Document name
Guideline Template
Category
( ) Regional Reliability Standard
( ) Regional Criteria
( ) Policy
(X) Guideline
( ) Report or other
( ) Charter
Document date
Adopted/approved by
Date adopted/approved
Custodian (entity
responsible for maintenance
and upkeep)
Stored/filed
Physical location:
Web URL:
Previous name/number
(if any)
Status
( ) in effect
( ) usable, minor formatting/editing required
( ) modification needed
( ) superseded by _____________________
( ) other _____________________________
( ) obsolete/archived
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103 -1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 2 of 8
Forward
This guideline was written for the purposes of providing the WECC membership with a
reasonably flexible common risk assessment methodology, evaluation criteria, and
documentation of the electrical impact resulting after a successful physical attack on an
applicable substation compliance with NERC Reliability Standard CIP-014-1 R1.
Use of a common methodology promotes consistency across the region, and provides a
common understanding between the Transmission Owner responsible for performing
the risk assessment and the third parties evaluators that must verify the results of the
assessment (R3), and Reliability Entity auditors responsible for compliance
enforcement.
Beyond the range of CIP-014-1 resiliency and therefore outside of the range of this
guideline is the possibility that all TOs have to face a successful attack on a substation
or switching station would result with a new system normal. The station would be out of
service for possibly multiple seasons, system adjustments including de-rated
transmission schedule, and SOL limits. Load service will have to be reestablished at
other stations. TOs should consider performing outages against the new system normal
and evaluate the performance of this new system.
2|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 3 of 8
Technical Studies Subcommittee:
CIP-014-1 Date: mmmm dd, yyyy
Background
On March 7, 2014, the Federal Energy Regulatory Commission issued an order
(Reliability Standards for Physical Security Measures, 146 FERC ¶ 61,166) directing the
North American Electric Reliability Corporation (NERC) to develop one or more physical
security reliability standards to identify and protect facilities that if rendered inoperable
or damaged could result in instability, uncontrolled separation, or cascading within an
Interconnection. Transmission Owners will be required to perform a risk assessment on
identified facilities. Once identified owners and operators of those identified critical
facilities will be required to develop, validate, and implement plans to protect their
facilities against physical attacks that may compromise the operability or recovery of
such facilities.
Purpose Statement
This guideline is intended to provide WECC membership with additional technical
expertise used for performing the required risk assessment analysis in R1 of the
proposed CIP-014-1 standard.
Transmission Owners following this guideline will have a common methodology to use
when assessing the risk of whether or not a physical attack on their transmission
substation(s) will result in instability, uncontrolled separation, or cascading failures.
This guideline is intended to be in addition to the knowledge and expertise specific to
the unique characteristics of the applicable facilities. This Guideline provides a
consistent and objective risk assessment analysis methodology for the entire region
comprehensive enough for unaffiliated third-party reviewer to be able to agree with the
study conclusions.
3|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 4 of 8
Applicability
Requirement 1 of NERC CIP-014-1 requires Transmission Owners (TO) to study the
impact of the loss of any 500-kV Transmission Substation or Transmission Station. CIP014-1 also requires TOs to consider any applicable transmission stations operated
between 200 kV and 499 kV that have an aggregate weighted value exceeding 3000
based on the “weighted value per line” combined with the total number of connected
transmission lines to the station or substation.
Voltage Value of a Line
Weight Value per Line
less than 200 kV (not applicable)
(not applicable)
200 kV to 299 kV
700
300 kV to 499 kV
1300
500 kV and above
0
Table from CIP-014-1 Physical Security
In addition to meeting the weighted aggregate also included is any transmission station
or substation that has been identified by the Reliability Coordinator, Planning
Coordinator or Transmission Planner as critical to derivation of an Interconnection
Reliability Operating Limit and any associated contingencies. No facilities under the
scope of a security plan approved by the Nuclear Regulatory Commission or Canadian
Nuclear Safety Commission are subject to this standard, including any Facilities
identified as essential to meeting Nuclear Plant Interface Requirements.
4|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 5 of 8
CIP-014-1_Requirement 1
R1. Each Transmission Owner shall perform an initial risk assessment and subsequent
risk assessments of its Transmission stations and Transmission substations
(existing and planned to be in service within 24 months) that meet the criteria
specified in Applicability Section 4.1.1. The initial and subsequent risk
assessments shall consist of a transmission analysis or transmission analyses
designed to identify any Transmission station(s) and Transmission substation(s)
that if rendered inoperable or damaged could result in instability, uncontrolled
separation, or Cascading within an Interconnection. [VRF: High; Time-Horizon:
Long-term Planning]
1.1. Subsequent risk assessments shall be performed:

At least once every 30 calendar months for a Transmission Owner that
has identified in its previous risk assessment (as verified according to
Requirement R2) one or more Transmission stations or Transmission
substations that if rendered inoperable or damaged could result in
instability, uncontrolled separation, or Cascading within an
Interconnection; or

