Stakeholder Comparison Comment Rationale Matrix
2012-12-11
AESO AUTHORITATIVE DOCUMENT PROCESS
Alberta Reliability Standard – CIP-002 AB-4A Cyber Security-Critical Cyber Asset Identification
Date of Request for Comment [yyyy/mm/dd]:
Period of Consultation [yyyy/mm/dd]:
Comments From:
2012-12-11
2012-12-11
Company name
through 2013-01-25
Contact:
Company Contact
Phone:
Contact Phone Number
E-mail:
Contact E-mail
Date [yyyy/mm/dd]:
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
1
NERC 002-4a
Purpose
NERC Standards CIP-002-4 through
CIP-009-4 provide a cyber security
framework for the identification and
protection of Critical Cyber Assets to
support reliable operation of the Bulk
Electric System.
These standards recognize the differing
roles of each entity in the operation of
the Bulk Electric System, the criticality
and vulnerability of the assets needed
to manage Bulk Electric System
reliability, and the risks to which they
are exposed.
Business and operational demands for
managing and maintaining a reliable
Bulk Electric System increasingly rely
on Cyber Assets supporting critical
reliability functions and processes to
communicate with each other, across
functions and organizations, for
services and data. This results in
increased risks to these Cyber Assets.
Standard CIP-002-4 requires the
identification and documentation of the
Critical Cyber Assets associated with
the Critical Assets that support the
reliable operation of the Bulk Electric
System. These Critical Assets are to be
identified through the application of the
criteria in Attachment 1.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
Clarified the purpose to align with the
Purpose
content of proposed CIP-002-AB-4a.
The purpose of this reliability
standard is to identify and document
Removed background and explanatory
the critical cyber assets associated
information relative to other CIP
with the critical assets that support
reliability standards.
the reliable operation of the
interconnected electric system.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
AESO Replies
2
NERC 002-4a
Applicability
4.1. Within the text of Standard CIP002-4, “Responsible Entity” shall mean:
4.1.1 Reliability Coordinator.
4.1.2 Balancing Authority.
4.1.3 Interchange Authority.
4.1.4 Transmission Service
Provider.
4.1.5 Transmission Owner.
4.1.6 Transmission Operator.
4.1.7 Generator Owner.
4.1.8 Generator Operator.
4.1.9 Load Serving Entity.
4.1.10 NERC.
4.1.11 Regional Entity.
4.2. The following are exempt from
Standard CIP-002-4:
4.2.1 Facilities regulated by the
Canadian Nuclear Safety
Commission.
4.2.2 Cyber Assets associated with
communication networks and data
communication links between
discrete Electronic Security
Perimeters.
4.2.3 In nuclear plants, the
systems, structures, and
components that are regulated by
the Nuclear Regulatory
Commission under a cyber security
plan pursuant to 10 C.F. R. Section
73.54.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
 New
Applicability
 Amended
This reliability standard applies to:
 Deleted
(a) the legal owner of a
transmission facility that is
The terms used to describe applicable
part of the bulk electric
entities in this reliability standard have
system operated at or above
been amended from the NERC version
one hundred (100) kV;
in order to correctly identify the
applicable entities in Alberta and to align
(b) the operator of a
with terms included in the AESO
transmission facility that is
Consolidated Authoritative Documents
part of the bulk electric
Glossary.
system operated at or above
one hundred (100) kV;
In addition, clarification regarding what
(c) the legal owner of a
being “part of the bulk electric system”
generating unit that is:
means has been provided where
necessary.
