Fed Grid Security Proposal Leads to Turf Tussle

New federal legislation aims to give regulators expanded authority to avert cybersecurity attacks and physical threats to the nation’s grid as it becomes increasingly digitized, making it more vulnerable. The Federal Energy Regulatory Commission appears to have clear authority on transmission lines, but as electricity is stepped down for local distribution, and that distribution system becomes “smart” with meters and other communications, the cybersecurity authority comes into question. The extent of the emergency authority granted under a draft law, and which agencies could use that authority, was the focus of a U.S. Senate Energy and Natural Resources Committee hearing May 4. Also under debate was whether FERC’s authority extends to distribution systems in emergency situations. Without resolution, lawmakers debated not only federal, state, and industry turf issues, but also the kind and extent of security measures needed, the speed at which they’re developed and at what cost. “There’s got to be some consideration of costs and big consideration given to who pays for it,” said Senator Richard Burr (R-NC). The costs are to be borne by ratepayers. The legislation gives FERC emergency authority to act to protect against any imminent danger to the grid. Just how that is defined and whether the North American Electric Reliability Corporation (NERC), state utilities, state regulators--such as the California Public Utilities Commission--have much of a say are controversial. Industry, and other agencies, insisted they become part of the response team to thwart or curb threats to the electrical system. Those threats may include hacking, worms, solar storms, car bombs, and disgruntled employees. “Make sure that folks operating the system are involved in decision making,” said David Owens, Edison Electric Institute executive vice president. He added that protecting the so-called “smart grid” is “not a ‘check the box’ exercise.” It’s an evolutionary process involving “new equipment and new players, including vendors, manufacturers, utilities, and regulators,” he added. NERC develops reliability standards and has been working with federal regulators since 2006 on cybersecurity rules. NERC’s standards are developed in open hearings with stakeholder input. While inclusive, NERC has been criticized for being too slow to respond effectively to cyber attacks, and other human and natural risks. FERC “should be able to require mitigation even before or while NERC and its stakeholders develop a standard, when circumstances require urgent action,” said Joseph McClellan, FERC Office of Electric Reliability director. He noted the standards development process “can be an impediment when measures or actions need to be taken to address threats to national security quickly, effectively and in a manner that protects against the disclosure of security-sensitive information.” Also at issue was how to define “imminent danger” under the legislation, which when found allows FERC to step in to protect electrical infrastructure, which currently includes the distribution systems in California and other states regulated by state utility commissions. The energy panel is one of several Senate committees examining cybersecurity.

Over 11K Stories!

| Independently Powered Energy News

Fed Grid Security Proposal Leads to Turf Tussle

vdharadmin

Related Posts

California Public Utilities Commission Okays Local Supply Reserves

State Carbon Emissions Reduction Plan Update Faces Big Pushback

Bills Pass that Move the Needle on Non Fossil Energy Pass

Climate Change: Court Affirms CA Tailpipe Law