Project 2009-12 Interpretation − CIP-005-1 − Cyber Security − Electronic Security Perimeters by PacifiCorp
The interpretation was approved by the NERC Board of Trustees on February 16, 2010.

The request asks to clarify the following:

  • 4.2.2 indicates that the communication links between ESPs and the required supporting equipment are not in the scope of this standard.  However, in R1.3, the endpoints of a communication link between ESPs are required to be treated as "access points".
  • Regarding 4.2.2:
  • What kind of cyber assets are referenced in 4.2.2 as "associated"? What else could be meant except the devices forming the communication link?
  • Is the communication link physical or logical? Where does it begin and terminate?
  • Regarding R1.3:
  • Please clarify what is meant by an “endpoint”?  Is it physical termination? Logical termination of OSI layer 2, layer 3, or above?
  • If “endpoint” is defined as logical and refers to layer 3 and above, please clarify if the termination points of an encrypted tunnel (layer 3) must be treated as an “access point? If two control centers are owned and managed by the same entity, connected via an encrypted link by properly applied Federal Information Processing Standards, with tunnel termination points that are within the control center ESPs and PSPs and do not terminate on the firewall but on a separate internal device, and the encrypted traffic already passes through a firewall access point at each ESP boundary where port/protocol restrictions are applied, must these encrypted communication tunnel termination points be treated as "access points" in addition to the firewalls through which the encrypted traffic has already passed?
Interpretation Process:
In accordance with the Reliability Standards Development Procedure, the interpretation must be posted for a 30-day pre-ballot review, and then balloted.  There is no public comment period for an interpretation.  Balloting will be conducted following the same method used for balloting standards.  If the interpretation is approved by its ballot pool, then the interpretation will be appended to the standard and will become effective when adopted by the NERC Board of Trustees and approved by the applicable regulatory authorities.  The interpretation will remain appended to the standard until the standard is revised through the normal standards development process.  When the standard is revised, the clarifications provided by the interpretation will be incorporated into the revised standard.
Draft Action Dates Results Consideration of Comments
PacifiCorp Request for 
 Interpretation of CIP-005-1


Request for Interpretation
Recirculation Ballot

Info>> | Vote>>
10/16/09 - 10/26/09

Full Record>>
Initial Ballot

Info>> | Vote>>
8/27/09 - 9/8/09

Full Record>>
Consideration of Comments
Pre-ballot Review

Info>> | Join>>
7/27/09 - 8/27/09