(i) directly connected to the
bulk electric system or
part of an industrial
complex that is directly
connected to the bulk
electric system and has a
maximum authorized real
power rating greater than
eighteen (18) MW;
AESO Replies
(ii) within a power plant which:
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
(A) is not part of an
aggregated
generating facility;
(B) is directly connected
to the bulk electric
system; and
(C) has a combined
3
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
maximum
authorized real
power rating greater
than sixty-seven
point five (67.5) MW;
NERC 002-4a
AESO Replies
(iii) a black start resource; or
(iv) regardless of maximum
authorized real power
rating, a generating unit
the ISO designates in
accordance with criterion
1.3 in Appendix 1;
(d) the operator of a generating
unit that is:
(i) directly connected to the
bulk electric system or
part of an industrial
complex that is directly
connected to the bulk
electric system and has a
maximum authorized real
power rating greater than
eighteen (18) MW;
(ii) within a power plant which:
(A) is not part of an
aggregated
generating facility;
(B) is directly connected
to the bulk electric
system; and
(C) has a combined
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
4
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
maximum
authorized real
power rating greater
than sixty-seven
point five (67.5) MW;
NERC 002-4a
AESO Replies
(iii) a black start resource; or
(iv) regardless of maximum
authorized real power
rating, a generating unit
the ISO designates in
accordance with criterion
1.3 in Appendix 1;
(e) the legal owner of an
aggregated generating
facility that is:
(i) directly connected to the
bulk electric system and
has a maximum
authorized real power
rating greater than sixtyseven point five (67.5)
MW;
(ii) a black start resource; or
(iii) regardless of maximum
authorized real power
rating, an aggregated
generating facility the
ISO designates in
accordance with criterion
1.3 in Appendix 1;
(f) the operator of an aggregated
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
5
NERC 002-4a
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
generating facility that is:
AESO Replies
(i) directly connected to the bulk
electric system and has a
maximum authorized real
power rating greater than
sixty-seven point five (67.5)
MW;
(ii) a black start resource; or
(iii) regardless of maximum
authorized real power
rating, an aggregated
generating facility the
ISO designates in
accordance with criterion
1.3 in Appendix 1;
(g) the legal owner of an electric
distribution system that owns
any facilities or systems that
are designed, installed and
operated for the protection or
restoration of the bulk electric
system, including:
(i) an underfrequency load
shedding program;
(ii) an under voltage load
shed program; and
(iii) those facilities in the ISO's
restoration plan;
(h) the ISO.
In this reliability standard, the term
“responsible entity” means all those
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
6
NERC 002-4a
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
that are listed above.
AESO Replies
Exemptions:
Cyber assets associated with
communication networks and with data
communication links between discrete
electronic security perimeters are
exempt from the requirements of CIP002-AB-4a.
Effective Date
The first day of the eighth calendar
quarter after applicable regulatory
approvals have been received (or the
Reliability Standard otherwise becomes
effective the first day of the ninth
calendar quarter after BOT adoption in
those jurisdictions where regulatory
approval is not required)
Effective Date
The first day of the calendar quarter,
(January 1, April 1, July 1 or October
1), that follows four full calendar
quarters after approval by the
Commission.
R1 Critical Asset Identification — The
Responsible Entity shall develop a list
of its identified Critical Assets
determined through an annual
application of the criteria contained in
CIP-002-4 Attachment 1 – Critical Asset
Criteria. The Responsible Entity shall
update this list as necessary, and
review it at least annually. M1 The
Responsible Entity shall make available
its list of Critical Assets as specified in
Requirement R1.
R1 The responsible entity must
develop a list of its identified critical
assets determined through the
application of the criteria contained in
Appendix 1, Critical Asset Criteria.
R2 The responsible entity must update
the list developed pursuant to
requirement R1 through the application
of the criteria contained in Appendix 1
as necessary, and review the list at
least once every calendar year.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
The proposed effective date has been
amended to allow a reasonable amount
of time for Alberta entities to implement
proposed CIP-002-AB-4a.
 New
 Amended
 Deleted
NERC requirement R1 contains two
requirements that have been divided into
Alberta requirements R1 and R2 to
separate out specific responsibilities.
Alberta requirements R1 and R2 have
been drafted in accordance with the
AESO’s Alberta reliability standards
drafting principles to add clarity to the
requirements.
7
NERC 002-4a
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
R3 The responsible entity must update  New
the list developed pursuant to
 Amended
requirement R1 to include any new
 Deleted
facilities identified pursuant to
requirement R8 within twelve (12)
Alberta requirement R3 has been added
months of the notification that the ISO
to identify that the updated list must
is required to provide in requirement
include new facilities as required
R9.
pursuant to requirement R8 and to
identify the appropriate implementation
timeframe.
