southwest power pool, inc. security working group … q2 meeting minutes and... · mr. glunz’s...

Antitrust: SPP strictly prohibits use of participation in SPP activities as a forum for engaging in practices or communications that violate the antitrust laws. Please avoid discussion of topics or behavior that would result in anti-competitive behavior, including but not limited to, agreements between or among competitors regarding prices, bid and offer practices, availability of service, product design, terms of sale, division of markets, allocation of customers or any other activity that might unreasonably restrain competition.

Southwest Power Pool, Inc.

SECURITY WORKING GROUP MEETING

June 25, 2019 9:00 a.m. to 3:00 p.m.

Hosted at GRDA - Ecosystems and Education Center

420 HWY OK-28, Langley, OK 74350

• Summary of Action Items •

1. Michael Goad to request registration for Q3 September 19th meeting to begin at 8:00am CST,

moving from 9:00am CST

2. Michael Goad to move SECWG Incident Response Procedures Q2 agenda item to Q3 September

19th meeting due to lack of time

3. Eric Ervin will schedule meeting with MOPC staff regarding Security Working Group value and

reporting structure

1 of 67




June 25, 2019 9:00 a.m. to 3:00 p.m.



• M I N U T E S •

Agenda Item – Administrative Items

Eric Ervin (Evergy) called the 2019 Q2 SPP Security Working Group (SECWG) meeting to order at 9:02 am CST and welcomed all attendees. Major Chris Carlson (GRDA Police) performed safety briefing and Chief Brian Edwards (GRDA Police) welcomed attendees to GRDA Ecosystems and Education Center and Grand Lake. Mr. Ervin welcomed new SECWG Members Jodi Jensen (WAPA) and Ian Anderson (OGE). There were 40 in-person participants and 28 teleconference participants. (Attachment – Attendance List) Michael Goad (SPP) reviewed the Antitrust Reminder and conducted roll call of SECWG Members and Receipt of Proxies. (Attachment – Proxies) Mr. Goad reviewed the Action Items and current status. There were no updates. Mr. Ervin proposed time change to start meetings 8:00am. The group decided to review future meeting start times during the Future Meeting section of Agenda. Group agreed Q3 September meeting to start at 8:00am CST. Mr. Ervin reviewed the proposed agenda with the group. There were minor changes to include correcting presenter’s name. Ron Bender (NPPD) motioned to approve the agenda and Ian Anderson (OGE) seconded. There were no abstentions or opposition. (Attachment – Agenda) The minutes from the February 26, 2019 Q1 SECWG meeting were approved. Steve Arnold (Indep. P&L) motioned to approve the agenda and Phil Clark (AECC) seconded. There were no abstentions or opposition. (Attachment – Meeting Minutes)

2 of 67


SPP SECWG Minutes June 25, 2019

Agenda Item 4 – MRO SAC Update John Hochevar (ATC) presented overview of MRO Security Advisory Committee (SAC) to include review of purpose, roster and goals. Mr. Hochevar is the current chair of MRO SAC. Important dates are:

Council meetings: September 26th

Security Conference and Training: September 24th and 25th

Regional Security Risk Assessment: September 26th Questions can be directed to Estee J. Kolles at [email protected] Mr. Hochevar’s presentation can be found in meeting materials. Agenda Item 5 – GridEx V Update Amber Wallace (SPP) updated on GridEx V planning and preparations. Nine SPP Members will participate with SPP along with 300 SPP staff. More information can be found on SPP’s website at https://www.spp.org/gridex/ or email [email protected] Agenda Item 6 – Physical Security – Drone Threat Glenn Moore (DHS) presented on DHS Cybersecurity and Infrastructure Security Agency and the threat of flying drones. Mr. Moore discussed drone uses, technology and capabilities. FAA no-fly zone guidelines can be found here: https://www.faa.gov/uas/recreational_fliers Mr. Moore’s presentation can be found in meeting materials. Agenda Item 7 – GRDA Police & Partnership with FBI Lissa Kennedy (FBI) presented on the evolving threat landscape. Ms. Kennedy reviewed tactics and targets of terrorist. She also discussed domestic and global terrorism. Ms. Kennedy is a GRDA officer assigned to the FBI for the Oklahoma FBI Joint Terrorism Task Force. Chris Harper (GRDA PD) presented on local threats and partnership with FBI. Tyler Cooper (GRDA PD) presented on tactics used by police force for investigation. Any follow up questions can be sent to: Lissa Kennedy: [email protected] Chris Harper: [email protected] or Tyler Cooper: [email protected]

