Federal Energy Regulatory Commission, DOE.
Notice of technical conference.
Commission staff will convene a technical conference on February 4, 2003 to discuss issues relating to the proposed rules for cyber-security of entities interacting on the nation's electric grid. The conference will build upon the concepts found in Start Printed Page 4402the original and revised cyber-security standards, with particular focus on issues pertaining to implementation and timing of, and compliance with, the standards. There will be an opportunity for interested persons to make very brief public statements at the conference.
The conference will take place on February 4, 2003.
The conference will take place at: Federal Energy Regulatory Commission, 888 First Street, NE., Washington, DC 20426.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Sarah McKinley, Office of External Affairs, Federal Energy Regulatory Commission, 888 First Street, NE., Washington, DC 20426, (202) 502-8004.End Further Info End Preamble Start Supplemental Information
Notice of Technical Conference
1. Take notice that a technical conference will be held on February 4, 2003, from approximately 9:30 a.m. to 3 p.m. in Hearing Room 1 on the second floor of the offices of the Federal Energy Regulatory Commission, 888 First Street, NE., Washington, DC. The goal of the conference is to discuss issues relating to the proposed rules for cyber-security of entities interacting on the nation's electric grid.
2. The Commission's proposed cyber-security standard was described in section M and appendix G of the Notice of Proposed Rulemaking (NOPR) published in this docket on July 31, 2002. That proposal was developed by the Critical Infrastructure Protection Advisory Group (CIPAG) of the North American Electric Reliability Council (NERC), which has since proposed a set of revisions to the standard that have been approved by the NERC Board.
3. Copies of the NOPR security proposal may be obtained from: http://www.ferc.gov/Electric/RTO/Mrkt-Strct-comments/discussion_paper.htm. Copies of the NERC security proposal are available in Attachment A at: ftp://www.nerc.com/pub/sys/all_updl/docs/ferc/RM01-12-000-SMD.pdf.
4. This conference will build upon the concepts found in the original and revised cyber-security standards. The discussions will focus on the following questions pertaining to implementation and timing of, and compliance with, the standards:
- When should compliance with the standard become mandatory? The original NOPR would require compliance in January 2004, but recent discussions have suggested that this standard be advisory in 2004 and mandatory in 2005.
- What is the best way to establish a verification and compliance process for the standards? What is the current and expected process that NERC uses to determine compliance with the NERC standards, and would it be appropriate for the cyber-security standards as well? Should regular audits be used as part of the compliance and verification effort? Should there be a role for third-party testing or investigation of complaints about the compliance of wholesale market participants?
- What are the appropriate penalties and remedies for non-compliance or inadequate compliance with the cyber-security standards, once they are in effect?
- Should new technical issues that were neither technologically nor commercially ripe for resolution in the proposed standard be identified and recognized now so the wholesale industry and the information technology industry can anticipate the issues and requirements ahead? What issues and cyber-security challenges were not addressed in the proposed standard but should be ready for inclusion in the next standard, if the next standard is adopted in two to three years?
5. Other than with respect to the last bullet above, this workshop will not discuss the substance of the NERC-approved cyber-security standard.
6. The bulk of this workshop will be discussion between attendees. Commission staff has asked selected individuals to speak at this conference, and is not entertaining requests to make presentations. However, interested persons will be permitted to make very brief public statements that are not repetitive of materials already filed in the public record of this docket.
7. All interested persons may attend the technical conference, and registration is not required. However, in-person attendees are asked to notify the Commission of their intent to attend by sending an e-mail message to email@example.com.
8. Transcripts of the conference will be immediately available from Ace Reporting Company (202-347-3700 or 1-800-336-6646), for a fee. They will be available for the public on the Commission's FERRIS system two weeks after the conference. Additionally, Capitol Connection offers the opportunity for remote listening of the conference for a fee. Persons interested in this service should contact David Reininger or
9. Julia Morelli at the Capitol Connection (703-993-3100) as soon as possible or visit the Capitol Connection Web site at http://www.capitolconnection.gmu.edu and click on “FERC.”
10. For more information about the conference, please contact Sarah McKinley at (202) 502-8004 or firstname.lastname@example.org.Start Signature
Magalie R. Salas,
[FR Doc. 03-1972 Filed 1-28-03; 8:45 am]
BILLING CODE 6717-01-P