CIP-010

CIP-010

CIP-010 is part of the NERC Critical Infrastructure Protection (CIP) category of protection standards. This standard is intended to prevent and detect unauthorized changes to BES Cyber Systems through Configuration Change Management and Vulnerability Assessments. The standard is broad, covering areas of responsibilities that typically fall under multiple departments within an organization. Quanta Technology offers solutions for all of your CIP-010 needs. To maintain the reliability and resiliency of the grid, power system engineers routinely perform complex system performance analyses, which may include detailed simulations. Comprehensive power studies on a wide range of system conditions produce extensive amounts of raw data that quickly becomes overwhelming to comprehend. CORE® tools leverage the benefits of software automation to address the challenges in executing these studies as well as processing and interpreting the results.

Download NERC CIP-10 Compliance Flyer

Our Solutions

What is CIP-010

  • CIP-010 is part of the NERC Critical Infrastructure Protection (CIP) category of protection standards.
  • Intended to prevent and detect unauthorized changes to BES cyber systems through configuration change management and vulnerability assessments.
  • Scope of standard is broad, covering areas of responsibilities that typically fall under multiple business or operating units within an organization.
  • Protection and Control departments are typically required to address the following:
  • Development of baselines (R1.1) – content, management, form and format
  • Authorize and document changes that deviate from the baseline (R1.2) – detecting changes, addressing changes

Our Solution

  • Requirement R1.1 – Baselines
    • What goes into a baseline?
    • What strategy is used for categorization of baseline configurations? How will these be organized?
    • What form and format will the baseline take? How will they be stored?
  • Requirement R1.2 – Detection of Changes
    • What data will be compared to detect configuration changes?
    • What data will represent the applicable device configuration?
    • How will the comparison be performed?
  • Requirement R1.3 – Tracking of Changes
    • How will changes be tracked against the 30-day requirement?
  • Requirement R2 – Repeatability
  • The evaluation process may need to be repeated for applicable devices every 35 days

Papers

Do you have a question for Quanta Technology?

Have a question for us? We’d love to hear from you. Send us a message and we’ll get back to you as soon as possible.
Have a question for us? We’d love to hear from you. Send us a message and we’ll get back to you as soon as possible.

    Join The List

    Join Quanta Technology’s email list to get exclusive access to content, whitepapers, webinars and more!