Published via Energy Central
Connect with the Author
The energy industry is a critical infrastructure that is core to our business operations, safety, comfort and general well-being. This has become most evident with recent disasters such as Super Storm Sandy as well as the current Covid-19 pandemic.
Unquestionably there is the need to ensure the supply of energy in a safe and highly reliable manner particularly when faced with both physical constraints such as downed wires and damaged infrastructure as well as personnel requirements under confinement and the order to work at home. These situations demonstrate not only our dependence on operational systems that are flexible, adaptable and resilient, but also the cyber assurance that is necessary from both from a user perspective and an asset sensor and control perspective.
The exponential use of asset technology at the grid edge and the widespread use of communications networks to transport data that is used for situational awareness and near-real-time operational control of these innovations bring both opportunities for greater detailed information, but also potentially exposes the enterprise to greater threat surfaces. Extending remote user access to this information also increases the need for a greater level of sophistication to assure compliance and operational integrity.
Great effort has been undertaken by NERC, NIST and others to secure this large-scale industrial control system. While many of the stipulated requirements under NERC CIP are primarily focused on bulk systems, the concepts, philosophies and practices are applicable to distribution systems and other assets. With the new sources of supply such as Distributed Energy Resources, the extension of many of the rules applied to bulk systems must now be adapted to a greater variety and diversity of assets.