NPCC Whitepaper On NERC Reliability Standard CIP-012
NPCC Whitepaper on NERC Reliability Standard CIP-012NPCC Cyber Security Working Group (IST-4)Version 1NPCC RCC Approved09/08/2021
Note: Content of this document may not reflect the most current information. Periodicreviews for potential revisions of the document may be done at the request of the NPCCBoard of Directors, Reliability Coordinating Committee, Task Force on Coordination ofOperations, or the Task Force on Infrastructure Security & Technology. Please sendcorrections or revision requests to whitepaper@npcc.org.Contributors:John GallowayRob AntonishenJames McNierneyMatthew MorganDennis Van AmburghStephen GraberEric DrummieÉtienne PichéPhilippe ComperonRyan McSherryBrian HogueIST-4 Chair, ISO-New England, Inc.IST-4 Vice Chair, Independent Electricity System OperatorNew York Independent System OperatorNew York Independent System OperatorNew York Independent System OperatorNew York Independent System OperatorNew Brunswick Power CorporationHydro-Québec TransÉnergieHydro-Québec TransÉnergieNPCC StaffNPCC StaffRevision History:VersionDateAction108/20/2021Effective DatePUBLICChange Tracking(New, Errata, or Revisions)New2
Table of ContentsINTRODUCTION . 4Executive Summary . 4Objective . 5NERC Standard Effective Date . 5Audience . 5Assumptions . 5DEFINITIONS AND NERC STANDARDS . 6Definitions . 6NERC Standards and NPCC Directories . 8PROTECTED DATA AND RISK MITIGATION . 8Real-time Assessment and Monitoring Data . 8Problems and Risks . 10SECURITY PROTECTION TYPES . 11Security Protection and Protocols . 11LOCATION-BASED RESPONSIBILITIES . 13Ownership and Security Location . 13Scenario Location 1 . 13Scenario Location 2 . 14Scenario Location 3 . 14Responsibilities . 15COMPLIANCE RESOURCES . 15Resources and Processes . 16EIDSN Report . 16NERC Operating Reliability Data . 16APPENDIX A: NERC RELIABILITY STANDARD CIP-012-1 . 17Introduction . 17Requirements and Measures . 17PUBLIC3
INTRODUCTIONExecutive SummaryThis NPCC whitepaper is not intended to replace or supersede the NERC ImplementationGuidance for CIP-012-1 1. This document is intended to accompany and complement theNERC Implementation Guidance for CIP-012-1. NERC Reliability Standard CIP-012-1 isintended to “protect the confidentiality and integrity of Real-time Assessment and Realtime monitoring data transmitted between Control Centers.” 2The development of this document was initiated by recommendation of the NPCC TaskForce on Coordination of Operations (TFCO). TFCO requested a coordinated approachto meeting the requirements of the CIP-012-1 standard for NPCC Reliability Coordinators(RCs), Balancing Authorities (BAs), and Transmission Operators (TOPs). Consistent withCIP-012-1, the coordinated approach in this document includes NPCC TransmissionOwners (TOs), Generator Operators (GOPs), and Generator Owners (GOs). Thisdocument is intended to address those cases of communication paths between RCs,BAs, TOPs, TOs, GOPs, and GOs as well as cases of communications of Real-TimeAssessment and Real-time Monitoring data between Control Centers of a singleResponsible Entity.FERC recognized that the security of communication links cannot always be guaranteedand has acknowledged there should be plans for both recovery of compromisedcommunication links and use of backup communication capability if necessary. Theproposed scope of this NERC Standards development project would entail modificationsto CIP-012 – Communications between Control Centers.In Order No. 822, FERC directed NERC “develop modifications to the CIP ReliabilityStandards to require responsible entities to implement controls to protect, at a minimum,communication links and sensitive bulk electric system data communicated between bulkelectric system Control Centers in a manner that is appropriately tailored to address therisks posed to the bulk electric system by the assets being protected.” 3 Consistent withthe directive, NERC developed requirements for securing data exchange throughmodifications to the CIP Standards, including the new CIP-012-1 Reliability Standard,which requires Registered Entities to “develop and implement a plan to address the risksposed by unauthorized disclosure (confidentiality) and unauthorized modification(integrity) of Real-time Assessment and Real-time monitoring data while beingtransmitted between applicable Control Centers.” 4Implementation Guidance for CIP-012-1 (nerc.com)NERC CIP-012-1, Section 3 – Purpose3FERC Docket No. RM15-14-000 – Order No. 822 – Commission Determination – § 534FERC Docket No. RM18-20-000 – Order No. 866 – NERC Petition – § 912PUBLIC4
