201907 SERC Transmission Newsletter

SERC Transmission Newsletter Generated Monthly for Stakeholders

July 2019

Volume 6: Issue 7

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS TECHNICAL COMMITTEES

FOR YOUR CALENDAR INSIDE SERC

By Jason Blake, President and CEO The time has finally arrived where we can officially extend a warm welcome to all registered entities across the entire state of Florida! We are equally happy to report that so many of these Florida companies have already signed up as SERC Members or are in the process of doing so. We are excited about the wealth of knowledge they will bring to our Technical Committees, and we look forward to working with them on our mission to reduce risk to the Bulk Power System. Broadening our knowledge base provides more opportunities to exchange best practices and lessons learned. We look forward to seeing and greeting so many respected and talented individuals at our upcoming Summer Regional Meetings, fall seminars, and the Fall Technical Committee Meetings where we will all have an opportunity to get to know each other.

In addition to the new Florida companies we will be working with, we are excited to welcome the group of talented FRCC staff who have joined the SERC team. July 1, 2019 marks the beginning of their careers at SERC, and we could not be happier about the myriad skills they bring to the team. Former FRCC staff have been integrated across SERC at all levels, which further speaks to the tremendous and positive impact they will immediately have on our organization and the value they will be able to bring to all SERC stakeholders. Much has been accomplished this year, yet the work is not quite complete. There are a number of integration-related tasks that will continue well into the second half of the year. We have ensured key processes have been integrated, and key data has been transferred between the Regions. However, like any significant integration, the work does not stop on the official “transition” date. To make sure that we continue our hard work to successfully integrate the Florida companies, former FRCC staff, and understand and integrate best practices, John Odom, who you will be introduced to in this news- letter, will provide strong leadership to ensure sustained and permanent success. If you have an interest, you may track continued progress on our integration efforts on the FRCC Integration webpage. MORE

MEET SERC L EADERSH I P Get better acquainted with the SERC Executive Team in this monthly five-part series

John Odom

John Odom is the newest member of the SERC Executive Team. He came to SERC from FRCC on July 1, 2019 as the Principal Consultant. As Vice President of Compliance, Enforcement and Reliability Performance, John led the way for FRCC staff to work alongside the SERC team toward a simple, smooth, and seamless transition. We were happy to hear that he was excited to accept an opportunity to help ensure the Region’s future success. As a leader on the SERC team, John feels strongly that, “Integration activities will continue as Florida registered entities become familiar with their new Region, and it is my responsibility to assist and ensure that the remainder of those activities are completed in a timely manner that allows us to fulfill our mission to reduce risks to the electric power grid.” He went on to state, “I am excited about working closely with SERC staff and getting better acquainted with the registered entities throughout the Region. My new position will also provide an opportunity to work with NERC management and staff, as we strive for an ever-improving ERO Enterprise.” When asked for a message to his new Region’s stakeholders, John commented, “We, registered entities along with SERC staff, represent an incredible collection of subject matter experts for all aspects of running a bulk power system. It is very exciting for me to have the opportunity to work with you as we determine our future trajectory and take the beginning steps to build that new future. I am confident that, working together, SERC will continue to be a respected leader in the Electric Reliability Organization.” SERC is delighted John has joined the company. With his recent experience working closely with entities, first as a registered entity and later as a Regional Entity, he will add value for stakeholders and further our mission to reduce risks to the electric grid. We are enthusiastic about his leadership helping us forge a better and stronger organization with our new teammates.

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 2

John h a s l i v e d i n Florida his entire life, but he enjoys travel with a bit of

adventure. In 1987, John and his wife Terry spent nine days camping and rafting down the Colorado River! In 2016, they peered into an active volcano, zip-lined and rode horses on t he b e a ch i n Ni c a r a gu a . In 2017 , t he coupl e went “g l ampi ng” out s i de of Ottawa in Canada.

John began his career at Florida Power Corporation, formerly Progress Energy Corporation and now Duke Energy Florida, as a distribution engineer in 1979. Before leaving in 2005, he worked in a variety of capacities, including RTO development, transmission planning, distri- bution planning, and transmission engineering.

