CIP-003-7 Supplemental Material
Reference Model 7 – Electronic Access Controls at assets containing low impact BES Cyber Systems and ERC In this reference model, there is both a routable protocol entering and leaving the asset containing the low impact BES Cyber System(s) that is used by Cyber Asset(s) outside the asset and External Routable Connectivity because there is at least one medium impact BES Cyber System and one low impact BES Cyber System within the asset using the routable protocol communications. The Responsible Entity may choose to leverage an interface on the medium impact Electronic Access Control or Monitoring Systems (EACMS) to provide electronic access controls for purposes of CIP-003. The EACMS is therefore performing multiple functions – as a medium impact EACMS and as implementing electronic access controls for an asset containing low impact BES Cyber Systems.
Routable communications entering or leaving the asset containing low impact BES Cyber System(s)
Routable Protocol
ERC
ESP
Network
EAP
Interface
Firewall, Router Access Control List, Gateway or Other Security Device (Cyber Asset(s) performing electronic access control)
Medium impact BES Cyber System with ERC
Network
Low impact BES Cyber System
Non-BES Cyber System
Asset containing low impact BES Cyber System(s) and medium impact BES Cyber System(s)
Communication between a low impact BES Cyber System and a Cyber Asset outside the asset
Routable Protocol
Non-routable Protocol
Reference Model 7
Page 42 of 57
Made with FlippingBook - Online magazine maker