AESO Replies
Alberta requirement R3 has been
drafted in accordance with the AESO’s
Alberta reliability standards drafting
principles to add clarity to the
requirements.
R2. Critical Cyber Asset Identification—
Using the list of Critical Assets
developed pursuant to Requirement R1,
the Responsible Entity shall develop a
list of associated Critical Cyber Assets
essential to the operation of the Critical
Asset. The Responsible Entity shall
update this list as necessary, and
review it at least annually.
For each group of generating units
(including nuclear generation) at a
single plant location identified in
Attachment 1, criterion 1.1, the only
Cyber Assets that must be considered
are those shared Cyber Assets that
could, within 15 minutes, adversely
impact the reliable operation of any
combination of units that in aggregate
R4 The responsible entity must use
the list of critical assets developed
pursuant to requirement R1 and
updated pursuant to requirement R2, to
develop a list of associated critical
cyber assets essential to the operation
of the critical asset and specifically:
(a) for each group of generating
units at a single plant location
identified in Appendix 1,
criterion 1.1, the only cyber
assets that must be
considered are those shared
cyber assets that could, within
fifteen (15) minutes, adversely
impact the reliable operation of
any combination of generating
units that in aggregate equal
or exceed Appendix 1, criterion
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
 New
 Amended
 Deleted
NERC requirement R2 contains two
requirements that have been divided into
Alberta requirements R4 and R5 to
separate out specific responsibilities.
Alberta requirements R4 and R5 have
been drafted in accordance with the
AESO’s Alberta reliability standards
drafting principles to add clarity to the
requirements.
Further, reference to nuclear generation
has been removed as it does not exist in
Alberta at this time.
8
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
NERC 002-4a
equal or exceed Attachment 1, criterion
1.1.
For the purpose of Standard CIP-002-4,
Critical Cyber Assets are further
qualified to be those having at least one
of the following characteristics:
• The Cyber Asset uses a routable
protocol to communicate outside the
Electronic Security Perimeter; or,
• The Cyber Asset uses a routable
protocol within a control center; or,
• The Cyber Asset is dial-up
accessible
AESO Replies
1.1;
(b) for criteria 1.2 to 1.18 in
Appendix 1, cyber assets that
must be considered are those
cyber assets that could, within
fifteen (15) minutes, adversely
impact the operation of the
critical asset; and
(c) for the purposes of CIP-002AB-4a, critical cyber assets
are further qualified to be those
having at least one (1) of the
following characteristics:
(i) the cyber asset uses a
routable protocol to
communicate outside the
electronic security
perimeter;
(ii) the cyber asset uses a
routable protocol within a
control center; or
(iii) the cyber asset is dial-up
accessible.
R5 The responsible entity must update
the list as necessary in requirement R4
when cyber assets change and review
it at least once every calendar year.
R3. Annual Approval —The senior
manager or delegate(s) shall approve
annually the list of Critical Assets and
the list of Critical Cyber Assets. Based
R6 The responsible entity must have
its CIP Senior Manager or delegate
approve, at least once every calendar
year, the list of critical assets and the
list of critical cyber assets and based
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
 New
 Amended
 Deleted
NERC requirement R3 contains two
9
NERC 002-4a
on Requirements R1 and R2 the
Responsible Entity may determine that
it has no Critical Assets or Critical
Cyber Assets. The Responsible Entity
shall keep a signed and dated record of
the senior manager or delegate(s)’s
approval of the list of Critical Assets
and the list of Critical Cyber Assets
(even if such lists are null.)
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
on requirements R1, R2, R4 and R5,
requirements that have been divided into
the responsible entity may determine
Alberta requirements R6 and R7 to
that it has no critical assets or critical separate out specific responsibilities.
cyber assets.
Alberta requirements R6 and R7 have
R7 The responsible entity must keep a
been drafted in accordance with the
signed and dated record of its CIP
AESO’s Alberta reliability standards
Senior Manager or delegate’s
drafting principles to add clarity to the
approval of the list of critical assets
requirements.
and the list of critical cyber assets,
even if such lists contain no entries.