John has been actively engaged in NERC Planning and Operations activities since 2003. In addition, as the chair of the TPL-004-1 Standards Drafting Team, he became very familiar with the NERC Standards Develop- ment Process. John joined FRCC as a planning engineer in 2005 and later assumed management roles

for Planning and Operations. In 2009, he was promoted to Vice President of Planning and Operations, where he was responsible for all Member Service activities and many Regional Entity functions, including Reliability Assessments, EventsAnalysis, SituationAwareness, and SystemOperator Training. Since FRCC Member Services was registered as a Planning Coordinator and a Reliability Coordinator, the FRCC Planning Committee and Operating Committee met regularly to ensure that the FRCC bulk power system remained highly reliable and compliant with the NERC Reliability Standards. Throughout his time with FRCC, John was very involved with these committees and valued the opportunity to learn even more about planning and operating a reliable bulk power system directly from the subject matter experts. In March 2018, John became the FRCC Vice President of Compliance, Enforcement and Reliability Performance. He was responsible for all ERO delegated Regional Entity activities with the exception of the ReliabilityAssessment area. This included Registration, Certification, CIP and O&P Compliance Monitoring, Entity RiskAssessments, Mitigation Plan review, and Enforcement. During this time, John also had the opportunity to enjoy significant engagement opportunities with NERC management, the NERC Board of Trustees, and the Member Representatives Committee.

FLORIDA INTEGRATION (Cont’d)

We remain committed to our goal of a smooth, simple, and seamless transition, not only for the Florida companies and former FRCC staff but also for our legacy SERC companies and SERC staff. With FRCC and SERC staff working and learning together on this integration endeavor, we are also confident that our Region’s organizational processes are and will continue to become stronger than ever. To that end, I would like to thank Stacy Dochoda, FRCC’s President and CEO, for her support in facilitating this effort. The future is exciting here at SERC, and we look forward to us all working together toward an even more reliable and secure power grid.

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

HOT TOPICS

NERC 2019 STATE OF RELIABILITY REPORT

NERC’s 2019 State of Reliability, published June 19, 2019 identified seven key findings, with extreme weather events being identified as the leading contributors to transmission, generation, and load loss. The electricity industry is under- going significant change, which presents both new challenges and opportunities for the reliability and security of the bulk power system. While ongoing performance measures show positive trends in generation, transmission, and protection and control performance, the report encourages continued vigilance as the evolving resource mix and cyber and physical security threats continue to present critical challenges. The report’s key findings include: • Extreme weather events continue to be leading contributors to load loss. • There were no non-weather category 3, 4, or 5 events in 2018. • Misoperations continue to decline. • Frequency response continues to improve in all interconnections. • In Texas, there is still reliability risk in 2019 due to the projected capacity deficit, but better than expected performance from the generation fleet helped meet 2018 summer peak demand. • Despite continually evolving threats, no cyber or physical security incidents led to unauthorized operational control actions or a loss of load. • As more inverter-based generation is added, solutions to emerging reliability challenges are being identified. The report’s recommendations include: • The ERO Enterprise and industry should continue improving their ability to understand, model and plan for a system with a significantly different resource mix. Priority should be given to understanding the implications of the following: frequency response under lower inertia conditions; contributions of inverter-based resources to essential reliability services; increasing protection and restoration system complexities with increased inverter-based resources; and resource adequacy with increasing energy constraints. • The ERO Enterprise and industry should develop comparative measurements and metrics to understand the different dimensions of resilience (e.g., withstanding the direct impact, managing through the event, recovering from events, and preparing for the next event) during the most extreme events and how system performance changes over time. • The ERO Enterprise and industry should continue to work closely together to understand and share information on cyber and physical security threats and mitigate the risks posed by these threats through a variety of approaches, including resilient system design, consequence-informed planning and operation, and practicing response and recovery processes. Also new in this year’s report is a chapter on emerging and known reliability issues highlighted by the NERC Reliability Issues Steering Committee and recommendations made in their February 2018 report. The 2018 RISC report provides a framework for prioritizing reliability issues and offers six recommendations to help NERC and the industry effectively focus resources on the critical issues needed to best improve the reliability of the bulk power system.

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 4

Align Update TheAlign project seeks to provide a common ERO Enterprise CMEP system in a secure environment that will: • Improve documentation, sharing, and analysis of compliance work activities; • Meet requirements under applicable professional standards and the Rules of Procedure; • Increase efficiency by aligning and consolidating CMEP process across the Regions; • Define and standardize CMEP data for consistency and improved analysis; and • Deliver a common platform and registered entity experience. SERC has been supporting this project through participation on the steering group, and working as change agents to share information internally with SERC Compliance staff and externally with stakeholders. Align Launch Schedule Adjustment In response to changes in functionality identified as must-have during the User Acceptance Training, additional develop- ment and testing will be necessary for Release 1. To ensure theAlign tool meets the needs of NERC, the regions and stakeholders, NERC has adjusted itsAlign launch schedule accordingly. As a result, SERC has cancelled all currently scheduledAlign training sessions. New training dates will be announced as more information becomes available. Do you have questions? Melinda Montgomery, AndrewWilliamson, and Todd Curl are ChangeAgents at SERC for theAlign Project. You are welcome to contact them if you have questions.

The Centralized Organization Registration ERO System (CORES) effort that was originally scheduled to roll out in June has been rescheduled as a soft launch for mid-July 2019. This will allow for more training opportunities and provide registered entities with a better user experience as the software is rolled out. The current focus is on having registered entity contacts complete initial registrations in the ERO Portal and activate Multi-Factor Authentication (MFA) for their devices. If you haven’t already done so, be sure to register your email address for ERO Portal Access. If you already had an ERO portal account, please be sure to activate MFA for your device. Click here for the NERC Multi-Factor Authentication Quick Start Guide or here for a more detailed User Guide. NERC posted a CORES update featured on page 5 of the June 17-23, 2019 NERC Standards, Compliance, and Enforcement Bulletin.

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

NOTE THE NEWS

N E W S

N E W S

Quick links to NERC’s Newsroom and Newsletters NERC Postings • Resources sufficient to meet summer peak demands in most areas • Presentations and recording for the June 19, 2019 Substation Fires - Working with First Responders Lessons Learned webinar

Situational Awareness/Events Analysis

Click above icon to access the SAEAdashboard.

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 6

Reliability Standard CIP-008-6 - Cyber Security - Incident Reporting and Response Planning. On June 20, 2019, FERC approved NERC’s petition for the request to approve proposed Reliability Standard CIP-008-6 (Cyber Security - Incident Reporting and Response Planning), the associated implementation plan, violation risk factors and violation severity levels, the inclusion of proposed revised definitions of “Cyber Security Incident” and “Reportable Cyber Security Incident” into the NERC Glossary, and the retirement of Reliability Standard CIP-008-5. Reliability Standard CIP-008-6 addresses the Commission’s directive fromOrder No. 848 to develop modifications to require the reporting of Cyber Security Incidents that compromise, or attempt to compromise, Electronic Security Perimeters, ElectronicAccess Control or Monitoring Systems and Physical Security Perimeters associated cyber systems. 2. Notice of Proposed Rulemaking Proposing toApprove Reliability Standard TPL-001-5 The Proposed Reliability Standard TPL-001-5 improves upon currently effective Reliability Standard TPL-001-4 by providing for more comprehensive and robust planning studies, thereby improving reliability. Further, the proposed standard addresses certain Commission directives from its Order No. 754 (approving TPL-001-4) and Order No. 786 (regarding planned maintenance outages and stability analysis for spare equipment strategy). First, the proposed standard provides for a more complete consideration of factors for selecting which known outages will be included in Near-TermTransmission Planning Horizon studies. The modifications reflected in proposed TPL-001-5 address the Commission’s concern that the exclusion of known outages of less than six months in TPL-001-4 could result in outages of significant facilities not being studied. Second, the proposed standard modifies Requirements for Stability analysis to require an entity to assess the impact of the possible unavailability of long lead time equipment, consistent with the entity’s spare equip- ment strategy. In addition, the NOPR proposes to direct NERC to develop and submit modifications to the NERC Reliability Standard to require corrective action plans for protection system single points of failure in combination with a three-phase fault if planning studies indicate potential cascading. Comments on the NOPR are due 60 days after publication in the Federal Register.

