BES Cyber Asset definition

BES Cyber Asset means a Cyber Asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, misoperation, or non‐operation, adversely impact one or more Facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES Cyber Asset is included in one or more BES Cyber Systems.**

BES Cyber Asset means a cyber asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, mis operation, or non-operation, adversely impact one or more facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the BES. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact.

BES Cyber Asset means a Cyber Asset that if rendered unavailable, degraded, or misused would, within fifteen (15) minutes of its required operation, misoperation, or non-operation, adversely impact one or more Facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the Bulk Electric System. Redundancy of affected Facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES Cyber Asset is included in one or more BES Cyber Systems.

Examples of BES Cyber Asset in a sentence

• Rationale for Requirement R2:The intent of the BES Cyber Asset reuse and disposal process is to prevent the unauthorized dissemination of BES Cyber System Information upon reuse or disposal.

• The definition of BES Cyber Asset provides the basis for this scoping.Real-time OperationsOne characteristic of the BES Cyber Asset is a real-time scoping characteristic.

• Evidence must include each of the applicable documented processes that collectively include each of the applicable requirement parts in CIP-011-2 Table R2 – BES Cyber Asset Reuse and Disposal and additional evidence to demonstrate implementation as described in the Measures column of the table.

• Each Responsible Entity shall implement one or more documented process(es) that collectively include the applicable requirement parts in CIP-011-2 Table R2 – BES Cyber Asset Reuse and Disposal.

• It therefore meets the threshold to be designated as a BES Cyber Asset.

• A BES Cyber Asset includes in its definition, “…that if rendered unavailable, degraded, or misused would, within 15 minutes adversely impact the reliable operation of the BES.” The following provides guidance that a Responsible Entity may use to identify the BES Cyber Systems that would be in scope.

• Each BES Cyber Asset is included in one or more BES Cyber Systems.

• Since the PMU or PDC is not used for autonomous control, nor is it used by power system operators to make real-time decisions, the PMU or PDC does not meet the threshold in the definition of a BES Cyber Asset, and is therefore not categorized as a BES Cyber Asset.

• There may be other examples where multiple entities share the same device, or information from the same device, such as a tie line meter, and the owner of the device has identified it as a BES Cyber Asset (BCA).

• Requirement R1 specifies that a software and configuration baseline be created and maintained for each BES Cyber Asset.

More Definitions of BES Cyber Asset

BES Cyber Asset shall each have the meaning set forth in the Glossary of Terms Used in NERC Reliability Standards. For purposes of this provision, “Removeable Media” includes, but is not limited to, floppy disks, compact disks, USB flash drives, external hard drives, and other flash memory cards/drives that contain non-volatile memory.

BES Cyber Asset. (“BCA”) means a programmable electronic device, including the hardware, software, and data in the device, that if rendered unavailable, degraded, or misused, would within 15 minutes of its required operation, misoperation, or non-operation, adversely impact one or more facilities, systems, functions, applications, or equipment, and which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the BES.

BES Cyber Asset means a cyber asset that if rendered unavailable, degraded, or misused would, within 15 minutes of its required operation, misoperation, or non-operation, adversely impact one or more facilities, systems, or equipment, which, if destroyed, degraded, or otherwise rendered unavailable when needed, would affect the reliable operation of the bulk electric system. Redundancy of affected facilities, systems, and equipment shall not be considered when determining adverse impact. Each BES cyber asset is included in one or more BES cyber systems. (A cyber asset is not a BES cyber asset if, for 30 consecutive days or less, it is directly connected to a network within an electronic security perimeter, a cyber asset within an electronic security perimeter, or to a BES cyber asset, and it is used for data transfer, vulnerability assessment, maintenance, or troubleshooting purposes.)