At least once every 60 calendar months for a Transmission Owner that
has not identified in its previous risk assessment (as verified according to
Requirement R2) any Transmission stations or Transmission substations
that if rendered inoperable or damaged could result in instability,
uncontrolled separation, or Cascading within an Interconnection.
1.2. The Transmission Owner shall identify the primary control center that
operationally controls each Transmission station or Transmission substation
identified in the Requirement R1 risk assessment.
5|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 6 of 8
GUIDANCE CIP-014-1_R1
TOs following this document when performing the required risk analysis will develop
their own dated and deliverable document for third party review. The documentation
should be sufficiently detailed enough for a third party reviewer to validate the
methodology and endorse the results. The analysis shall identify the impact to the BES
of the total loss of an “applicable” substations identified through either by the weighted
aggregation or has been identified by the Reliability Coordinator or other entity as a
critical facility to the derivation of an Interconnection Reliability Operating Limit, or has
been added by an applicable governmental authority or other appropriate federal entity
are rendered inoperable or damaged.
Base Cases
TOs shall perform the risk assessment on at least one case and use its own judgment
when reasoning the need to perform additional seasonal cases. WECC Operating
Cases available: Heavy Summer, Heavy Winter, Light Summer, and Light Winter).
WECC produces 5 year planning cases in addition to operating cases and recommends
them for use in this screening or a modified Operating Case to represent the 24 month
period. TOs are strongly encouraged to draw on their own knowledge of the system
and run the risk assessment on the most stressed load/generation or transfer scenario
with load levels adjusted for their Balancing Authority. TOs are encouraged to provide
justification on their choice of base case(s) used for this risk assessment to benefit third
party review.
Initial Screening Steady State Power Flow:
At a minimum the risk assessment should include:

Removal of all lines to a single Critical Facility
Based on the TOs engineering judgment the risk assessment for critical facilities shall
include one or more of the following class of outages:



Loss of substation yard, 500 kV and/or applicable 230 kV voltage level
Loss of switching station
Loss of entire station, all voltage levels, all devices including:
o shunt device
o Failure of a fully redundant Special Protection System (or Remedial Action
Scheme) located in its entirety at the critical facility.
6|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 7 of 8
o Operation, partial operation, or misoperation of a fully redundant Special
Protection System (or Remedial Action Scheme) in response to an event
or abnormal system condition for which it was not intended to operate
o Mitigation of all facilities overload greater than indicated by PRC-023-1 R1
(test for cascading)
If the results of the steady state Powerflow analysis screening identify substations
critical to the security of the BES, dynamic analysis may not be necessary (at the
discretion of the TO). Cases with diverged solutions need to be investigated in more
detail as to why the outage did not yield a solution (i.e. checked for numerical issues).
Definition: Steady State Cascading
Cascading (uncontrolled separation): The loss of an entire applicable substation in a
steady state analysis resulting in overloads that cannot be mitigated by the interruption
of Firm Transmission Service, redistribution of generation including RAS actions
available, or through the loss of Non-Consequential Load contained within a Balancing
Area. TOs are encouraged to engage with their neighboring TOs to determine if load
loss between BA’s is tolerable under the circumstances. TOs are encouraged to
provide a justification for the mitigation actions taken.
Uncontrollable separation or resulting in cascading overloads can be identified from one
or more of the following performance indicators.
1. A true divergent power flow solution not indicative of a numerical divergence.
2. Voltage collapse indicators with low voltages that initiate UVLS or other safety
nets to maintain the system integrity.
Transient Analysis:
Following the loss of an entire applicable substation achieved by zone 2 clearing. Risk
assessment could include one or more of the following categories of outages:

3Ø Fault On each line connected to an applicable substation on the critical
facilities list, with Delayed Clearing (stuck breaker or protection system failure):

Communications failures

Any Special Protection System (or Remedial Action Scheme) located at the
station being fails to function.

Operation, partial operation, or misoperation of a fully redundant Special
Protection System (or Remedial Action Scheme) in response to an event or
abnormal system condition for which it was not intended to operate
7|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918
Month Day, Year
CIP-014-1 Guidance Document
Page - 8 of 8
Definition: Transient Stability
Transient Stability: Outage results should demonstrate generator rotor angle,
Oscillation recovery, voltage deviations should settle within acceptable post transient
deviation limits, frequency oscillations should dampen by the end of 20 seconds.
Definition: Transmission Station
The terms “Transmission stations” and “Transmission substations” are sometimes used
interchangeably
NERC states that, the term “Transmission Station” to refer to a facility contained within a
physical border (e.g., a fence or wall) that contains one or more autotransformers. Id.
According to NERC, the term “Transmission station,” as used in the proposed Reliability
Standard, refers to a facility that functions as a switching station or switchyard but does
not contain autotransformers.
Reference:

NERC Reliability Standards
o CIP-002-5.1
o CIP-014-1
o TPL-001-4
o PRC-023-1
8|Page
W E S T E R N E L E C T R I C I T Y C O O R D I N A T I N G C O U N C I L • W W W . W E C C . B I Z
155 NORTH 400 WEST • SUITE 200 • SALT LAKE CITY • UTAH • 84103-1114 • PH 801.582.0353 • FX 801.582.3918