N E W S

Links to FERC’s Newsroom - OpenAccess Podcasts 2019 Open Meeting Schedule Energy Infrastructure Update: April 2019 • On June 12, 2019, FERC Chairman Neil Chatterjee and Commissioners Cheryl A. LaFleur, Richard Glick, and Bernard L. McNamee testified before the House Committee on Energy and Commerce, Subcommittee on Energy on Oversight of FERC ensuring its actions benefit consumers and the environments. Click names above to view testimonies. • Draft environmental Impact Statements were issued for: • FERC’s Dispute Resolution Service has been moved. • Order No. 859 revised the process for filing Commission Forms. News Release • Order 848 strengthens cyber security standards for the Bulk Electric System. FERC Staff Presentation News Release • Chairman Neil Chatterjee released a statement on the departure of Commissioner Cheryl LaFleur FERC June Open Meeting Summary Following the Federal Energy Regulatory Commission (“FERC” or “the Commission”) Open Meeting on June 20, 2019, FERC issued an Order and a Notice of a Proposed Rulemaking related to reliability. Below are summaries of the Order and the Notice of Proposed Rulemaking. Please direct any questions to SERC Legal: (serclegal@list-serc1.org). 1. Order Approving the Petition for the Request for Approval of Proposed Reliability Standard CIP-008-6 On March 7, 2019, the NorthAmerican Electric Reliabil- ity Corporation filed a petition for approval of proposed • Bucks Creek Hydropower Project • Mineville Energy Storage Project

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

Assistance

JUNE

AND LESSONS LEARNED

WEBPAGE

PROCESS

Question: June 5, 2019 For CIP-002 R2, the identifications stated in R2.1 and R2.2 are only for assets and BES Cyber Systems containing BES Cyber Assets; correct? The identifications do not apply to other devices such as PACS devices; correct? Response: That is correct. Question: June 5, 2019 In general, how is SERC treating virtual machines? If I have five virtual machines that perform reliability functions and my definition of a programmable electronic device does not include virtual machines because they aren’t devices, can I exempt the virtual devices as non-Cyber Assets? Response: SERC considers every “virtual machine” as if it was a “Physical Machine,” hence it is classified as a Cyber Asset. Although, a “virtual machine” by definition is not considered an electronic device by itself, it still utilizes the physical hardware of the Hypervisor in a shared function such as the CPU, memory, hard drives, NICs, and any available shared hardware allocated on its hypervisor. Each virtual machine has its own hardware and software configuration, hence it is applicable to CIP-010-2 baseline configuration controls, and also CIP-007-6 cyber security controls. Question: June 5, 2019 Concerning virtual machines, if a PACS-related virtual server is on a physical host along with other PACS-related virtual machines, does unescorted physical access to the physical host need to meet the Requirements of CIP-004-6 R3.2 if the virtual PACS machines are associated with a high impact BCS located in a separate physical location? This is concerning access to the virtual PACS devices, not a BCS.

Response: Yes, unescorted physical access to the physical host would need to meet the Requirements of CIP-004-6 R3.2 if the virtual PACS are associated with a high impact BCS located in a separate physical location. CIP-004-6 R2.3 states that it is associated with High Impact BES Cyber Systems and their associated PACS; it does not distinguish if they are virtual. Also, there is the risk that, if someone were to gain access to the physical host, they would have access to all virtual machines located on the said physical host. So, that physical host should be protected at the highest level of associated items on the said physical host. Question: June 5, 2019 PRC-025 is applicable to UATs. If however, during normal plant operations, a problem occurs with the UAT and the plant operators switch auxiliary load to their start-up transformer in order to keep the generator in service, is the start-up transformer now applicable to PRC-025 because it’s supporting auxiliary power to keep the generating unit online? Response: PRC-025-2 does not require the Generator Owner, Transmission Owner, or Distribution Provider to use any of the protective functions listed in Table 1. However, each Generator Owner, Transmission Owner, and Distribution Provider that applies load-responsive protective relays on their respective Elements listed in Section 4.2, Facilities, which includes Unit Auxiliary Transformers, shall use one of the Options in Table 1, Relay Loadability Evaluation Criteria to set each load-responsive protective relay

