NERC
NERC Submits Compliance Monitoring and Enforcement Program Annual Report - February 21 - NERC submitted its annual Compliance Monitoring and Enforcement Program (CMEP) filing for 2016 to FERC. Based on the results on its oversight activities, NERC proposes in the report two enhancements to the risk based CMEP: (1) providing minimal risk Compliance Exceptions (CEs) identified through self-logging to FERC non-publicly; and (2) expanding the use of CEs to include certain moderate risk noncompliance currently processed through Find, Fix, Track and Report.
NERC Files Comments Opposing Petition for Rulemaking on Malware - February 17 - NERC submitted comments in opposition to a Petition for Rulemaking by the Foundation for Resilient Societies to require an enhanced reliability standard to detect, report, mitigate, and remove malware from the bulk-power system. NERC requested that the Commission deny the Petition, because NERC’s existing Reliability Standards, current standard development activity, and other cyber security efforts adequately address the threats, vulnerabilities and risks associated with malware detailed in the petition.
NERC Files Comments on Electric Storage Participation in Organized Markets - February 13 - NERC submitted comments to FERC on its November 17, 2016 notice of proposed rulemaking on electricity storage participation in markets operated by regional transmission organizations and independent system operators. NERC’s comments state that NERC’s reliability standards and associated glossary do not create barriers to the participation of electric storage resources or other non-synchronous technologies in the organized wholesale electric markets.
Cybersecurity and Grid Security
EPRI Report Finds Electromagnetic Pulse Has Limited Impact on Transformers - February 20 - The Electric Power Research Institute (“EPRI”) published a study on the impacts of a high-altitude nuclear event on bulk-power system transformers in the United States. The study found (i) that while hundreds to thousands of transformers could experience increased geomagnetically-induced current (GIC) flows, only a small number (between 3 to 14, depending upon location) would be vulnerable to thermal damage, and (ii) that damaging levels of tertiary winding heating resulting from the flow of harmonic currents generated by the resulting GIC flows are unlikely to occur.
NIST Releases Cybersecurity Practice Guide - February 16 - The National Cybersecurity Center of Excellence (NCCoE) released a draft of the National Institute of Standards and Technology (NIST) Cybersecurity Practice Guide, Special Publication 1800-7: "Situational Awareness for Electric Utilities." The Practice Guide includes a model solution that can be used by electric sector companies to alert their staff to potential or actual cyber attacks.
Other Developments
GAO Publishes Report on Federal Efforts to Enhance Grid Resilience - January 25 - The Government Accountability Office (GAO) issued a report in which it reviewed 27 different federal government efforts undertaken by the Departments of Energy and Homeland Security, and FERC, since 2013 to enhance the grid’s resilience in response threats and hazards including cyberattacks, physical attacks, and natural disasters. The report found that these efforts were fragmented but not duplicative.