WECC PSWG Minutes Nov12 13 by ExQYZ9

VIEWS: 0 PAGES: 6

									                       WECC Physical Security Workgroup Meeting
                                  November 12-13, 2009
                     Las Vegas, NV – Hosted by Bureau of Reclamation

                                       Meeting Minutes

Call to Order
Roger Serra, Chairperson, was unable to attend. Vice-Chair Darren Nielsen called the meeting
to order and welcomed the attendees.

Minutes of the September, 2009 meeting were approved.

Leadership
Darren reminded the group that the fall meeting is when the Chair and vice-Chair positions are
filled for the coming year. It was proposed that Darren would move from vice-Chair to the
Chairperson position and that Esteban Nava (SMUD) be the incoming vice-Chair. The
committee agreed and unanimously approved.

Reports from the various committees and workgroups

Dams Sector Coordinating Council
Toni Linenberger provided input on the last Dams Sector Coordinating Council Meeting (the
week previous, in Washington DC)
    SARS reporting tool is up and active on HSIN
    Toni again reminded the group that they may want to access the HSIN information
       available:
          o Executive brochure
          o Awareness handbooks
          o More…
    Dan Johnson substituted for the invited Michael Assante and provided a high level
       overview of Homeland Security. Toni has the PowerPoint.
    The issue of whether NERC is primarily ‘private’ or ‘government’ has come to the table.
    A national level exercise is being planned and participants are sought. Don Taussig
       provided schedule and presentations during the meeting and these were forwarded by
       Darren to the committee. Don said the exercise will be fairly intense and that a cyber
       exercise is being added to the scope. Others commented on a previous exercise.

CIPC Working Group
Scott LaChasse reported the next meeting of this group is next month.
      Scott now sits in on monthly briefs from DHS, but indicates the material presented is read
       from a script and is dated information, all available through public sources.
      There was discussion about PSA representatives, who are now in every state.
          o PSWG members do not generally allow other agencies/entities to do assessments
              of dam facilities.
          o There is a grant program to capture facility security information across the 18
              sectors of DHS – e.g., compare fence parameters between dam sites and nuclear
              sites. Concerns for protection of information were noted (PCII)
          o They also want to develop a national asset database, but the same concerns for
              protection of data exist with that effort.
          o Positive comments about the PSA program:
                   Conduit to state and local entities
                   Grant programs
                   A ‘1-stop shop’ in each state for anything DHS
                   In some specific instances, they have been the source of accurate
                      information as incidents unfolded
          o Darren has an updated spreadsheet of PSA contacts. He reported positive results
              in Arizona with the established relationship of a new PSA and strongly
              encouraged building the relationships.

WECC Spot Check Overview
Hector Alvarez, CAISO, reviewed the CAISO experience with a recent spot check audit.
General comments:
    Information Management – CAISO set up a SharePoint site for all data related to the
       audit. Physical binders proved to be challenging to track current versions of all materials.
    Logistics – Set up a well-equipped command post – copiers, fax machines, computers for
       purpose of staffing and participating in the audit. Idaho Power had done something
       similar.
    Partners – Interconnecting partners also participated. SCE and PGE were mentioned.
    The spot check covered 13 of the 41 CIP requirements.
    The ‘every 7 years’ requirement for PRA updates means exactly 7 years. Annual
       requirements in the CIPs are interpreted to mean one year plus/minus 30 days, but the
       PRA requirement is an exact requirement, to the date.

CIP 004 R3 PRA Discussion (Local Agency Check)
NERC has opened Project 2009-23 Interpretation of CIP-004-2. The committee discussion
relates to Question 3 of the Request: “What is meant by the term “seven-year criminal check” in
R3.1? Is a local or state check sufficient or is a national database required?” The NERC
response is proposed:
“The drafting team acknowledges that the requirement does not define “seven year criminal
check.” The team interprets that due to the nature of cyber and unescorted physical access
to critical facilities, the risk assessment must encompass a broad examination of an
individual’s record. Therefore, at least a “local agency check” (normally understood to be
through the city police department, county sheriff’s department, or the state police) for
every place of work and place of residence for the past seven years should be performed.”
The concern we discussed has to do with the proposed local agency check requirement. Darren
commented that local agencies would not likely perform this function and that there are
restrictions against them doing this. Hector commented that CAISO checks locally posted
information – e.g., court system rulings. The NERC Proposed response is open for voting for 18
more days – expires 8:00 AM EST December 1, 2009. Not that many entities vote, so every vote
counts. Darren recommends a vote of No.

Darren recirculated the email with his comment on the language and an email with a response
submitted by AP.

Best Practices Approach Presentation
Dick Winters, Manager of Substation Operations, BPA delivered a presentation on the impact of
regulatory compliance on operations. Specific impacts were presented on OSHA changes to
minimum distances, changes in rules of conduct to access, Homeland Security Presidential
Directive 12, and NERC CIPs. Darren has circulated the presentation to the committee. The
summary slide points are presented here:
    Build flexibility into your standards
    Equipment doesn’t work all the time (backup solutions as acceptable)
    People make mistakes
    If you build tight standards, be prepared to file self violation documents and mitigation
       plans

Access Request Management System
Darren Nielsen gave a demonstration of the ARMS workflow used at APS for access
implementation, revocations and process to ensure a PRA and CBT are conducted. The APS
ARMS is tied into their PeopleSoft system that monitors active employees. Some of the
functions provided include:
    Request Access
    Revocation of access
    View or approve access
    Access requests (pending)
    Access list (by date)
    Access list (by asset)
    Daily reviews of provisioned and de-provisioned personnel.