In Order No. 866, FERC approved NERC Reliability Standard CIP-012-1 (Cyber Security– Communications between Control Centers).ObjectiveIn order to support the development and implementation of a coordinated approach byNPCC RCs, BAs, and TOPs, this document will discuss a risk management process andmethodology for CIP-012-1 as opposed to becoming overly involved with explicit technicalsolutions. Conceptually, this will provide a future-proof approach and should not requirefrequent and multiple revisions as new technologies become available. This whitepaperwill recommend a series of functional specifications which will be consistent with thesuggestion of providing compatible solutions by NPCC TFCO.NERC Standard Effective DateThe effective date will be July 1, 2022 as a result of Order No. 866 and the approval byFERC of NERC Reliability Standard CIP-012-1 – Communications between ControlCenters. This is consistent with the Implementation Plan stating, “Reliability StandardCIP-012-1 shall become effective on the first day of the first calendar quarter that istwenty-four (24) calendar months after the effective date of the applicable governmentalauthority’s order approving the standard, or as otherwise provided for by the applicablegovernmental authority.” 5AudienceThe content of this whitepaper is intended for NPCC TFCO, NPCC Task Force onInfrastructure Security & Technology (TFIST), NPCC IST-4 Cyber Security WorkingGroup, NPCC CO-8 System Operations Managers Working Group, and CIP compliancedepartments for impacted RCs, BAs, and TOPs within the NPCC Region.AssumptionsIn order to maintain relevant and applicable content within this whitepaper, certaintechnologies, data, definitions, communications, time parameters, and other factors havebeen identified and acknowledged as important, and possibly relevant in future versionsof NERC Reliability Standard CIP-012; however, applying an interpretation of the currentversion CIP-012-1, the following list is not presently applicable and falls outside the scopeof this document:5NERC Implementation Plan – Project 2016-02 Modifications to CIP Standards – Effective DatePUBLIC5
Future considerations or changes to the definition of Control Center and whatmay fall under this classificationDistributed Energy Resources (DERs) and DER Aggregators that fall outside thepurview of the current Bulk Electric System (BES) definitionNERC Project 2020-04 Modifications to CIP-012 which intends to address adirective issued by the Federal Energy Regulatory Commission (FERC) in OrderNo. 866 to develop modifications to the CIP Reliability Standards to requireprotections regarding the availability of communication links and datacommunicated between the BES Control Centers.Operational data that would otherwise fall outside of the time scope to beconsidered as Real-time, identified as “near Real-time data”, and thecommunication links that carry and provide that data.o Examples may include communications to web portals for transmissionequipment outages, such as outage scheduling solutions or marketinterfaces communications.This whitepaper will be adjusted accordingly with respect to any new developments thatimpact the overall relevance and applicability of requirements towards compliance.DEFINITIONS AND NERC STANDARDSDefinitions*NERC Defined Terms are represented using Bold font and can be found in the NERCGlossary of Terms 6.CIP Exceptional CircumstanceControl Center (CC)Demarcation Point (Demarc) – A point that marks where communications facilities ownedand managed by one organization interface with that of another organization.EInet – a data-sharing network operated by EIDSN, Inc. for its members. This networkis used to transport reliability data between data sharing partners in the operation of theBulk Electric System primarily in the eastern half of the United States and Canada.Electronic Security Perimeter (ESP)Energy Management System (EMS) – A system of computer-aided tools used by SystemOperators to monitor, control, and optimize the performance of the generation and/ortransmission system. The computer technology is also referred to as SCADA/EMS orEMS/SCADA. Besides SCADA (Supervisory Control and Data Acquisition), other EMS6Glossary of Terms.pdf (nerc.com)PUBLIC6
applications can include alarm processing, network applications (which includes StateEstimation), Power Flow, Contingency analysis (CA), security analysis (SA), and datahistorians. Data acquisition typically includes data that is received from RTUs or datalinks.Inter-Control Center Communications Protocol (ICCP) – A real time data exchangeprotocol providing features for data transfer, monitoring, and control. For a complete ICCPlink there need to be facilities to manage and configure the link and monitor itsperformance.Operational Planning Analysis (OPA)Physical Security Perimeter (PSP)Real-time Assessment (RTA)Contingency Analysis (CA) – An application or process used to predict electrical systemconditions after simulating specific contingencies. It relies on a base case from a StateEstimator power flow case. CA is critical for Real-time Assessments and Real-timeMonitoring as it supports maintaining power system security in the event of a loss of anygiven transmission element. Some vendor specific versions of this are named Real TimeContingency Analysis (RTCA) and would qualify as the same type of application for thepurposes of this document.Real-time Monitoring (RTM) – A primary function of Reliability Coordinators (RCs),Transmission Operators (TOPs), and Balancing Authorities (BAs) as mentioned by TOPand IRO NERC Reliability Standards in order to observe and monitor operating statusand operating values in Real-time for situational awareness of system conditions of theBulk Electric System (BES). Real-time Monitoring may include the following activitiesperformed in Real-time: Acquisition of operating data and displaying operating data asneeded for visualization of system conditions.Responsible Entity – A Functional Entity (e.g., Balancing Authority, Generator Operator,Generator Owner, Reliability Coordinator, Transmission Operator, or TransmissionOwner) that owns or operates a Control Center.State Estimator (SE) – An application that calculates the current state of the electricalsystem (the voltage magnitudes and angles at every bus) using a network model andtelemetered measurements. The purpose is to provide a consistent base case of Realtime system conditions for use by other network applications programs, such as powerflow and Contingency Analysis. SE is critical for Real-time Assessments and Real-timeMonitoring as it supports CA and provides base case power flow visibility.Supervisory Control and Data Acquisition (SCADA)PUBLIC7
NERC Standards and NPCC DirectoriesThe following list contains NERC Reliability Standards and NPCC Reliability Directorieswhich have been referenced within this whitepaper in order to provide support for thecontent of this document: CIP-006-6 – Physical Security of BES Cyber SystemsCIP-012-1 – Communications between Control CentersIRO-008-2 – Reliability Coordinator Operational Analyses and Real-timeAssessmentsIRO-010-3 – Reliability Coordinator Data Specification and CollectionTOP-001-4 – Transmission OperatorsTOP-003-4 – Operational Reliability DataTOP-010-1(i) – Real-time Reliability Monitoring and Analysis CapabilitiesNPCC Directory #1 – Design and Operation of the Bulk Power SystemThe complete documentation for each of the listed NERC Reliability Standards can befound by visiting the official NERC website. Additionally, the complete documentation forthe listed NPCC Reliability Directories can be found by visiting the official NPCC website.PROTECTED DATA AND RISK MITIGATIONReal-time Assessment and Monitoring DataIn order to develop a risk management process and methodology towards CIP-012-1compliance, each Responsible Entity is encouraged to assemble and maintain anaccurate inventory of all communication links that carry data into the Control Center andidentify which of these links fall under the scope of CIP-012-1. For each identifiedcommunications link, the Responsible Entity should gather relevant information about thelink such as an identifier or name for the link, the protocols transmitted over the link,ownership of both ends of the link, and the demarcation points. The communication linksthat fall in or out of scope can be identified by the data they are transmitting. Data whichis referred to as Real-time Assessment and Real-time monitoring data according to NERCReliability Standard CIP-012-1 would be in scope and all other data may be consideredout of scope.A majority of the applicable data that can be categorized as Real-time Assessment dataor Real-time monitoring data will be in accordance with data specifications from NERCReliability Standards IRO-010-3 and TOP-003-4, however, that does not necessarilyprovide a comprehensive list of all applicable data. Additionally, other data to beconsidered would be the examples listed within the NERC defined term for Real-timeAssessment.PUBLIC8
The following list contains excerpts from NERC Reliability Standards IRO-010-3 andTOP-003-4 which reference a set of data required by the Responsible Entity to performReal-time Assessments and Real-time monitoring: TOP-003-4 R1 – “Each Transmission Operator shall maintain a documentedspecification for the data necessary for it to perform its Operation PlanningAnalyses, Real-time monitoring, and Real-time Assessments.”TOP-003-4 R2 – “Each Balancing Authority shall maintain a documentedspecification for the data necessary for It to perform its analysis functions andReal-time monitoring.”IRO-010-3 R1 – “The Reliability Coordinator shall maintain a documentedspecification for the data necessary for it to perform its Operational PlanningAnalyses, Real-time monitoring, and Real-time Assessments.”Each of these requirements reference a list of data and information needed by theResponsible Entity to support Real-time Assessments and/or Real-time monitoring.Examples of data that fall under this category include but are not limited to: Real-time Demand and/or LoadReal-time Resource Status (Including Capacity Assessment)Real-time Generation OutputReal-time Transmission Element StatusTransmission and Generator Facility OutagesReal-time Phase Angle Regulators (PARs) Tap PositionsReal-time Status of Remedial Action Schemes (RAS)Applied Transmission and Generation Facility RatingsReal-time Statues of AC/DC Inverter FacilitiesReal-time Interchange (Actual Flows)Real-time Bus Phase AnglesSyncrophasor/Phasor Measurement Unit (PMU) DataReal-time Total Transfer Capability (TTC) LimitsAnother reference to provide support of data that may fall under scope of CIP-012-1 canbe found in the NPCC Regional Reliability Plan in Section 6.2, Data Requirements, whichstates “Each Reliability Coordinator determines the data requirements to support itsReliability Coordination tasks and requests such data from its Transmission Operators,Balancing Authorities, Transmission Owners, Generation Owners, Generation Operators,and Distribution Providers, or adjacent Reliability Coordinators.” 7Other possible considerations that may fall under the scope of CIP-012-1 would be widearea monitoring data links, real-time data synchronization between primary and backup7NPCC Regional Reliability Plan (nerc.com)PUBLIC9
Control Centers, and automatic generation control data that is transmitted betweenControl Centers.An additional reference for Responsible Entities to provide support of data within scopecan be found in NPCC Reliability Directory #1, under R3 of NPCC Full Member Criteria,which states “Each Reliability Coordinator shall share and coordinate forecast systeminformation and real-time information to enable and enhance the analysis and modelingof the interconnected bulk power system by security application software on energymanagement systems.” 8Careful assessment of communication links, the data carried over these links and theuses made of such data may lead an entity to categorize data and links requiringprotections specified in CIP-012-1. However, such protections may be applied elsewheredepending on the risk management practice in use by the entity. Furthermore, changesto data and communication link configuration should be maintained with regard to riskassessment and application of protections related to CIP-012-1 on an ongoing basis.Implementing CIP-012-1 compliance may be just one part of a more general program ofmanaging security risks of inbound and outbound communication at Control Centers.Problems and RisksTo further support the development of a risk management process and methodologytowards CIP-012-1 compliance, each Responsible Entity within the NPCC Region shouldidentify the potential reliability risks that could occur with the unauthorized disclosure andunauthorized modification of Real-time Assessment and Real-time monitoring data.These risks will vary depending on the type of Responsible Entity that is impacted andwill also depend upon the data that is being disclosed and/or modified without knowledgeor approval, particularly data that is transmitted to and used by an Energy ManagementSystem (EMS). The following list contains examples of possible reliability risks as a resultof unauthorized access and/or modification to EMS data and its respective processes (asreferenced from Risks and Mitigations for Losing EMS Functions Reference Document 9): 89“The loss of SCADA would likely be the most impactful EMS failure. The SystemOperators would not have indication of the status of devices or key data pointssuch as MW, MVAR, current, voltage, or frequency from the RTUs. Furthermore,the System Operators would not be able to open and close breakers or switchesremotely from the Control Center. SCADA data feeds AGC, SE/RTCA applications.Loss of quality data would compromise their functionality.”“The loss of ICCP would disrupt the information that is shared betweenTransmission Operators (TOP), Balancing Authorities (BA), Generator Operators(GOP), and Reliability Coordinators (RC). The RCs rely on information from its BAsDirectory #1 (npcc.org)EMS White Paper - Risks and Mitigations for Losing EMS Functions Reference Document.pdf (rfirst.org)PUBLIC10
and TOPs to monitor the wider area, and an ICCP outage may remove real-timeupdates to the affected section of the model.”“The loss of SE would involve the System Operators losing the situationalawareness not directly provided by the SCADA system. While the SystemOperators would still have SCADA, which would be control and indication of alltelemetered devices, the loss of SE would eliminate other key data values that helpthe System Operators monitor the system, plus limit the predictive analysis thatthe EMS provides.”“The loss of RTCA may prevent alerting the System Operators when the nextcontingency presents a potential reliability issue, compromising situationalawareness, increasing the complexity of performing Real Time Assessments.”TOPs and RCs are obligated to conduct Real-time Assessments at least once every 30minutes according to NERC Reliability Standards TOP-001-4, Requirement R13, andIRO-008-2, Requirement R4. The SE and RTCA functions within an EMS are crucial insupporting this obligation for Real-time Assessments, thus requiring significant amount ofcredibility and security for the data being provided to these functions.SECURITY PROTECTION TYPESSecurity Protection and ProtocolsAlthough physical protection is applied in some areas within the NPCC region in order tosecure the communication paths of devices supporting the data exchange betweenControl Centers, such as conduit or secured cable trays as suggested in CIP-006-6, amajority of the protection applied to the data within the scope of this standard is logicalvia encryption of the data in transit between Control Centers. A Responsible Entity shouldassess their plan for protection of data to address whether such physical protections fordata transmissions are appropriate. In the NPCC region, Reliability Coordinators use theEIDSN network, formerly known as the Eastern Interconnect Data Sharing Network, toexchange telemetry data with neighboring Reliability Coordinators. This wide-areanetwork, originally deployed in the Summer of 2015, allows for the sharing of Real-timeAssessment and Real-time monitoring data among entities that manage the high-voltagepower system primarily in the eastern two-thirds of the United States and Canada. Thisexchange of data is essential to maintaining the reliability of the BES.While considering measures to address confidentiality and integrity of RTA and RTM, anentity should not forget existing measures already developed for other reliabilitystandards. For instance, the following excerpt from NERC Reliability Standards TOP-0034 and IRO-010-3 which reference calls out requirement for a security protocol for datadocumented as supporting RTA and RTM:PUBLIC11
TOP-003-4 R5 5.3 – “ shall satisfy the obligations of the documentedspecifications using a mutually agreeable security protocol.”IRO-010-3 R3 3.3 – “ shall satisfy the obligations of the documentedspecifications using a mutually agreeable security protocol.”Many exchanges of RTA and RTM data between Control Centers make use of InterControl Center Communications Protocol (ICCP) 10. ICCP in of itself does not provideprotection for confidentiality or integrity of data. Many implementations, however, applynetwork encryption as additional security protection which does support protection ofconfidentiality and integrity. The entity may use other security means such as applicationlevel security or transport layer encryption.If RTA and RTM are being used with ICCP in such a manner, then it will be included inscope for CIP-012-1.If existing measures apply to confidentiality and integrity of RTA and RTM data, somecare should be taken to ensure those measures are consistent and retained and used forCIP-012-1 as well or new measures satisfying both standards will be required.The EIDSN network is vendor-diverse, redundant, encrypted, and scalable. It serves 25companies across North America and consists of over 60 nodes. Two major telecomcommunication companies provide the “backbones” that comprise the network. Users canmonitor their nodes on the network and report problems directly to the vendors, making itreadily and easily maintained. EIDSN, Inc. worked with North American Electric ReliabilityCorporation (NERC) to transition users of the aging NERC network (NERCnet), facilitatingNERC’s desire to retire NERCnet.Although the EIDSN network covers a majority of the data communicated between theNPCC RCs, data transmitted between entities within a specific RC’s footprint, such asRC to TOP data, is typically exchanged on a private network using ICCP. These ICCPnetworks are the backbone that tie the regional system operator with the localtransmission and distribution utilities and allow for communication and coordinationbetween Control Centers within a specific region.Other possible technology solutions (besides network layer encryption) that could beimplemented by the Responsible Entities associated with the Control Center isapplication-level encryption.An important element of any security solution is the exchange of cryptographic keys,secure SCADA protocols, and private data networks (VPNs). These elements can beapplied to any WAN Interface or prior to data being sent to the WAN Router. Historicallythe exchange of sensitive data had been achieved and supported with the use of privatedata networks, but now even these networks or Communication Solutions requireadditional security.10https://en.wikipedia.org/wiki/IEC 60870-6PUBLIC12
LOCATION-BASED RESPONSIBILITIESOwnership and Security LocationUsing the applicable data that falls under the scope of CIP-012-1, there will be severalpossible Control Center communications paths and/or links that could potentially fallunder the scope of regulation, such as the Inter-Control Center Communications Protocol(ICCP), additional Supervisory Control and Data Acquisition (SCADA) data links, andReal-time Assessment data links used for state estimator power system analysis,contingency analysis, and/or stability assessments.The responsibility of protecting the communication paths can be subdivided into threedifferent location-based scenarios to help identify both where CIP-012-1 securityprotection is applied and the location of demarcation points.Scenario Location 1Figure 1 demonstrates the first scenario in which a single Responsible Entity owns bothends of the data link or communication path.Figure 1 - Single Responsible Entity owns both ends 11The protection of data applied within the entity covers everything under and up to the ESPFirewall but does not necessarily include the WAN Router. It is possible that logicalprotection could be available up to and at the WAN Router if the hardware includes aninternal firewall and security features. Regardless of the feature-set of the WAN hardwareor secure cabling solution used within the building(s) – there is a need to ensureapplicable data and communications are protected from external side of ESP Router,through the WAN Router to the corresponding side of the other WAN Router. There is a11Figure 1 is derived from the Reference Model provided in the NERC CIP-012-1 Implementation GuidancePUBLIC13
need to ensure the applicable data and communications on these WAN interfaces aresecure.Scenario Location 2Figure 2 illustrates a second possible scenario in which two separate independentResponsible Entities own their respective end of the data link or communication path.Figure 2 - Two independent Responsible Entities own their respective end 12Similar to the first scenario, the protection of data applied within each entity will covereverything up to the ESP Firewall and could possibly include the WAN Router if thehardware is designed with an internal firewall and security features. Regardless of thefeature-set of the WAN hardware or secure cabling solution used within the building(s) –there is a need to ensure applicable data and communications are protected from externalside of ESP Router, through the WAN Router to the corresponding side of the other WANRouter. There is a need to ensure the applicable data and communications on these WANinterfaces are secure.Scenario Location 3The third scenario, which can be seen in Figure 3, provides an example of the data linksor communication paths being outsourced and owned by a third-party, such as atelecommunications carrier (telco).12Figure 2 is derived from the Reference Model provided in the NERC CIP-012-1 Implementation GuidancePUBLIC14
Figure 3 - Third-party owns the communication path 13An example of scenario three would be any data transmitted between NPCC ReliabilityCoordinators via the EIDSN network. Since the EIDSN network is managed by
This NPCC whitepaper is not intended to replace or supersede the NERC Implementation Guidance for CIP-012-1. 1. This document is intended to accompany and complement the NERC Implementation Guidance for CIP-012-1. NERC Reliability Standard CIP012- -1 is intended to “protect the confid
NERC CIP v5/v6 o Overview of Version 5 NERC Cyber Security Standards o Notable differences between Version 3 and Version 5 NERC CIP reliability standards Tools and resources o A few words about “tools” and NERC CIP compliance o Active vulnerability assessment tools o Danger:
Accepted FRCC MRO NPCC RF SERC SPP TRE WECC Unknown TOTAL Exception Request for Exclusion - - - - - - - - - 0 Exception . – Design criteria equivalent to TPL-001 and TPL-002 . 2015 . New Brunswick BES Update . NPCC Government/Regulatory .
WE HAVE GROWN FROM A FABRICATOR TO AN INTERNATIONAL EPC COMPANY. WE ARE NPCC. CONTENTS 01 02 OUR COMPANY Overview History of NPCC . 1st Major EPC Contract - Maersk Qatar Commission SEP 450 2007. CONCEPT TO COMMISSIONING. 01 . regional assets, robust contracting strategy, diversity and depth of experience, a project-centered execution .
Test-Retest Reliability Alternate Form Reliability Criterion-Referenced Reliability Inter-rater reliability 4. Reliability of Composite Scores Reliability of Sum of Scores Reliability of Difference Scores Reliability
NERC 1,200 MW Fault Induced Solar Photovoltaic Resource Interruption Disturbance Report June 2017 iv Preface The North American Electric Reliability Corporation (NERC) is a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system (BPS) in North America. NERC develops and
Authority” means NERC or the Regional Entity in their respective roles of monitoring and enforcing compliance with the NERC Reliability Standards. Page 5 of 40 . Standard PRC-005-6 – Protection System, Automatic
NERC CIP-014. Compliance Guide. The purpose of the NERC CIP-014 reliability standard is to protect electrical . facilities from physical attacks that could threaten the stability and operation of the electric grid distribution system. Requirement R5 man
of branched rough paths introduced in (J. Differential Equations 248 (2010) 693–721). We first show that branched rough paths can equivalently be defined as γ-Hölder continuous paths in some Lie group, akin to geometric rough paths. We then show that every branched rough path can be encoded in a geometric rough path. More precisely, for every branched rough path Xlying above apathX .