MORE

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 8

IRANIAN CYBERSECURITY THREATS

It has been almost a decade since the U.S. deemed Cyberspace as the fifth theater of war. Until last month, most cyber operations and combat happened without attribution. This changed on June 20, 2019, when President Trump approved an offensive cyber attack against Iranian military systems in direct response to Iranian forces taking down a U.S. military reconnais- sance drone and attacking two oil tankers in the Gulf of Oman. According to public sources, the cyber attack successfully crippled the command and control systems for Iranian missile launches. Other reports stated that it will take a substantial amount of recovery time. Soon thereafter, the Department of Homeland Security issued warnings to U.S. industrial sectors that the Iranian Regime is stepping up offensive cyber operations against oil, gas, utility, and government infrastructure. Three different private security organizations already confirmed an increase in cyber activity. The activity targeted a vast array of U.S. organizations, including the Department of Energy and U.S. national labs. Multiple organizations in the Finance, Gas, and Oil sectors have reported a wave of phishing emails believed to be attributed to Iranian cyber campaigns. Please visit www.eisac.com for recent Iranian activity bulletins. Any threatening or suspicious cyber activity within the ERO should be reported to the E-ISAC and the appropriate federal agencies. The Critical Broadcase Program cited Christopher C. Krebs, director of the DHS Cybersecurity and Infrastruc- ture SecurityAgency (CISA) as stating, “CISA is aware of

MAGNALLIUM / APT 33 Private security firms Dragos and FireEye dubbed Iranian attributed threat actors as Magnallium and APT33 respectively in 2017. The group initially targeted energy organizations in Saudi Arabia, but later expanded its operations to Europe, North America, and South Korea. Targets also expanded to Petrochemical and Aerospace organizations. The malware associated with these attacks was dubbed Shamoon, which has the capability to collect data, spread laterally, and deploy disk wiper malware and a master boot record wiper. It is likely that variants of Shamoon may be used in targeted cyber threats to the U.S. Best Defense The best defense for staying protected against the Iranian onslaught includes the following: • Phishing email awareness for all employees • Unique passwords for all accounts • Two-factor authentication where technically feasible • Active network monitoring • Update patches for critical systems

a recent rise in malicious cyber activity directed at the United States industries and government agencies by Iranian actors and proxies increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money.” Wiper malware is designed for the sole purpose of deleting data on devices in an attempt to cripple functionality. Distruction includes network hardware and other firmware devices as well. The main attack vectors previously used by nefarious Iranian actors include: • Spear-Phishing: Fraudulent practice of sending emails from a known or trusted sender • Phishing: Email campaign exploiting publically available job postings • Credential Stuffing: Using usernames and passwords leaked by third-parties

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

FAQs (Cont’d)

element according to its application and relay type. The start-up transformer in this scenario would be applicable to PRC-025-2 because it would be functioning as the Unit Auxiliary Transformer and would need the same protective functions applied to it as the normal Unit Auxiliary Transformer. Question: June 5, 2019 When developing a baseline for a BCA that is running Windows 7. What is the “OS” for that BCAand what is the “version” of that OS for that BCA? CIP-010-2 R1.1.1 specifically requires the OS to be listed and its “version”. Response: When documenting baseline configuration of the asset, it is important to document unique configuration attributes of the asset. As an example, for windows 7, “OS” can be listed as - “Windows 7 Professional” or “Windows 7 Enterprise”. “Version” of the OS, depending on the service pack level, can be listed as “Windows 7 - 6.1.7600” or “Windows 7 SP1 - 6.1.7601”. Question: June 10, 2019 With regards to CIP-002, if a separate storage area network (SAN) is used for memory for a virtual PACS system, is the SAN considered a Cyber Asset that needs to be in compliance with CIP-007, -010, etc.? Response: The NERC glossary definition of PACS mentions cyber assets (plural) as achieving compliance with CIP-006-6 R1, so if the SAN is one of the BES Cyber Assets, which in combination is used to “…control, alert, or log access to the Physical Security Perimeter(s), exclusive of locally mounted hardware or devices at the Physical Security Perimeter such as motion sensors, electronic lock control mechanisms, and badge readers,” then it would be part of the PACS and subject to the standards, requirements, and requirement parts where it falls under theApplicability column. Question Set-up: June 14, 2019 CIP-013-1 Cyber Security - Supply Chain Risk Assessment R1 requires Responsible Entities to develop one (or more) documented supply chain cyber security risk

