Control systems are NERC Compliant – buyer beware

Jan. 7, 2009
Many IT and control system vendors are claiming to offer NERC CIP-compliant products.  That makes for great marketing hype. However, the NERC CIPs are written for end-users to validate their comprehensive security program, not for vendors. In the January issue of Power Magazine, Dr. Bob Peltier states: “…the (Siemens) T3000 (DCS) is fully compliant with NERC Standards CIP-002 - CIP-009…”. This obviously makes no sense. For example, CIP-002 is Critical Cyber Asset Identification and CIP-008 is Incident Reporting and Response Planning.
Many IT and control system vendors are claiming to offer NERC CIP-compliant products.  That makes for great marketing hype. However, the NERC CIPs are written for end-users to validate their comprehensive security program, not for vendors. In the January issue of Power Magazine, Dr. Bob Peltier states: “…the (Siemens) T3000 (DCS) is fully compliant with NERC Standards CIP-002 - CIP-009…”. This obviously makes no sense. For example, CIP-002 is Critical Cyber Asset Identification and CIP-008 is Incident Reporting and Response Planning. What does this have to do with equipment vendors and their products? End-users need to ask the right questions. Joe Weiss

Sponsored Recommendations

Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...