R8 The ISO must, at least once every
calendar year, review the facilities that
meet criteria 1.3, 1.4, 1.5, 1.8, 1.9 or
1.11 in Appendix 1 and identify any
new facilities and any facilities that no
longer meet the criteria.
AESO Replies
New
Amended
 Deleted
New Alberta requirement R8 has been
added in proposed CIP-002-AB-4a to set
out the responsibilities of the AESO that
must be met in Appendix 1.
Alberta requirement R8 has been
drafted in accordance with the AESO’s
Alberta reliability standards drafting
principles to add clarity to the
requirements.
R9 The ISO must, within ninety (90)
days of completing the review, notify
legal owners of those facilities that are
affected by the result of the review and
of those facilities that are newly
identified by the review as required in
requirement R8.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
New
Amended
 Deleted
New Alberta requirement R9 has been
added in proposed CIP-002-AB-4a to set
out the timeline and responsibilities of
the AESO that must be met in Appendix
1.
10
NERC 002-4a
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
AESO Replies
Alberta requirement R9 has been
drafted in accordance with the AESO’s
Alberta reliability standards drafting
principles to add clarity to the
requirements.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
11
NERC 002-4a
M1. The Responsible Entity shall make
available its list of Critical Assets as
specified in Requirement R1.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
M1 Evidence of developing a list of its
All proposed CIP-002-AB-4a measures
identified critical assets as required in have been drafted in accordance with
requirement R1 exists. Evidence may
the AESO’s Alberta reliability standards
include a list of critical assets showing drafting principles.
the identifier of each critical asset and
the date when each critical asset was
Amended NERC measurement M1
to improve clarity, and provide examples
updated to the list.
of what evidence may include, and to
M2 Evidence of updating the list
align with Alberta requirements R1, R2
developed pursuant to requirement R1
and R3.
as required in requirement R2 exists.
Evidence may include:
AESO Replies
(a) documentation showing the
date and result of each review
and the identification of
personnel who conducted the
review; and
(b) the updated list of critical
assets showing that changes
based on the result of the
review, if any, were made.
M3 Evidence of updating the list
developed pursuant to requirement R1
as required in requirement R3 exists.
Evidence may include the updated list
of critical assets showing the identifier
of new facilities, if any, and the date of
updating these new facilities to the list.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
12
NERC 002-4a
M2. The Responsible Entity shall make
available its list of Critical Cyber Assets
as specified in Requirement R2.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
M4 Evidence of using the list of critical Amended NERC measurement M2.
assets developed pursuant to
to improve clarity, provide examples of
requirement R1 and updated pursuant
what evidence may include, and to align
to requirement R2 to develop a list of
with Alberta requirement R4 and R5.
associated critical cyber assets as
required in R4 exists. Evidence may
include a list of critical cyber assets
showing the identifier of each critical
cyber asset, the identifier of critical
asset it associates with, its
communication protocol and the date
when it was updated to the list.
AESO Replies
M5 Evidence of updating the list and
reviewing it as required in requirement
R5 exists. Evidence may include:
(a) documentation showing the
date and results of each review
and the identification of
personnel who conducted the
review; and
(b) the updated list of critical
cyber assets showing that
changes based on the result of
the review, if any, were made.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
13
NERC 002-4a
M3. The Responsible Entity shall make
available its records of approvals as
specified in Requirement R3.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
M6 Evidence of having its CIP Senior
Amended NERC measurement M3 to
Manager or delegate approve the list
improve clarity, provide examples of
of critical assets and the list of critical what evidence may include, and to align
cyber assets as required in
with Alberta requirements R6 and R7.
requirement R6 exists. Evidence may
include a signed and dated record of
the CIP Senior Manager or delegate’s
approval of the lists.
AESO Replies
M7 Evidence of keeping a signed and
dated record of its CIP Senior
Manager or delegate’s approval as
required in requirement R7 exists.
Evidence may include a signed and
dated record of the CIP Senior
manager or delegate’s approval of the
lists.
