Today’s LiveWire Spotlight looks at the fourth and fifth of six draft NERC Security Guidelines dealing with with threats introduced through the supply chain.  These two address the best practices and tools that minimize the threats that may arise if the origins of third-party BPS hardware, software, or services are unknown.  

The initial drafts of the NERC Security Guidelines on Provenance and Open-Source Software have been posted for a 45-day stakeholder review.  Comments must be returned to tom.hofstetter@nerc.net by November 11, 2022 using the form provided by the RSTC.