management plans. The plan(s) is to include (R1.1) one or more processes used in planning for the procurement of BES Cyber Systems to identify and assess cyber security risks to the BES from vendor products and services. The plan(s) is also to include (R1.2) one or more processes used in procuring BES Cyber Systems that address R1.2.1 – R1.2.6. R2 requires Responsible Entities to implement its supply chain cyber security risk management plan(s) specified in R1. The plan(s) must be implemented on or before July 1, 2020. Note: “Implementation of the plan does not require the Responsible Entity to renegotiate or abrogate existing contracts…” from NERC CIP-013-1 Implementation Guidance document. Question: Will the Responsible Entities be expected to perform and document initial cyber security risk assessments on all its existing vendors that provide their BES Cyber System products and services prior to the compliance effective date? Response: No, CIP-013-1 affects only new procurements. This answer is supported by the General Considerations section of the Implementation Plan (https://www.nerc.com/pa/Stand/%20 CIP0131RD/Implementation_Plan_Clean_071117.pdf) “In implementing CIP-013-1, responsible entities are expected to use their Supply Chain Cyber Security Risk Management Plans in procurement processes (e.g., Request for Proposal, requests to entities negotiating on behalf of the responsible entity in the case of coopera- tive purchase agreements, master agreements that the responsible entity negotiates after the effective date (the renegotiation of contracts), or direct procurements covered under the responsible entity’s plan that begin on or after the effective date of CIP-013-1. Contract effective date, commencement date, or other activation dates specified in a contract do not determine whether the procurement action is within scope of CIP-013-1.” In order to determine the beginning date of a procure- ment, the Responsible Entity must document that date in a manner suitable for use as audit evidence. Without such documentation, audit teams will use the earliest date that provides reasonable assurance of the beginning of the procurement process.

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 10

Question: If initial risk assessments are expected, will performing and documenting a high-level controls risk assessment be acceptable for the July 1, 2020 effective date? Response: Risk assessments of vendors that provided equipment or services prior to the CIP-013-1 effective date of July 1, 2020, are not required. Any procurements for high or medium impact BES Cyber Systems equipment, software, or services begun after July 1, 2020 must be performed in accordance with the entity’s documented CIP-013-1 R1 supply chain cyber security risk management plan. Question: June 21, 2019 COM-001 R2, R4, and R6 state that each responsible entity must designate anAlternative Interpersonal Commu- nication capability with each of the listed entities. It does not state for what purpose (e.g., for the exchange of informa- tion necessary for the Reliable Operation of the BES) or for which facilities/personnel (e.g., between Control Centers within the same functional entity, and/or between a Control Center and field personnel). Is R12 considered a scoping requirement for Alternative Interpersonal Communication capability in R2, R4, and R6? Is a responsible entity required to be perform COM-001 R9 testing of the designatedAlternative Interpersonal Commu- nication capability at all facilities where the capability exists (e.g., primary and backup Control Center locations)? OR, is monthly testing at one of the facilities sufficient for Yes, anAlternative Interpersonal Communication is any medium that is able to serve as a substitute for, and does not utilize the same infrastructure (medium) as the Interper- sonal Communication. Yes, if the designatedAlternative Interpersonal Communi- cation is unique to the backup Control Center and the only medium utilized at the backup Control Center, it would be required to be tested in accordance with Requirement R9. Question: June 21, 2019 One of our facilities has started to make relay setting changes and had two relays fail during the setting change. This has made them apprehensive to continue to make compliance? Response:

the changes on the remaining relays (the same model as the two that previously failed). They have started doing the engineering to replace these relays, as the ones currently installed are end-of-life. Would a situation like this give them a basis to extend to the October 1, 2021 date, as they are working to replace the relays? While we want to be compliant with PRC-025, we also do not want to increase the risk to the BES by having multiple relays fail trying to make the required changes to get into compliance. Response: The implementation guide for PRC-025-2 puts the determination responsibility on the Generator Owner, Transmission Owner, or Distribution Provider to decide whether replacement or removal of the relay(s) is necessary. If it is determined that replacement or removal rather than setting changes is necessary, then the implementation date of October 1, 2021 is applicable. The entity should keep some form of documentation to support their basis for making this determination. Question: June 24, 2019 Concerning TOP-001-4 R23: When evaluating diversely routed data exchange infrastructure, does SERC require redundant cabling to be in separate cable trays or conduit, or can the wiring be within the same cable tray or conduit within the primary Control Center? Response: R23: Each BalancingAuthority__ shall have data exchange capabilities, with redundant and diversely routed data exchange infrastructure within the Balancing Authority’s primary Control Center, for the exchange of Real-time data with its Reliability Coordinator, Transmission Operator, and the entities it has identified it needs data from in order for it to perform its Real-time monitoring and analysis functions. [Violation Risk Factor: High] [Time Horizon: Same-Day Operations, Real-time Operations] The data infrastructure cabling should be routed through an independent tray and conduit system within the primary control center.

