SUBNET Solutions Inc - Making Substations More Intelligent
Call: 1.403.270.8885
NERC CIP Solutions
SUBNET CCE BROCHURE
CCE Brochure Download
Continuous Current Evolution (CCE)
WHITE PAPER DOWNLOAD
White Paper Download
Manage Utility IEDs Remotely...
NEWSLETTER
SUBNET Newsletter
The latest in smart grid technology

CIP-005 Electronic Security Perimeter(s): NERC CIP Standard

SUBNET PowerSYSTEM Center software application helps electrical utilities create and maintain an Electronic Security Perimeter as outlined by NERC CIP-005 standard. PowerSYSTEM Center maintains a single point of access from outside the Electronic Security Perimeter to a server running inside the perimeter. SUBNET’s SubSTATION Server and DialupGUARDIAN products also help protect communication endpoints by providing secure links between perimeters.

Purpose:
Standard CIP-005 requires the identification and protection of the Electronic Security Perimeter(s) inside which all Critical Cyber Assets reside, as well as all access points on the perimeter. Standard CIP-005 should be read as part of a group of standards numbered Standards CIP-002 through CIP-009.

Requirements:
Electronic Security Perimeter — The Responsible Entity shall ensure that every Critical Cyber Asset resides within an Electronic Security Perimeter. The Responsible Entity shall identify and document the Electronic Security Perimeter(s) and all access points to the perimeter(s).

Access points to the Electronic Security Perimeter(s) shall include any externally connected communication end point (for example, dial-up modems) terminating at any device within the Electronic Security Perimeter(s).

For a dial-up accessible Critical Cyber Asset that uses a non-routable protocol, the Responsible Entity shall define an Electronic Security Perimeter for that single access point at the dial-up device.

Communication links connecting discrete Electronic Security Perimeters shall not be considered part of the Electronic Security Perimeter. However, end points of these communication links within the Electronic Security Perimeter(s) shall be considered access points to the Electronic Security Perimeter(s).

Any non-critical Cyber Asset within a defined Electronic Security Perimeter shall be identified and protected pursuant to the requirements of Standard CIP-005.

Cyber Assets used in the access control and/or monitoring of the Electronic Security Perimeter(s) shall be afforded the protective measures as a specified in Standard CIP-003; Standard CIP-004 Requirement R3; Standard CIP-005 Requirements R2 and R3; Standard CIP-006 Requirement R3; Standard CIP-007 Requirements R1 and R3 through R9; Standard CIP-008; and Standard CIP-00.

The Responsible Entity shall maintain documentation of Electronic Security Perimeter(s), all interconnected Critical and non-critical Cyber Assets within the Electronic Security Perimeter(s), all electronic access points to the Electronic Security Perimeter(s) and the Cyber Assets deployed for the access control and monitoring of these access points.

Electronic Access Controls — The Responsible Entity shall implement and document the organizational processes and technical and procedural mechanisms for control of electronic access at all electronic access points to the Electronic Security Perimeter(s).

Monitoring Electronic Access — The Responsible Entity shall implement and document an electronic or manual process(es) for monitoring and logging access at access points to the Electronic Security Perimeter(s) twenty-four hours a day, seven days a week.

Cyber Vulnerability Assessment — The Responsible Entity shall perform a cyber vulnerability assessment of the electronic access points to the Electronic Security Perimeter(s) at least annually.

Documentation Review and Maintenance — The Responsible Entity shall review, update, and maintain all documentation to support compliance with the requirements of Standard CIP-005-2.

Visit the NERC website for more details regarding Critical Infrastructure Protection Standards.

Learn more about how SUBNET can help you meet NERC CIP standards with PowerSYSTEM Center.





Visit the following links to learn more about NERC CIP standards and how SUBNET can help you to comply.

Home > Skip Navigation LinksSolutions > NERC CIP > CIP-005 Electronic Security Perimeter
© 2016 SUBNET Solutions Inc. Terms of Use   Privacy Policy   Contact Us  Resources 
------------------------------