3 of 67



Agenda Item 8 – IT/OT Convergence Discussion Pat Glunz, (NPPD) presented on NPPD’s IT/OT convergence process to include challenges and successes of convergence. Mr. Glunz discussed the importance of multiple groups participating in process and getting buy-in of all groups involved. Mr. Glunz’s presentation can be found in meeting materials. Agenda Item 9 – CIPC Update (CIP-008-02 / FERC Order 848 Update) Eric Ervin (Evergy) presented high-level notes on NERC CIPC Meeting held June 4th – 5th in Orlando, FL. John Breckenridge (Evergy) provided an update on Project 2018-02 Modifications of CIP-008. Mr. Breckenridge updated on June 20th approval and highlighted entities need to define attempt to compromise. Mr. Breckenridge is on the 2018-02 SDT. CIPC Agenda can be found in meeting materials. CIPC Meeting Presentations can be found here: https://www.nerc.com/comm/CIPC/Agendas%20Highlights%20and%20Minutes%202013/CIPC_Meeting_Presentations_June_2019.pdf Agenda Item 10 – SECWG Incident Response Procedures Agenda Item moved to Q3 September 19th meeting. Agenda Item 11 – SECWG value/reporting to MOPC Eric Ervin (Evergy) led discussion on SECWG value and reporting to MOPC. The group discussed options such as quarterly reports to MOPC or reporting on current threats in CIP industry. The group agreed no report is needed and value of Working Group is in presentations and networking. Mr. Ervin will schedule meeting with MOPC staff. Agenda Item 12 – Action Items Michael Goad (SPP) reviewed action items captured during meeting.

4 of 67



Agenda Item 13 – SECWG Future Meetings Eric Ervin (Evergy) reviewed upcoming SECWG meeting dates and locations.

Q3 September 19, 2019 Dallas, TX hosted by SPP Q4 December 17, 2019 Virtual WebEx

Phil Clark (AECC) motioned to adjourn open session and move to Executive session, Daniel Moore (WFEC) seconded. Eric Ervin (Evergy) adjourned the meeting at 12:28pm. Executive Session Agenda Items – Round Table Discussion A “pens down” roundtable discussion was conducted. This is an opportunity for meeting attendees to bring up any comments, experiences, or other topics for discussion with an expectation that the discussion will not leave the room. Eric Ervin (Evergy) adjourned the Executive Session at 2:48pm. Respectfully submitted, Michael P. Goad, SECWG Staff Secretary

5 of 67

6 of 67

7 of 67

WebEx Call-In Summary

Participants:

Steve Kerrin (Jun 25, 2019 10:40 am - Jun 25, 2019 11:31 am)

Amber Tate (Jun 25, 2019 8:57 am - Jun 25, 2019 11:39 am)

John Allen (Jun 25, 2019 8:57 am - Jun 25, 2019 12:07 pm)

Josh Powers (Jun 25, 2019 10:41 am - Jun 25, 2019 12:08 pm)

Troy Hlavaty(LES) (Jun 25, 2019 9:04 am - Jun 25, 2019 12:31 pm)

Kelly Crist (EDPR_ (Jun 25, 2019 9:56 am - Jun 25, 2019 12:44 pm)

Allen Kent (Jun 25, 2019 9:14 am - Jun 25, 2019 12:34 pm)

Steen Fjalstad (MRO) (Jun 25, 2019 9:16 am - Jun 25, 2019 12:34 pm)

Mike Kraft (BEPC) (Jun 25, 2019 8:55 am - Jun 25, 2019 12:34 pm)

Nita Dickerson (Jun 25, 2019 8:55 am - Jun 25, 2019 12:34 pm)

Gary Burget (Jun 25, 2019 9:21 am - Jun 25, 2019 12:35 pm)

Mike Buyce (SPRM) (Jun 25, 2019 10:00 am - Jun 25, 2019 12:33 pm)

Shonda McCain (Jun 25, 2019 8:54 am - Jun 25, 2019 12:44 pm)

Michael Goad (Jun 25, 2019 8:43 am - Jun 25, 2019 12:44 pm)

Amber Wallace (Jun 25, 2019 8:53 am - Jun 25, 2019 12:44 pm)

Mike Fitzpatrick (Jun 25, 2019 8:55 am - Jun 25, 2019 12:44 pm)

David Heins (Jun 25, 2019 8:55 am - Jun 25, 2019 12:44 pm)

Troy Hlavaty(LES) (Jun 25, 2019 9:02 am - Jun 25, 2019 9:04 am)

Josh Powers (Jun 25, 2019 8:44 am - Jun 25, 2019 9:55 am)

John Hochevar, ATC (Jun 25, 2019 8:51 am - Jun 25, 2019 10:02 am)

Mike Johnson (Jun 25, 2019 9:02 am - Jun 25, 2019 10:30 am)

