Power utility responsibilities: General Electric's contribution:
Provide physical security controls and perimeter
monitoring.
Ensur
e that people who have access to critical cyber
assets don’t have criminal records.
General Electric cannot provide additional help with this aspect.
3.1.6 CIP 007
CIP 007 covers the following points:
● T
est procedures
● Ports and services
● Security patch management
● Antivirus
● Account management
● Monitoring
● An annual vulnerability assessment should be performed
Power utility responsibilities: General Electric's contribution:
To provide an incident response team and have
appr
opriate processes in place
Test procedures, we can provide advice and help on testing.
Ports and services, our devices can disable unused ports and services
Security patch management, we can provide assistance
Antivirus, we can provide advise and assistance
Account management, we can provide advice and assistance
Monitoring, our equipment monitors and logs access
3.1.7 CIP 008
CIP 008 requires that an incident response plan be developed, including the definition of an incident response
team, their r
esponsibilities and associated procedures.
Power utility responsibilities: General Electric's contribution:
To provide an incident response team and have
appr
opriate processes in place.
General Electric cannot provide additional help with this aspect.
3.1.8 CIP 009
CIP 009 states that a disaster recovery plan should be created and tested with annual drills.
Power utility responsibilities: General Electric's contribution:
To implement a recovery plan
To provide guidelines on recovery plans and backup/restore
documentation
3.2 IEEE 1686-2007
IEEE 1686-2007 is an IEEE Standard for substation IEDs' cyber-security capabilities. It proposes practical and
achiev
able mechanisms to achieve secure operations.
The following features described in this standard apply:
● Passwords are 8 characters long and can contain upper-case, lower-case, numeric and special characters.
● Passwords are never displayed or transmitted to a user.
P54A/B/C/E Chapter 18 - Cyber-Security
P54xMED-TM-EN-1 419
To Next Page
Loading...
Need help?
General
