While NERC CIP v5 covers many aspects of power utility operations including physical safety, standardization, and proper documentation, the aspect with which many people are most concerned is the cybersecurity requirements.
This recording of a webinar examines the cybersecurity requirements of NERC CIP and how the requirements will impact communications equipment deployed in operational networks. To help clarify the regulation’s sometimes-ambiguous language the presentation identifies the types of threat(s) each measure is designed to defend, and explain the logic behind the requirements.
The presentation also considers implementations of the relevant OT communications building blocks such as source authentication, access control, confidentiality, integrity, and application-aware (including SCADA) security gateways. It also looks at how each of these are best implemented throughout the different layers of the protocol stack, and in software vs hardware deployments.