Steve Kerrin (Jun 25, 2019 9:01 am - Jun 25, 2019 10:34 am)

Janet Wise (Jun 25, 2019 8:57 am - Jun 25, 2019 12:44 pm)

Ted (Jun 25, 2019 8:59 am - Jun 25, 2019 12:44 pm)

Mike Johnson (Jun 25, 2019 11:15 am - Jun 25, 2019 12:44 pm)

Jamie Strickland (Jun 25, 2019 9:02 am - Jun 25, 2019 12:44 pm)

Bret Hammer (Jun 25, 2019 9:13 am - Jun 25, 2019 12:44 pm)

Ron Bender (Jun 25, 2019 9:16 am - Jun 25, 2019 12:44 pm)

John Biasi (Jun 25, 2019 9:28 am - Jun 25, 2019 12:44 pm)

Call-in numbers:

4025525641, 2625068935, 2207, 4025525645, 5805813039, 4178639000, 9188583896, 9187823382,

8168968902

8 of 67

SPP SECWG Members-Proxies Meeting Date June 25, 2019

FIRST LAST MEMBER PROXY ATTENDANCE

Amanda Gray Member Grand River Dam Authority Present

Chad Wasinger Member Sunflower Electric Power Corporation Present

Daniel Moore Member Western Farmers Electric Cooperative Present

David Trojan Member ITC Present

Eric Ervin Chair Evergy Present

Ian Anderson Member Oklahoma Gas and Electric Present

Jodi Jensen Member Western Area Power Admin. Present

Michael Goad Staff Secretary Southwest Power Pool Present

Mike Buyce Member City Utilities of Springfield Present

Mike Fitzpatrick Member Omaha Public Power District Present

Nita Dickerson Member Goff & Herrington PC representing NE Texas Electric Coop. Present

Paul Sprague Member Board of Public Utilities of Kansas City, KS Robert Gray Present

Phil Clark Vice Chair Arkansas Electric Cooperative Corporation Present

Ron Bender Member Nebraska Public Power District Present

Shawn Eck Member Empire District Electric Present

Steve Arnold Member Independence Power & Light Present

Ted Bowen Member AEP/PSO Present

9 of 67




June 25, 2019 9:00 a.m. to 3:00 p.m.



• A G E N D A •

ADMINISTRATIVE ITEMS

1. Call to Order and Welcome ………………………….……….……………………….. Eric Ervin, Evergy (25 min)

Host Welcome and Safety Update - Amanda Gray, GRDA

Antitrust Reminder & Notice of Observers - Michael Goad, SPP

Receipt of Proxies - Michael Goad, SPP

Review of Past Action Items - Michael Goad, SPP

Future Logistics & Scheduling – Eric Ervin, Evergy

2. Review 2019 Q1 Minute Meetings (Approval Item) …………..…………….. Eric Ervin, Evergy (2 min)

3. Review of Agenda (Approval Item) …………………………..……..………………. Eric Ervin, Evergy (2 min)

AGENDA ITEMS

4. MRO SAC Update …………………….…….……………………….………………… John Hochevar, ATC (20 min)

5. GridEx V Update ………………….…….… John Breckenridge, Evergy & Amber Wallace, SPP (15 min)

6. Physical Security – Drone Threat ……………..…….………..……………..….. Glenn Moore, DHS (30 min)

7. GRDA Police & Partnership with FBI ... Lissa Kennedy, Chris Harper & Tyler Cooper, GRDA (60 min)

8. IT/OT Convergence Discussion ……………...….…..……………………….………. Pat Glunz, NPPD (30 min)

9. NERC CIPC Update ………..……………………..….……………………….……………… Eric Ervin, Evergy (5 min)

10. SECWG Incident Response Procedures …….… Eric Ervin, Evergy & Michael Goad, SPP (10 min)

11. SECWG value/reporting to MOPC …….…………………………..………..…… Eric Ervin, Evergy (15 min)

SUMMARY OF ACTION ITEMS

12. Action Items …………………………..….………………………………….…..……….. Michael Goad, SPP (2 min)

FUTURE MEETINGS

13. Future Meetings and adjournment .................................................... Eric Ervin, Evergy (1 min)

Q3 September 19, 2019 Dallas, TX hosted by SPP

Q4 December 17, 2019 Virtual WebEx

EXECUTIVE SESSION (SPP Staff and SPP Member Companies Only)

14. Additional Topics & Round Table Discussions …………………………………………………................ All

15. Adjournment ................................................................................................ Eric Ervin, Evergy

10 of 67




February 26, 2019 9:00 a.m. to 3:00 p.m.

Hosted at Evergy

1200 Main Street Kansas City, MO 64105

• Summary of Action Items •

1. No Action Items recorded

11 of 67




February 26, 2019 9:00 a.m. to 3:00 p.m.

Hosted at Evergy

1200 Main Street Kansas City, MO 64105

• M I N U T E S •

Agenda Item 1 – Administrative Items

Eric Ervin (Evergy) called the 2019 Q1 SPP Security Working Group (SECWG) meeting to order at 9:01 am and welcomed all attendees. John Breckenridge (Evergy) performed safety briefing. There were 53 in-person participants and 27 teleconference participants. (Attachment – Attendance List) Michael Goad (SPP) reviewed the Antitrust Reminder and conducted roll call of SECWG Members and Receipt of Proxies. (Attachment – Proxies) Mr. Ervin welcomed two new SECWG Members, Ted Bowen (AEP/PSO) and David Trojan (ITC). Mr. Ervin reviewed the proposed agenda with the group. There were minor changes to include adjusting agenda item order. Ron Bender (NPPD) motioned to approve the agenda and Chad Wasinger (Sunflower) seconded. There were no abstentions or opposition. (Attachment – Agenda) The minutes from the December 18, 2018 Q4 SECWG meeting were approved. Daniel Moore (WFEC) motioned to approve the agenda and Mike Buyce (City Utilities) seconded. There were no abstentions or opposition. (Attachment – Meeting Minutes) Mr. Goad reviewed the Action Items and current status.

1. Michael Goad (SPP) will send out email to solicit nominations for vacant SECWG Member seat. COMPLETED. 2. Michael Goad (SPP) will send out email communication to SECWG Members regarding moving 2019 Q1 meeting from March 12th to February 26th. Time and location will remain the same. COMPLETED. 3. Michael Goad (SPP) will provide 2019 MRO Security Conference dates as part of Meeting Materials. COMPLETED.

12 of 67


SPP SECWG Minutes February 26, 2019

Agenda Item 2 – Evergy Cyber Threat Operations Center Melissa Spicer & Paul Schmiege (Evergy) presented on Evergy’s Cyber Threat Operations Center (CTOC). Ms. Spicer gave an overview of the CTOC. Mr. Schmiege presented on the design and implementation of the TOC. He then discussed staffing, procedures and toolsets. Mr. Schmiege recommended SAN MGT517 as a guidance when building out a SOC/TOC to include developing a charter prior to creating responsibilities. No presentation slides provided. Any comments or questions can be emailed to Paul Schmiege, Evergy, at [email protected] Agenda Item 3 – Physical Security Discussion Steve Arnold (IP&L) and John Breckenridge (Evergy) lead group in open discussion on physical security controls. Mr. Breckenridge presented on physical security concepts and strategies to include video of controls protecting as expected. Presentation slides included in Meeting Material. Any follow up questions or further discussions can be emailed to Steve Arnold at [email protected] and/or Brock Kelley at [email protected] Agenda Item 4 – Optiv Threat Briefing David Cardwell (Optiv) presented on Cybersecurity’s Future. Presentation included the reality of today, evolution of threats and initiative to make us successful. Presentation slides included in Meeting Material. Any questions or comments email David Cardwell, Optiv, at [email protected] Agenda Item 5 – SEEDS SPARTAN Program Philip Huff & Dr. Qinghua Li (Univ. of Arkansas System) presenting on the SEEDS SPARTAN Automated Security Vulnerability and Patch Management Tool and partnership with Dept. Of Energy. Mr. Huff gave an overview of the SPARTAN and how it saves time and resources. Dr. Li discussed the technical overview of tool and the machine learning approach taken. Contact either to find out how to get involved. No presentation slides provided. Any questions or comments email Philip Huff at [email protected] and/or Dr. Li at [email protected]

13 of 67


SPP SECWG Minutes February 26, 2019

Agenda Item 6 – SECWG Future Meetings Eric Ervin (Evergy) reviewed upcoming SECWG meeting dates and locations.

Q2 June 25, 2019 Langley, OK hosted by GRDA Q3 September 19, 2019 Dallas, TX hosted by SPP Q4 December 17, 2019 Virtual WebEx

Agenda Item 7 – CIP-008-02 / FERC Order 848 Update John Breckenridge (Evergy) provided an update on Project 2018-02 Modifications of CIP-008. Mr. Breckenridge updated awaiting FERC approval and then expected timeline of 18 months. Mr. Breckenridge in on the 2018-02 SDT. Further information can be found on NERC website: https://www.nerc.com/pa/Stand/Pages/Project-2018-02-Modifications-to-CIP-008-Cyber-Security-Incident-Reporting.aspx Eric Ervin (Evergy) adjourned the meeting at 12:38pm. Executive Session Agenda Items – Round Table Discussion A “pens down” roundtable discussion was conducted. This is an opportunity for meeting attendees to bring up any comments, experiences, or other topics for discussion with an expectation that the discussion will not leave the room. Eric Ervin (Evergy) adjourned the Executive Session at 2:22pm. Respectfully submitted, Michael P. Goad, SECWG Staff Secretary

14 of 67

MRO Security Advisory Council

(SAC)

2019 Update

John Hochevar, American Transmission Company

MRO SAC Chair

June 25th, 2019

15 of 67

Charter - Purpose

The Midwest Reliability Organization Security Advisory Council (MRO SAC) is an MRO Organizational Group that provides advice and counsel to MRO's Board of Directors, staff, members, and registered entities regarding:

(1) Cybersecurity;

(2) Physical Security; and

(3) SCADA, EMS, substation and generation control systems.

The MRO SAC provides outreach and promotes awareness in these three key security areas.

16 of 67

Organizational Structure

17 of 67

2019 MRO SAC Roster

18 of 67

Goals and Guiding PrinciplesGoals

• Be accountable to the MRO Organizational Group Oversight Committee (OGOC)

• Serve as a topical expert to primary constituents

• Provide outreach to primary constituents

• Increase awareness pf security related resources to primary constituents

Guiding Principles

19 of 67

What have we done so far in 2019?

Webinars

• Introduction to Neighborhood Keeper, February 15, 2019 - Rob Lee, Dragos

• Suspicious Packages and Bomb Threat Considerations, May 30, 2019 - John Breckenridge, MRO SAC

Member

Newsletters

• Suspicious Packages and Bomb Threat Considerations - John Breckenridge

• Security Advisory Council Weekly Threat Call Update - Mike Kraft, MRO SAC member

• Leveraging Relationships Among Electric Utilities and Law Enforcement - Chris Carlson, MRO SAC

Member

• Save the Date for the MRO SAC Security Conference - John Hochevar, MRO SAC Chair

20 of 67

https://www.mro.net/Lists/Calendar/DispForm_New.aspx?ID=331


What have we done so far in 2019?Monthly Emails

21 of 67

What have we done so far in 2019?

Weekly Threat Call

• Currently 153 participants covering 53 organizations

• 18% increase in membership since the beginning of the year

Approved two CIPC nominations

• John Breckenridge, Physical Security (Voting)

─ Replaces Paul Crist (Physical voting member – term expiration)

• Paul Crist, Cybersecurity (Alternate)

─ Replaces John Hochevar (Cybersecurity alternate – term expiration)

22 of 67

What’s left for 2019?Webinars

• A Tale of Two Phishing Programs – Seth Bross, OGE Energy Corporation, Tammy Retzlaff and Jamie Arndt, American

Transmission Company, to be hosted on July 11, 2019 from 1:00 p.m. to 2:00 p.m., Registration is open

• Leveraging Relationships Among Electric Utilities and Law Enforcement – Chris Carlson, MRO SAC Member on July

25, 2019 from 10:00 a.m. to 11:00 a.m., Registration is open

• Threat Intelligence and Hunting – Jamie Buening, MISO, August 21, 2019, Registration is NOT open, but Event

Announcement will be sent out when it becomes available

• ICS Cyber Defense – Dean Parsons, SANS Instructor and Joe Petaski, MRO SAC Member, on November 20, 2019

from 1:00 p.m. to 2:00 p.m., Registration is NOT open, but Event Announcement will be sent out when it becomes

available

Newsletters

• Security Perspectives from the Gaming Industry

• (Tentative) Communicating International Energy Industry Incidents as Part of your Security Awareness Program

• (Tentative) Reflection from the Annual Security Conference

23 of 67



What’s left for 2019?

6th annual MRO Security Conference and Training

• Covers Executive, Physical Security, Cybersecurity, and Operational Security topics

• Presentations from representatives of Target, Palo Alto, Dragos, Lofty Perch, MRO, E-

ISAC and SANS (tentative)

• Training by MISO and TBD

3rd Annual MRO Regional Security Risk Assessment

• Input into the SAC’s annual work plan

• Results get added to the MRO Regional Risk Assessment

Roundtables

• Two in the planning stages

24 of 67

2019 CalendarCouncil meetings

• September 26th Prior to Regional Security Risk Assessment – In person

and Virtual

• November 6th - Virtual

Security Conference and Training

• September 24th and 25th – MRO Offices

• In person required for training

• Webex available for conference

Regional Security Risk Assessment

• September 26th – In person only

25 of 67

Opportunities to get involved

Weekly threat call

Mailing list

Security conference

Webinars and Newsletters

Regional Security Risk Assessment

26 of 67

More information

https://www.mro.net/committees/SAC/Pages/default.aspx

Estee Kolles – MRO Security Administrator –[email protected]

Steen Fjalstad – MRO SAC Staff Liaison –[email protected]

John Hochevar – SAC Chair – [email protected] of 67

https://www.mro.net/committees/SAC/Pages/default.aspx

mailto:[email protected]



28 of 67

29 of 67

30 of 67

Small Unmanned Aerial Systems (sUAS)31 of 67

Definitions• Small Unmanned Aerial Systems (sUAS)

• Typically under 55 lbs.

• May be multi-rotor (quadcopter, hexacopter, octacopter)

• May be fixed wing (plane)

• Operated by Hobbyists, Government, and Commercial users

• May be powered by electricity or fuel based engines

• Certificate of Authorization (COA)

• A letter of authorization similar to a license issued by the FAA for government use of sUAS.

• Part 107

• A license endorsement for certified pilots to fly sUAS.

• A license for non-certified pilots to fly sUAS.

• Required for commercial operation of sUAS and some government use too.32 of 67

Definition (cont.)

• Hobbyist• Strictly for personal not for profit flights• Must operate within community based standards• Must have an operator registration (currently $5

registration online)• Must not operate within 5 miles of airport• Must yield right of way to other aircraft• Must not exceed 400 feet above ground level and cannot

fly at night33 of 67

sUAS uses•Missing Persons•Wildfires•Flooding•Critical Infrastructure Security Checks•Structure Fires•Special Events

34 of 67

Other Potential Uses

•Hazardous materials scenes

•Accident scenes

•Damage assessments

•Mapping

•Tactical situations

35 of 67

Certifications

• Most receive a Certificate of Authorization (COA) from the FAA to operate a sUAS program within their jurisdictional boundaries• Restricted to Class B, D, and G airspaces

• Most operations will be conducted in Class G airspace

• Requires waivers to operate at night

• Operations under the COA requires a Pilot in Command (PIC) and a Visual Observer (VO)

• Requires Notice to Airmen (NOTAM) be filed 30 minutes prior to flight unless exigent circumstances exist

• Unable to fly to heights exceeding 400 ft Above Ground Level (AGL) regardless of obstacles

36 of 67

Certifications (cont.)

•FAA Part 107 Commercial Licensed Pilots.•Under Part 107 a sUAS can be operated by a PIC only•Does not require NOTAMs be filed prior to flight•Allows for flights above 400 ft. AGL to avoid obstacles•Requires waiver to operate at night

37 of 67

Authorization required to fly

38 of 67

Technology

The Toy

39 of 67

Technology

The Tool

40 of 67

Technology

The Threat

41 of 67

Aircraft and Capabilities

• sUAS come in all shapes, sizes, and capabilities. • In general most aircraft can be operated by a single operator.

• Quad Copters and Hex Copters are the most common types.

• Most aircraft have approximately 20 minute flight time but could be greater than an hour depending on the aircraft type.

• Most aircraft have some form of photo and/or video transmission capability.

• Some aircraft have payload delivery capability.

42 of 67

Limitations

• Range• Range is limited by technology and regulation.• Flying beyond visual line of sight (VLOS) requires FAA waivers.

• Visibility• Pilots must maintain VLOS which can be difficult due to aircraft design and

environmental conditions.

• Weather• Most sUAS are not rated for all weather environments. High winds or rain/snow can

prevent aircraft operation.

• Durability• Aircraft construction varies in design and materials. Most are not designed to the

same material standards as regular aircraft.

43 of 67

Limitations (cont.)

• Regulation• VLOS, flying over people, altitude regulation, airspace,

night operation, TFRs, etc.

• Operations Locations• Environmental factors such as overhead obstruction,

magnetic fields, Pilot Safety, etc.

44 of 67

Privacy Concerns

• A sUAS shall not be intentionally used for the purpose of viewing, recording or transmitting images and/or video in a criminal investigation or prosecution at any location or upon any property at which a person has a reasonable expectation of privacy unless: • A warrant or court order has been approved for the search of the property;

• A right-of-way has previously been established.

• Consent by the owner or person responsible for the property is obtained; or

• Exigent circumstances exist, to include emergency response, active fire/search and rescue operations, etc.

45 of 67

To fly a drone as a commercial pilot in the state of Oklahoma (i.e. for work / business purposes) you are required to follow the requirements of the FAA’ FAA’s Part 107 Small UAS Rule (Part 107), which includes passing the FAA’s Aeronautical Knowledge Test to obtain a Remote Pilot Certificate.

To fly a drone as a hobbyist in the state of Oklahoma (i.e. for fun / pleasure) you are required to register your drone with the FAA and follow the FAA’s Special Rule for Model Aircraft

To fly a drone as a government employee in the state of Oklahoma (i.e., for a police or fire department) you may either operate under the FAA’s Part 107 rule or obtain a federal Certificate of Authorization (COA)Certificate of Authorization (COA)

46 of 67

According to the Oklahoma Department of Transportation and the Oklahoma Legislature Oklahoma has one state-wide law concerning the use of drones in the state.

HB 2559 // 2016This law prohibits the operation of UAS within 400 feet of any critical infrastructure facility.

According to the Oklahoma Department of Transportation and the Oklahoma Legislature, Oklahoma has one state-wide law concerning the use of drones in the state.HB 2559 // 2016This law prohibits the operation of UAS within 400 feet of any critical infrastructure facility.

47 of 67

Operations and Training

48 of 67

49 of 67

50 of 67

51 of 67

52 of 67

53 of 67

54 of 67

http://webserver1.lsb.state.ok.us/cf_pdf/2015-16%20ENR/hB/HB2599%20ENR.PDF

55 of 67

IT / OT Convergence@

Pat GlunzCIP Operations & Business Continuity Manager

June 25, 2019 SPP Security Working Group56 of 67

A More Integrated NPPD

•Physical Security

•Operations Security

•Information Security

•Nuclear Security

•Telecommunication Security

257 of 67

IT / OT Convergence @ NPPD• Challenges

• Compliance – achieving it and maintaining it• Work Management

• OT utilizes SAP for everything• IT utilizes SAP for some work

• Coordinating work – PMs and upgrades• Best Practices

• IT – reliable is (5 – 9s, 5.26 min/year)• Patch immediately• Outages after hours

• OT – secure was not the 1st priority• No need for anti virus • Patch annually if at all• Was “if it isn't broke, don’t fix it”• Outages based on season load

• Supportability – IT processes don’t support OT availability requirements• Such as:

• Automatic reboots• Patching cycles• Automatic AV pushes

58 of 67

IT / OT Convergence @ NPPD

• Opportunities• Corporate IT

• Cyber Security

• Telecom

• Substation

• Power Plant ICS

• Transmission Control Centers

• Distribution Control Centers

59 of 67


• Instruments to facilitate CONVERGENCE• Multi disciplinary reviews

• Facility Protection Committee meetings, 28 days (Medium Impact BES Cyber Systems)• Control Center change mgt. meetings, 2x weekly (High Impact BES Cyber Systems)• Change management review of Low Impact EAC rules, adhoc

• New positions created• Corp. Security Operation Analysts• Substation compliance coordinator• Created IR drill coordinator position• Manager of Business Cont. & CIP Operations

• Create new department of Business Cont. & CIP Operations• Expand incidence response• Full participation in GridEx

60 of 67


• Instruments to facilitate CONVERGENCE (cont.)• C2M2 Evaluations

• Cyber Asset Security Assessment Teams

• Cyber Vulnerability Assessments of OT equipment

• Training• Cyber Security

• Human performance

• Compliance

61 of 67


• Successes• Idaho National Labs ICS Cybersecurity 301 Class

• Attendees from Corp. Security, Control Center staff, OAs, Power Plant, Substation, & Engineering groups

• Engineers and OAs working together weekly

• We have seen all OT groups display a better questioning attitude towards security and compliance

• Better security

• Better compliance controls

62 of 67

Questions?

8

Contact Info:

Patrick Glunz

(402) 362-7237

[email protected]

63 of 67

Agenda Critical Infrastructure Protection Committee Meeting June 4, 2019 | 1:00 p.m. – 5:00 p.m. Eastern June 5, 2019 | 8:00 a.m. – 12:00 p.m. Eastern Hyatt Regency Orlando International Airport 9300 Jeff Fuqua Boulevard Orlando, FL 32827

Call to Order

NERC Antitrust Compliance Guidelines, Public Announcement, and Participant Conduct Policy

Introduction and Chair’s Remarks

1. Administrative Items - Tom Hofstetter, NERC Staff, CIPC Secretary

a. Safety Briefing and Emergency Precautions - Hyatt Regency hotel staff

b. Welcoming Remarks - Ken Zambito, VP of Transmission, Orlando Utilities Commission

c. Declaration of CIPC Quorum

d. Parliamentary Procedures - In the absence of specific provisions in the CIPC charter, the committee shall conduct its meetings guided by the most recent edition of Robert’s Rules of Order, Newly Revised.

e. Introductions

f. CIPC Roster

Consent Agenda - Chair Marc Child, Great River Energy

2. Minutes*

a. March 5-6, 2019 Meeting - (Approve) Regular Agenda

3. Remarks and Reports - Chair Child

a. Work Plan*

b. Nominating Committee

4. CIPC Charter update* - (Approve)

5. Agency Updates

64 of 67

https://www.nerc.com/comm/CIPC/Documents/CIPC_Roster_2-2019.pdf

Agenda – Critical Infrastructure Protection Committee Meeting – June 4-5, 2019 2

a. Federal Energy Regulatory Commission - Justin Kelly, FERC; Simon Slobodnik, FERC

b. Department of Energy

c. Department of Homeland Security* - Ron Keen, DHS

d. Public Safety Canada

6. NERC Update

a. Compliance - Lonnie Ratliff, NERC Staff

b. Supply Chain* - Howard Gugel, NERC Staff

7. Reliability Issues Steering Committee Update (RISC)* - Chuck Abell, Ameren

a. Survey results

8. E-ISAC Update

a. E-ISAC programs and planning Strategic plan, GridSecCon, and GridEx Updates* - Sam Chanoski, E-ISAC

b. Cyber Security - Philip Daigle, E-ISAC Staff

c. Physical Security* - Kristen Bove, E-ISAC Staff

d. E-ISAC Physical Security Advisory Group (PSAG) - Ross Johnson, PSAG Co-chair

9. National Laboratory Updates

a. Argonne National Laboratory - James Kavicky, ANL

b. Pacific Northwest National Laboratory* - Scott Mix, PNNL

c. Idaho National Laboratory - Andrew Bochman, INL

10. Legislative Update* - Andrea Koch, EEI

11. EPRI Update* - Jim Stewart, EPRI

12. North American Transmission Forum* - Ken Keels, NATF

13. North American Generator Forum - Venona Greaff, Oxy

CIP Low Impact Procedure Sharing*

14. CIP Standards Development Update - Jay Cribb, Southern Company

15. Policy Working Groups - Chair Jeffrey Fuller, AES Corporation

a. Security Metrics Working Group (SMWG) Update - Chair Larry Bugh, ReliabilityFirst

i. SMWG Scope update* - (Approve)

b. Compliance Input Working Group (CIWG) Update* - Chair Paul Crist, Lincoln Electric System

i. CIWG Scope update* - (Approve)

ii. Cloud Implementation Guidance

65 of 67


(1) Federal Risk and Authorization Management Program (FedRAMP)

(2) Bulk Electric System Cyber System Information (BCSI)

(3) Tabletops

c. TOP Data Exchange Requirements Task Force - Chair Srinivas Kappagantula, PJM

Data Exchange Infrastructure Requirements Task Force (DEIRTF) Update*

16. Operating Security Working Groups - Chair Chuck Abell, Ameren

a. Grid Exercise Working Group (GEWG) Update - Chair Jake Schmitter, E-ISAC Staff; Vice Chair Stuart Brindley, S. J. Brindley Consulting, Inc.

i. GEWG Scope update* - (Approve)

b. Supply Chain Working Group (SCWG) Update* - Chair Tony Eddleman, NPPD

i. SCWG Scope update* - (Approve)

17. Cyber Security Working Groups - Chair Brenda Davis, CPS Energy

a. Control Systems Security Working Group (CSSWG) Update - Chair Carter Manucy, Florida Municipal Power Agency; Vice-chair Tobias Whitney, EPRI

i. CSSWG Scope update* - (Approve)

b. Security Training Working Group (STWG) Update - Chair Amelia Anderson, CenterPoint Energy

i. STWG Scope update* - (Approve)

ii. Security Training Session Agenda* - (Review)

18. Physical Security Working Groups - Chair Ross Johnson, Bridgehead Security Consulting, Inc.

a. Physical Security Working Group (PSWG) Update

i. PSWG Scope update* - (Approve)

b. Physical Security Guidelines Task Force (PSGTF) Update - Chair Darrell Klimitchek, South Texas Electric Cooperative

i. Physical Security Guideline for the Electricity Sector: Extreme Events Security Considerations, High Impact Control Centers* - Vote status/results

c. Other updates - Chair Johnson

Alberta Provincial Physical Security Projects

19. Roundtable - Discussion

20. Schedule of Important Dates

66 of 67


Dates Time Type Location Hotel

September 17-18, 2019 12:00 p.m. - 5:00 p.m.

8:00 a.m. - Noon CIPC Meeting

Minneapolis, MN

Intercontinental Minneapolis – St. Paul Airport

November 13-14, 2019 N/A GridEx N/A N/A

December 10-11, 2019 12:00 p.m. - 5:00 p.m.

8:00 a.m. - Noon CIPC Meeting Atlanta, GA

Intercontinental Buckhead

December 11-12, 2019 TBD IEEE Workshop Atlanta, GA TBD

21. Closing Remarks and Action Items

22. Adjournment

*Background materials included.

Attendees - TBD

67 of 67