M8 Evidence of reviewing and
identifying facilities as required in R8
exists. Evidence may include
documentation identifying the date of
the result of each review.
Added to align with Alberta requirement
R8.
M9 Evidence of notifying legal owners
as required in requirement R9 exists.
Evidence may include email or mail to
appropriate recipients that identifies
contents submitted.
Added to align with Alberta requirement
R9.
Compliance
To view the compliance section D of
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
The Alberta reliability standards do
not contain a compliance section.
14
the NERC reliability standard follow
this link:
http://www.nerc.com/files/CIP-0024a.pdf
Compliance with all Alberta reliability
standards is completed in
accordance with the Alberta
Reliability Standards Compliance
Monitoring Program, available on the
AESO website at:
http://www.aeso.ca/loadsettlement/1
7189.html
Regional Differences
Regional Differences
None identified.
None identified.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
15
Appendix 1: Critical Asset Criteria
NERC 002-4a
1.1. Each group of generating units
(including nuclear generation) at a
single plant location with an
aggregate highest rated net Real
Power capability of the preceding 12
months equal to or exceeding 1500
MW in a single Interconnection.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
 New
1.1. Each group of generating
 Amended
units at a single plant location with
 Deleted
an aggregate highest rated net real
power capability of the preceding
Amended NERC criterion 1.1 when
twelve (12) months equal to or
drafting Alberta criterion 1.1 in
exceeding fifteen hundred (1500)
accordance with the reliability standard
MW.
drafting principles to add clarity to the
criteria.
AESO Replies
Alberta Variance1: Removed reference
to nuclear generation as it does not exist
in Alberta at this time.
1
1.2. Each reactive resource or group
of resources at a single location
(excluding generation Facilities)
having aggregate net Reactive Power
nameplate rating of 1000 MVAR or
greater.
1.2. Each reactive power resource
or group of resources at a single
location, excluding generating units
or aggregated generating facilities,
having an aggregate net reactive
power nameplate rating of one
thousand (1000) MVAR or greater.
1.3. Each generation Facility that the
Planning Coordinator or Transmission
Planner designates and informs the
Generator Owner or Generator
Operator as necessary to avoid BES
1.3. Each generating unit or
aggregated generating facility that
the ISO designates as necessary to
avoid adverse reliability impacts in
the long-term planning horizon and
 New
 Amended
 Deleted
Amended NERC criterion 1.2 when
drafting Alberta criterion 1.2 in
accordance with the reliability standard
drafting principles to add clarity to the
criteria.
 New
 Amended
 Deleted
Amended NERC criterion 1.3 when
An Alberta variance is a change from the US Reliability Standard that the AESO has determined is material.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
16
NERC 002-4a
Adverse Reliability Impacts in the
long-term planning horizon.
1.4. Each Blackstart Resource
identified in the Transmission
Operator's restoration plan.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
informs the legal owner of a
drafting Alberta criterion 1.3 in
generating unit or the legal owner
accordance with the reliability standard
of an aggregated generating facility drafting principles to add clarity to the
of such designation.
criteria.
1.4. Each blackstart resource
identified in the ISO’s restoration
plan.
AESO Replies
 New
 Amended
 Deleted
Amended NERC criterion 1.4 when
drafting Alberta criterion 1.4 in
accordance with the reliability standard
drafting principles to add clarity to the
criteria.
1.5. The Facilities comprising the
Cranking Paths and meeting the initial
switching requirements from the
Blackstart Resource to the first
interconnection point of the
generation unit(s) to be started, or up
to the point on the Cranking Path
where two or more path options exist,
as identified in the Transmission
Operator's restoration plan.
1.5. The facilities comprising the
cranking paths and meeting the
initial switching requirements from the
blackstart resource to the first
connection point of the generating
unit to be started, or up to the point
on the cranking path where two (2)
or more cranking path options exist,
as identified in the ISO's restoration
plan.
1.6. Transmission Facilities operated
at 500 kV or higher.
1.6 Transmission facilities
operated at five hundred (500) kV or
higher.
 New
 Amended
 Deleted
Amended NERC criterion 1.5 when
drafting Alberta criterion 1.5 in
accordance with the reliability standard
drafting principles to add clarity to the
criteria.
 New
 Amended
 Deleted
Amended NERC criterion 1.6 when
drafting Alberta criterion 1.6 in
accordance with the reliability standard
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
17
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
drafting principles.
NERC 002-4a
1.7. Transmission Facilities operated
at 300 kV or higher at stations or
substations interconnected at 300 kV
or higher with three or more other
transmission stations or substations.
1.7. Transmission facilities
operated at three hundred (300) kV
or higher at stations or substations
connected at three hundred (300) kV
or higher with three (3) or more other
transmission stations or substations.
1.8. Transmission Facilities at a single
station or substation location that are
identified by the Reliability
Coordinator, Planning Authority or
Transmission Planner as critical to the
derivation of Interconnection
Reliability Operating Limits (IROLs)
and their associated contingencies.
1.8 Transmission facilities that
the ISO identifies as related to the
derivation of interconnection
reliability operating limits and their
contingencies for transmission
paths listed in the most current Table
titled Major WECC Transfer Paths in
the Bulk Electric System.
1.9. Flexible AC Transmission
Systems (FACTS), at a single station
or substation location, that are
identified by the Reliability
Coordinator, Planning Authority or
Transmission Planner as critical to the
derivation of Interconnection
Reliability Operating Limits (IROLs)
and their associated contingencies.
1.9. Flexible alternating current
transmission systems, at a single
station or substation location, that the
ISO identifies as critical to the
derivation of interconnection
reliability operating limits and their
contingencies for transmission
paths listed in the most current Table
titled Major WECC Transfer Paths in
the Bulk Electric System.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
AESO Replies
 New
 Amended
 Deleted
Amended NERC criterion 1.7 when
drafting Alberta criterion 1.7 in
accordance with the reliability standard
drafting principles.
 New
 Amended
 Deleted
Clarified Alberta criterion 1.8 by
removing “at a single station or
substation location”.
Clarified Alberta criterion 1.8 by adding,
“and their contingencies for transmission
paths listed in the most current Table
titled “Major WECC Transfer Paths in the
Bulk Electric System”..
 New
 Amended
 Deleted
Clarified Alberta criterion 1.9 by adding
“and their contingencies for transmission
paths listed in the most current Table
titled “Major WECC Transfer Paths in the
Bulk Electric System”.
18
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
NERC 002-4a
1.10. Transmission Facilities
providing the generation
interconnection required to connect
generator output to the transmission
system that, if destroyed, degraded,
misused, or otherwise rendered
unavailable, would result in the loss of
the assets identified by any Generator
Owner as a result of its application of
Attachment 1, criterion 1.1 or 1.3.
1.10 Transmission facilities
providing the generation connection
required to connect generating unit
or aggregated generating facility
output to the transmission system
which, if destroyed, degraded,
misused, or otherwise rendered
unavailable, would result in the loss
of the critical assets the legal
owner of a generating unit or the
legal owner of an aggregated
generating facility identifies as a
result of its application of Appendix 1,
criterion 1.1 or 1.3.
1.11. Transmission Facilities identified
as essential to meeting Nuclear Plant
Interface Requirements.
AESO Replies
 New
 Amended
 Deleted
Amended NERC criterion 1.10 when
drafting Alberta criterion 1.10 in
accordance with the reliability standard
drafting principles to add clarity to the
criteria.
 New
 Amended
 Deleted
Alberta Variance2: No Nuclear facilities
exist in Alberta.
2
An Alberta variance is a change from the US Reliability Standard that the AESO has determined is material.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
19
NERC 002-4a
1.12. Each Special Protection System
(SPS), Remedial Action Scheme
(RAS) or automated switching system
that operates BES Elements that, if
destroyed, degraded, misused or
otherwise rendered unavailable,
would cause one or more
Interconnection Reliability Operating
Limits (IROLs) violations for failure to
operate as designed.
