I’ve been looking over the NERC CIP v5 lately, because of a few discussions I’ve had over the past week. Mainly, it’s been the compliance requirements for the 1500 MW Critical Generation cutoff point and the design concept for what is called a “Unit Split”. A Unit Split involves taking a generation plant that meets the 1500 MW rule, and carving up the control systems so that no single BES cyber system can cause a reliability issue in 15 minutes. For once, I’m not here to soapbox about what’s in and what’s out, this is more of an engineering discussion.
First, owners need to be aware that they are trading compliance with the expensive, but reasonably bounded, NERC CIP process with a much less bounded risk assessment and control system analysis process. What do I mean? Once past the initial determination stage, NERC CIP focuses exclusively on cyber security, and doesn’t get into the details of equipment, processes, signaling, etc. Owners are held to only the NERC CIP requirements, and secondary considerations outside of the cyber security realm are minimal. However, eliminating systems from consideration is based upon an engineering assessment of what components can have an impact on 1500 MW of generation. This assessment is much more open ended, and brings in areas not normally part of the NERC CIP process. Some tasks I can envision would be: