`Case 6:12—cv—00799—JRG Document 92-7 Filed 12/11/13 Page 1 of 3 Page|D #: 2517
`
`EXHIBIT G
`
`EXHIBIT G
`
`
`
`Case 6:12-cv-00799-JRG Document 92-7 Filed 12/11/13 Page 2 of 3 PageID #: 2518
`Securing Ovation Systems per NERC CIP Standards
`emersonprocessxperts.com/2012/02/securing-ovation-systems-per-nerc-cip-standards/
`
`In the Emerson Exchange 365 community, I saw a post announcing a February 16-17, 2012 Regional Technical Forum
`for Ovation system users. I got my hands on a few of the presentations, which I hope to share with you over the next few
`weeks.
`
`Emerson’s Mike DeKlavon, a member of the Power & Water Solutions team, will be presenting, Cyber Alerts: Is Your
`System Secure? He’ll open with a brief summary of the relevant NERC [North American Electric Reliability Corporation]
`CIP [Critical Infrastructure Protection] Standards (v3):
`
`CIP–002–3 —Critical Cyber Asset Identification
`CIP–003–3 — Security Management Controls
`CIP–004–3 — Personnel and Training
`CIP–005–3 — Electronic Security Perimeter(s)
`CIP–006–3 — Physical Security
`CIP–007–3 — Systems Security Management
`CIP–008–3 — Incident Reporting and Response Planning
`CIP–009–3 — Recovery Plans for Critical Cyber Assets
`
`Mike will provide a quick update on version 5 of the standard, expected to be in effect in late 2014 or early 2015. It adds
`two new standards—CIP-010-1: Configuration Management and CIP-011-1: Information Protection. A critical cyber asset
`(CCA) will become a bulk electric system (BES) cyber asset. Also, asset classifications are more clearly defined based
`on high, medium, and low impact.
`
`To help power producers meet the current standards and prepare for the coming ones, Mike highlights products,
`services, and business process support. Current products, as part of Ovation System Security, include user
`management, DMZ router/firewall, anti-virus defense, vulnerability scanning and patch management, malware
`prevention, and security incident & event management. More coverage is coming in log management, network attached
`storage, intrusion detection, Ovation workstation & controller hardening, and backup & restore functions.
`
`From a services perspective, these include security patch validations, virus signature validations, ports & services
`documents, security assessments, annual Ovation System Security support, and technical feasibility exception (TFE)
`support. Security certification services will be added. From a business process perspective, Ovation-CERT [Cyber
`Emergency Response Team] provides fast track review and response to security threats and emergencies. A Security
`Solutions Steering Committee reviews products, services, and business practices to adapt to changing security threats.
`Teams of CIP & Security Subject Matter Experts have been formed to work in Power projects and assist throughout the
`lifecycle of the facility.
`
`If you’ll be at the Regional Technical Forum, make sure to connect with Mike to discuss your cyber security related
`questions and concerns.
`
`MP3 | iTunes
`
`Audio clip: Adobe Flash Player (version 9 or above) is required to play this audio clip. Download the latest version here.
`You also need to have JavaScript enabled in your browser.
`
`Related Posts:
`
`Electrical Power Plants and Cyber Security
`Cyber Security Critical Infrastructure Protection Compliance
`Cybersecurity and OPC .NET
`
`
`
`Case 6:12-cv-00799-JRG Document 92-7 Filed 12/11/13 Page 3 of 3 PageID #: 2519
`Posted Tuesday, February 14th, 2012 under , .
`
`Tags: , , , , , , , , ,
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