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

TECHNICAL COMMITTEES

Technical Committee members are invited to submit information for the newsletter. New committee members and those wishing to update committee rosters should use the Committee Roster Update Request Form located in the About SERC channel box on the SERC website homepage.

New Florida SERC Members

You are eligible to participate on the SERC Technical Committees. Each Board member representing the new Florida SERC Member companies received a confidentiality agreement (NDA) package with instructions on how to designate individuals to be their company’s representative and alternate to the SERC Engineering Committee, Operating Committee, and Critical Infrastructure Protection Committee. Please forward the nominations to Gaurav Karandikar (gkarandikar@serc1.org). When SERC receives the names and contact information for each company’s designees, we will contact them directly to initiate their committee involvement. For additional information, you are invited to watch the SERC Committee Membership eLearning module. If you have been assigned as a representative or alternate for your company and have any questions, please contact support@serc1.org.

Engineering Committee (EC)

Intra-Regional Long-TermWorking Group (LTWG) The LTWG Data Bank Update (DBU), hosted by Dominion Energy South Carolina, was held on June 5 - 6 on Sullivan’s Island, South Carolina. Thirty-two members of the LTWG participated either in person or via WebEx. The DBU was successfully completed by the members and posted to the portal on June 12. The cases that are built during this process are used by both the LTWG and Near-TermWorking Group (NTWG) to perform their current and future years’ studies and is also the case that is submitted to the Multi-Regional Modeling Working Group for the entire Eastern Interconnection models. Additionally, the DBU is used by some of the SERC Member companies to meet Requirement 4 of the MOD-032-1 Standard. The LTWG considered a DBU Review Task Force proposal to modify the DBU process to accommodate those SERC Members that do not rely on that process for compliance purposes. The proposal will be forwarded to the EC Planning Coordination Subcommittee (PLCS) for its consideration.

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 12

By: Evan Shuvo NCSO, PMP - Senior Engineer, Reliability SERC is happy to welcome its newest members in the FL Peninsula subregion to this year’s Summer Regional Meetings! This year marks the 47thAnnual Pig Roast, which will be hosted by the SERC MISO Central subregion: Midcontinent Independent SystemOperator, Inc.; Ameren Services Company; Big Rivers Electric Corporation; City of Columbia, MO; City of Springfield, IL - CWLP; and Southern Illinois Power Cooperative. In addition to the meetings and social activities, attendees are invited to enjoy a scavenger hunt and other family friendly games. You can register to participate by clicking the link under Social Activities on the Summer Regional Meetings Event Details page.

The participating Technical Committee subgroups will meet at the Crowne Plaza Springfield - Convention Center in Springfield, Illinois fromTuesday, July 16, through Thursday, July 18. Attendance at the meetings requires pre-registration and is limited to the members of the applicable subcommittees/groups. If you have not already done so, please visit the Summer Regional Meetings Event Details page on the SERC website to register for your respective meetings and find information on how to make hotel reservations. If you are unsure about whether you are eligible to attend a particular subgroup meeting, please check the subgroup roster by visiting the SERC committee portal. If you are not registered as a SERC committee member and would like to attend any of the meetings, please consult with that group’s SERC staff lead. • PLCS, Technical Seminar, and Joint Meeting: Evan Shuvo • DWG & OPWG: Dave Krueger • LTWG & NTWG: Herb Schrayshuen • RRS: Maria Haney