John Van Boxtel – WECC – commented that the WECC RC has built an application on
SharePoint. Scripts have been developed for daily execution. Discrepancies are emailed. Later
in the meeting John announced that the WECC SharePoint workflows can be shared, once legal
disclaimers are available. The documents will be distributed by Darren Nielsen to the group as
soon as John gets the approval.

Round Table Discussion
    Terry Coggins – Tacoma Power – asked how others were monitoring PSPs. Group
     experience varied: some use all security personnel and some use some operations
     personnel, depending on situation. There was also discussion about contracted security
    personnel vs. in-house staff. Positive experiences reported with more expensive but
    better trained contract services. Darren mentioned that APS Security Director has
    successfully pursued making the former Contract Security System Operators FTE’s to
    reduce the turnover and ensure key positions are professionalized. It is imperative to
    maintain employees and reduce turnover in this position for business and CIP
    compliance. Other discussion on this point included armed vs. unarmed personnel in for
    California and other Federal entities (BPA).
   John Glover – Tacoma Power – asked about substations being classified as CIP areas.
    Brian Martin commented that it was dependent on the existence of IP addressable
    equipment (routable protocols).
   Dave Cattanach – BC Hydro – related a change management story in which a garden
    gnome, acting on its own, was able to appear in unexpected locations; this inspired better
    attention to security practices. Dave also commented on the elaborate security
    preparations for the 2010 Winter Games coming up in February.
   Brian Martin – BCTC – commented on the large scale electric reliability preparations for
    the Winter Games. He also mentioned recent successes with their copper theft program.
   Scott LaChasse – Southern Cal Edison – mentioned LEO (Law Enforcement Online) an
    FBI online virtual command center portal. Once qualified for access you can run a
    command post remotely. Later the FBI will send a CD with the information to you and
    will wipe the online incident clean. Contact your FBI InfraGuard resource. They have a
    professional presentation on this. Scott also added that he received pushed information
    from InfraGuard daily – good quality information. Also, LEO could be a source for a
    speaker at a future PSWG meeting.
   Jerry Uhler – Southern Cal Edison – asked about marking wire – the benefits vs. the
    expense of doing so. Jeffrey Millennor commented that BPA has had success with this.
   Erik Smith – BPA – asked for some support from the group on considering a graded
    approach to classifying assets. He will send something out on this, but envisions a tier
    classification along the lines of I) most critical; II) want to protect, even though not most
    critical; and III) operational impact.
   Jeffrey Millennor – BPA – added to the metal theft topic. The better you can articulate
    how to identify the wire – how it is used in our industry (e.g., substation grounding
    wiring) – the better prepared local enforcement agencies will be to assist. He cited an
    example where an officer was able to identify industry wiring from scraps found in a side
    yard. Scott added that in California, now, people turning in copper scrap must wait three
    days to be paid.
   Toni Linenberger – Reclamation – recognized Darren’s contribution in making the
    arrangements for this meeting.
   Don Taussig – Reclamation – provided a brief overview of photos from the Hoover Dam
    site including the construction of the new bridge. He also discussed the evolution of
    physical security at that site.
   John Van Boxtel – WECC – reminded us that Version 3 of the CIP standards is available
    for review. CIP 006 R1 talks about logging the exit time for escorted visitors. This is a
    concern because of the frequent entries and re-entries that are likely to occur. Also, the
    requirement will be to name the escorting person. The first 90-day comment period is
    now open.
      Darren Nielsen – Expressed his appreciation for the participation and encouraged more
       communication between the members between meetings. Suggested sending comments to
       him so that he track discussion points and ensure they are agenda items for upcoming
       meetings or disseminated more timely so important items can be acted on. Use the PSWG
       as a resource and network to obtain information from a very experienced and dynamic
       group of professionals. Some folks have waited to ask questions for fear of being wrong
       and the delay only created more issues. Many issues would have been resolved with
       some outreach and communication.


Future Meetings
    March 25-26 – Southern California Edison – Los Angeles / Newport Beach. Details Soon
    June 15 – BC Hydro – Vancouver BC, in conjunction with a NERC CIPC meeting.
    Later meetings being considered in Boise (Idaho Power) and Sacramento (CAISO) and
      Portland (BPA or PacifiCorp)

Hoover Dam Tour Friday 0800-1500
The group traveled to Hoover Dam for a behind the scenes tour of the security operations and
dam facility.



Attendees:

Don Taussig – Bureau of Reclamation
Toni Linenberger – Bureau of Reclamation
Darren Nielsen – APS
Mona Manley – SRP
Jerry Uhler – SCE
Scott LaChasse – SCE
Erik Smith – BPA
Dick Winters – BPA
Jeffrey L. Millennor - BPA
Terry Coggins – Tacoma Power
John Glover – Tacoma Power
Brian Martin – BCTC
Dave Cattanach – BC Hydro
Marcus Fehlman – Idaho Power
Robin Rice – Idaho Power
John Van Boxtel – WECC
Cindy Arroyo – Colorado Springs Utilities
Hector Alvarez – CAISO
Kim Spear - EWEB
Terry Bequette - EWEB

								
To top