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
 New
1.11. Each remedial action scheme
 Amended
or automated switching system the
 Deleted
ISO identifies that operate bulk
electric system elements which, if
Amended NERC criterion 1.12 when
destroyed, degraded, misused or
drafting Alberta criterion 1.11 in
otherwise rendered unavailable,
accordance with the reliability standard
would cause one (1) or more
drafting principles to add clarity to the
interconnection reliability
criteria.
operating limits violations for failure
to operate as designed.
Clarified Alberta criterion 1.11 by
removing “Special Protection System
(SPS)”, used “remedial action scheme”.
1.13. Each system or Facility that
performs automatic load shedding,
without human operator initiation, of
300 MW or more implementing Under
Voltage Load Shedding (UVLS) or
Under Frequency Load Shedding
(UFLS) as required by the regional
load shedding program.
1.12 Each system or facility that
performs automatic load shedding,
without human operator initiation, of
three hundred (300) MW or more
implementing under voltage load
shed or underfrequency load
shedding as required by the regional
load shedding program.
1.14. Each control center or backup
control center used to perform the
functional obligations of the Reliability
Coordinator.
1.13 Each control center or backup
control center used to perform the
functional obligations of the Reliability
Coordinator.
1.15. Each control center or backup
control center used to control
generation at multiple plant locations,
for any generation Facility or group of
1.14 Each control center or backup
control center used to control
generation at multiple plant locations,
for any generating unit or
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
AESO Replies
 New
 Amended
 Deleted
Amended NERC criterion 1.13 when
drafting Alberta criterion 1.12 in
accordance with the reliability standard
drafting principles to add clarity to the
criteria.
 New
 Amended
 Deleted
NERC criterion 1.14 has been renumbered to Alberta criteria 1.13.
 New
 Amended
 Deleted
NERC criterion 1.15 contains two criteria
20
NERC 002-4a
generation Facilities identified in
criteria 1.1, 1.3, or 1.4. Each control
center or backup control center used
to control generation equal to or
exceeding 1500 MW in a single
Interconnection.
3
COMPARISON BETWEEN NERC CIP-002-4A AND ALBERTA CIP-002-AB-4A
CYBER SECURITY-CRITICAL CYBER ASSET IDENTIFICATION
Stakeholder Comments
CIP-002-AB-4a
Reason for Differences
(Insert comments here)
aggregated generating facility
that have been divided into Alberta 1.14
identified in criteria 1.1, 1.3 or 1.4.
and 1.15.
AESO Replies
1.15 Each control center or backup
control center used to control
generation equal to or exceeding
fifteen hundred (1500) MW.
1.16. Each control center or backup
control center used to perform the
functional obligations of the
Transmission Operator that includes
control of at least one asset identified
in criteria 1.2, 1.5, 1.6, 1.7, 1.8, 1.9,
1.10, 1.11 or 1.12.
1.16 Each control center or backup
control center used to perform the
functional obligations of an operator
of a transmission facility that
includes control of at least one (1)
critical asset identified in criteria 1.2,
1.5, 1.6, 1.7, 1.8, 1.9, 1.10 or 1.11.
1.17. Each control center or backup
control center used to perform the
functional obligations of the Balancing
Authority that includes at least one
asset identified in criteria 1.1, 1.3, 1.4,
or 1.13. Each control center or
backup control center used to perform
the functional obligations of the
Balancing Authority for generation
equal to or greater than an aggregate
of 1500 MW in a single
Interconnection.
1.17 Each control center or backup
control center used to perform the
functional obligations of the
balancing authority that includes at
least one (1) critical asset identified
in criteria 1.1, 1.3, 1.4 or 1.12.
 New
 Amended
 Deleted
Alberta Variance3: Changed reference
numbering to reflect that NERC 1.11
was removed since it referred to Nuclear
Plants.
 New
 Amended
 Deleted
NERC criterion 1.17 contains two criteria
that have been divided into Alberta 1.17
and 1.18.
1.18 Each control center or backup
control center used to perform the
functional obligations of the
balancing authority for generation
equal to or greater than an aggregate
of fifteen hundred (1500) MW.
An Alberta variance is a change from the US Reliability Standard that the AESO has determined is material.
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
21
Draft 2 Issued for Stakeholder Consultation: 2012-12-11
22