Project

General

Profile

WG10FutureWork #5102

Control of LN.Mod without using MMS

Added by Michael Haecker about 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Start date:
10/08/2021
Due date:
02/08/2022
% Done:

100%

Estimated time:
Source:
WG 10
TF Unique ID:
WG10 Proposal:
Discuss in Upcoming Meeting:
No
Short Proposal:
Standard(s):

IEC 61850-7-2

Needs More Information:
Target edition:

Description

From WG 10 meeting October 2021, TF Golden SLD

For reasons of C/S users perfer to restrict traffic on process level busses to GOOSE and SV, no MMS. Without MMS, how to control LN.Mod, for activating the test mode, e.g.)?


Files

clipboard-202202091739-lqhhb.png View clipboard-202202091739-lqhhb.png 45.6 KB Christophe CAMELIS, 02/09/2022 10:39 AM

Proposal descriptions

Choices are decided by ESP.
Utilities should use (secure) MMS if needed (in order to change the LN.Mod).
Recommendations do not standardize how to use GOOSE for this.
GOOSE should not be used to switch Mod.
TF Golden SLD shall use MMS for this.

#1

Updated by Michael Haecker about 3 years ago

  • TF Unique ID deleted (WG 10 - 2021-10_1)
#2

Updated by Christophe CAMELIS almost 3 years ago

This issue has been discussed in TF Controls between functions teleconference, the 9th of December, 2021.
If MMS is not implemented, the only way to activate test mode with GOOSE will be to add additional transient DO SPS in the data model as illustrated in the figure attached
However, this is not a solution that we would like to promote. So, we don't plan to document it in TR.

#3

Updated by Dustin Tessier almost 3 years ago

Different Scenarios
1.All MMS Disabled – Utility Decision (NERC letter seeking clarification)
2.All MMS not supported – Vendor (Not an option)
3.MMS Controls Disabled - Utility Decision (NERC letter seeking clarification)
4.GOOSE Control without Security - Utility Decision (C.Camelis TF)
5.GOOSE Control with Security - Utility Decision (WG15 recommendation)
6.R-GOOSE without Security - Utility Decision (Need to more guidelines and conformance testing)
7.R-GOOSE with Security - Utility Decision (WG15 recommendation)

#4

Updated by Carlos Rodriguez del Castillo almost 3 years ago

  • Status changed from Accepted to In Progress
  • Discuss in Upcoming Meeting changed from Yes to No

After WG10 plenary discussion on 11th February 2022, the only standardized way of executing control model is by MMS except for control between C-LN and process interface logical nodes as defined in 7-4/7-500.

#5

Updated by Carlos Rodriguez del Castillo almost 3 years ago

  • Assignee changed from Michael Haecker to Herbert Falk
#6

Updated by Herbert Falk almost 3 years ago

As assigned, I have contacted NERC via email and have had a verbal discussion with the compliance department. The question I asked was:

"The basic question is, with appropriate mitigations and processes in place, does NERC CIP allow the use of routable protocols regardless of the BES clarification (e.g. High, Medium, and Low)?:

As I expected, the verbal response was of course it is allowed. A formal response is forthcoming.

#7

Updated by Herbert Falk almost 3 years ago

Here is the response from NERC Compliance:

"
Thanks for the question. The NERC CIP Standards do not prohibit registered entities from using routable protocols for BES Cyber Systems (High, Medium, or Low). However, the Standards do require additional controls for the BES Cyber Systems that are using routable protocols, and those are outlined in each Standard/Requirement. For example, CIP-007-6 R1, Part 1.1. outlines additional controls for medium impact BES Cyber Systems with External Routable Connectivity, among others.

Let me know if you have any further questions.

Lonnie

Lonnie J Ratliff, CISSP, CISA
Senior Manager, Cyber and Physical Security Assurance
North American Electric Reliability Corporation

"

#8

Updated by Vladan Cvejic over 2 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100
  • Proposal descriptions updated (diff)

Also available in: Atom PDF