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

INSIDE SERC

SERC welcomes new Registered Entities and SERC Members from Florida (Members indicated in bold font.) Beaches Energy Services of Jacksonville Beach Calpine Corporation City of Bartow City of Homestead City of Key West (Keys Energy) City of Lake Worth City of Leesburg City of Ocala Electric Utility Gainesville Regional Utilities General Electric International - Shady Hills GenOn Florida Hardee Power Partners Limited Indiantown Cogeneration LP JEA Kissimmee Utility Authority Lakeland Electric Lee County Electric Cooperative, Inc Northern Star Generation Services Company, LLC Oleander Holdings, LLC Orlando Utilities Commission Reedy Creek Improvement District Seminole Electric Cooperative Stanton Clean Energy, LLC Tampa Electric Company Utilities Commission of New Smyrna Beach Vandolah Power Company, LLC New Team Members Welcomed to SERC Ted Bell joined SERC as a CIPAuditor. Ted comes to SERC from Southwest Power Pool (SPP) where he spent the past three years working with CIP Compliance. Prior to SPP, he was a Transmission PlanningAnalyst and IT Specialist. Dulce Plaza joined the SERC team as a Legal Counsel. For the past three years, Dulce focused on insurance litigation at Hedrick, Gardner, Kincheloe & Garofalo law firm. Prior to that, she served as a Legal Intern here at SERC. Steven Rose joined SERC as an O&P ComplianceAuditor. Previously, he worked for City Water, Light & Power in Springfield, Illinois where he has spent the past 17 years working in compliance. Prior to City Water, Light & Power, Steven spent time as an engineer and avionics technician. Marty Sas joined the team as a RAPAReliability Engineer. Marty was with MISO for the past 13 years, and worked in real-time operations, committee, and compliance. Before that, he was a dispatcher at PJM for three years. Marty holds a NERC SystemOperator certification. City of Tallahassee City of Winter Park Covanta Palm Beach Resource Recovery, LLC Duke Energy Florida, LLC Florida Keys Electric Cooperative Assn. Florida Municipal Power Agency Florida Municipal Power Pool Florida Power & Light Co. Florida Public Utilities Company Florida Reserve Sharing Group Fort Pierce Utilities Authority

<

SERC CONNECTION

HOT TOPICS

NOTE THE NEWS

PAGE 14

Please pre-register on the SERCwebsite. Due to fire code restrictions, onsite registration does not guarantee attendance can be accommodated. FOR YOUR CALENDAR

FERC: July 10 SERC: July 10 - 11 SERC: July 16 - 28 SERC: July 23 - 24 NERC: July 23 - 24 SERC: July 29

Columbia Gas Transmission, LLC Technical Conference Notice Event Details SOWGMeeting Summer Regional Meetings RMWGMeeting Compliance & Standards Workshop Q3 Open ForumWebinar (FRCC integration Q&ASession from 1:00 p.m. to 2:00 p.m.)

UPCOMING EVENTS All Upcoming Events SERC Events September 17 - 18 CIP Compliance Seminar October 8 - 9 Fall Compliance Seminar System Operator Conferences August 27 - 29 SOC #3 - Chattanooga, TN September 24 - 26 SOC #4 - Chattanooga, TN

GridEx V GridEx V is scheduled for November 13-14, and registration is now open. The E-ISAC will provide training on July 8, 2019 at 1:00 p.m. (Eastern) for planners, players, and observers on the exercise platforms (i.e., Exercise portal and Simulation Deck) that will be utilized during GridEx in

NERC SMALL GROUP ADVISORY MEETNGS

NERC will host Small GroupAdvisory Meetings on October 29-31, 2019 with registered entities, Standards Developers, and Regional Entities to assess the implemen- tation of the CIP Cyber Supply Chain Standards.

November. E-ISAC will also host webinars on August 5 and September 10 to provide an open forum for planners, participants, and observers to ask Exercise Leads questions. If you would like to register for GridEx V or any of the training events, please contact the GridEx team at: E-ISAC at gridex_registration@bah.com The NERC website has a GridEx page with additional information. Past webinar trainings are available on the GridEx portal.

October 22 - 25, 2019 The Weston Peachtree Plaza * Atlanta, Georgia Registration / Information

FOR YOUR CALENDAR

July 2019

>

TECHNICAL COMMITTEES

INSIDE SERC

Page 1 Page 2 Page 3 Page 4 Page 5 Page 6 Page 7 Page 8 Page 9 Page 10 Page 11 Page 12 Page 13 Page 14 Page 15

Made with FlippingBook - Online magazine maker