assess preparedness of users, owners, and
operators - Partnership for Critical Infrastructure Security
- Improve tools and other support services
- Implement NERC Alerts Programme
15NERC Alerts
- Ensure Rules of Procedure support CI Protection
- Section 810 Information Exchange and Issuance
of NERC Advisories, Recommendations, and
Essential Actions - Members of NERC and BPS owners, operators and
users provide NERC with operating experience
information and data - NERC disseminates results of analysis, lessons
learned, etc. - NERC notifies industry through notice, analyses
and recommendations - NERC will notify FERC and governmental
authorities - Tools used to support Rule 810
- Emailed notices that alert users, owners, and
operators of the bulk power system to potential
reliability threats - Eventually will move to email notification only
details will be retrieved from a secured website
16NERC Alerts
- Implement NERC Alerts Programme
- Must register with NERC to receive alerts
- Must provide appropriate contact information
- May register as one of
- Primary Send
- Must have daily coverage of the email address
- Must respond to alerts (sometimes within 24
hours) - Informational Send
- Must have a Primary Send registered to get on
this list - Courtesy Copy
- Does not carry additional implications (e.g.
coverage, response, etc.)
17NERC Alerts
- Purpose
- Event Analysis
- Single Events findings
- Multiple Events trends
- Generic Findings equipment business practice
problems - Technical Findings Potential for repeat
problems discovered through technical analysis - Support Critical Infrastructure Protection
- Examples
- US CERT Vulnerability Disclosure (e.g. Boreas and
ABB alerts) - Public Vulnerability Disclosure (e.g.
RealWinSCADA advisory) - The release of exploitation code or tools (e.g.
GE Fanuc advisory) - Release of malicious code
18NERC Alerts
- There are three types / levels of NERC Alerts
- Level 1 Advisory
- Informational
- No Response required
- Provide findings and lessons learned
- Level 2 Recommendations to Industry
- Specific to actions NERC is recommending to be
taken - Requires response with acknowledgement and
response time - Level 3 Essential Actions
- Specific actions that must be taken by specific
registered entities - Requires response on actions taken and progress
to resolve issues
19NERC Alerts
- There are four confidentiality levels for alerts
- 1 Green
- Public
- No restrictions on distribution
- 2 Yellow
- Private
- Internal use and necessary consultants, third
party providers - 3 Red
- Sensitive
- No external distribution
- 4 Black
- Confidential
- Limited internal distribution
20NERC Alerts
- AESO Position
- Registration for NERC Alerts is not mandatory for
Alberta entities - Entities includes owners, operators, and users
- Registration for NERC Alerts is suggested for
Alberta entities - Register under the courtesy copy option
- Avoid potential violations, conflicts, and
confusion associated with reporting requirements
under other options - AESO has registered under the Courtesy Copy
option - Caution is warranted regarding reporting
requirements - Reporting security matters to authorities outside
of Alberta / Canada - May conflict with legislation and other
agreements - AESO is seeking guidance from Alberta DoE PSCan
CEA and ASSIST
21Questions, Feedback, Re-direction?
- Additional questions or concerns, please contact
- Garry Spicer, Director Security, AESO
- Garry.Spicer_at_aeso.ca
- (403-539-2633)
22Standards Recommendations
- 36 in total for this ISO Rules cycle (July)
- 3 are applicable to Market Participants
- INT-001-3 Pool Participants who arrange
interchange transactions on interties - FAC-501-WECC-1 - TFOs who maintain WECC Major
Paths - PRC-021-1 TFOs, WOs, transmission end use
connected customers and owners of industrial
systems that own UVLS - 13 are applicable to the AESO
- 24 are recommended to be rejected for application
in Alberta - not applicable to an Alberta entity, or
- INT-004-2 applies to Pool Participants however,
dynamic scheduling is not available in Alberta at
this time.
23AESO Reliability Committee (ARC)
- Compliance Work Group (CWG) Update
- Pavel Bardos Manager, Compliance
- March 27, 2009
24CWG Update
- CWG has completed the work assigned to the group
- held 10 meetings in 2008 and delivered a program
identified problem areas and resolved or
referred issues - Workgroup has not met in 2009, but will reconvene
as issues are brought forward plan is for
quarterly meetings - CWG worked to complete
- Compliance Monitoring Program (CMP) document
- Posted publicly AESO website in Feb 6, 2009
- Provided to ARC for information here
- Finalized Registration Guideline
- AESO will hold a future workshop to introduce
this process to industry, before registration
begins - Target - posting of document on AESO web page and
workshop late Q2
25CMP Document Highlights
- The CMP document describes the tools and
processes which will be utilized in monitoring of
market participants compliance with reliability
standards - Compliance Monitoring Audit
- Table Top Audit (with on site visit option)
- Spot Check Audits
- Self-Certification
- Self-Reporting
- Exception Reporting
- Periodic Reporting
26Registration Guideline Highlights
- The Registration guideline is not a ISO rule
- In order for the AESO to carry out its compliance
monitoring function it is important identify
market participants with material impact on
reliability of the AIES. - Additionally it is important for market
participants to understand which reliability
standards are applicable them. - The relationship between reliability standards
and market participants is derived through
registration of market participants for
functional entities as defined in Alberta
Functional Model. Currently there is no existing
process that captures this relationship. The
following pictogram shows graphically how
registration will accommodate identification of
this relationship.
27Registration Guideline Highlights
- The AESO will maintain functional definitions in
Alberta Functional Model - The AESO will assign Applicability of a
Reliability Standard to appropriate Functional
Entities - Registration of a Market Participant to a
Functional Entity - a) Initial (roll-out) registration stage The
AESO will create on best-effort basis a list of
market participants with their affiliation to the
functional entities and communicate this list to
the participants. In return will ask participants
to confirm or dispute assigned affiliation and
provide compliance contacts. - b) Post-Initial registration stage
- Reliability Standards Exemption Registration
Process - Based on assigned applicability the AESO will
describe eligibility conditions for granting an
exemption. - Dispute Resolution Process will be used to decide
any disputes related to registration or exemption - The AESO will maintain the Reliability Standards
Registry on its web page.
28Next Steps
- We will schedule CWG quarterly meetings to
discuss key issues related to compliance and the
implementation of the programs. In the coming
months will be focused on establishing and
operationalizing compliance monitoring processes - Registration of Market Participants
- Stakeholder communications rollout at end of 2Q.
- Should start the registration process by June
2009. - All entities registered by end of 3Q09.