FERC
FERC Proposes Approval of Coordination of Protection Systems, Personnel Training Standards - November 16 - FERC proposed to approve Reliability Standards PRC-027-1 (Coordination of Protection Systems for Performance During Faults) and PER-006-1 (Specific Training for Personnel), submitted by the NERC. Reliability Standard PRC-027-1 is intended to maintain the coordination of protection systems installed to detect and isolate faults on bulk electric system elements, such that those protection systems operate in the intended sequence during faults. Reliability Standard PER-006-1 is intended to ensure that personnel are trained on specific topics essential to reliability to perform or support real-time operations of the bulk electric system. In addition, the Commission proposed to direct NERC to modify proposed Reliability Standard PRC-027-1 to require an initial study to establish a baseline of protection systems coordination. Comments are due on January 29, 2018.
FERC Denies NERC’s Requested Changes to Compliance Monitoring and Enforcement Program - November 16 - FERC denied NERC’s request for approval of two proposed changes to the Compliance Monitoring and Enforcement Program (“CMEP”). In February NERC submitted an annual compliance filing on its CMEP and, as part of that filing, NERC requested that FERC approve two proposed program changes: (1) elimination of the public posting of compliance exceptions identified through self-logging; and (2) expansion of the use of compliance exceptions to include certain moderate risk violations. Although FERC accepted NERC’s report, it denied NERC’s proposed changes “because, in most situations, information on NERC’s resolution of compliance and enforcement matters should be transparent and publicly available and processing of noncompliance should reflect the relative risk level of the violation.”
NERC
NERC Submits Comments in Response to Emergency Preparedness and Operations NOPR - November 27 - NERC submitted to FERC comments in response to a September 20, 2017 NOPR proposing to approve Emergency Preparedness and Operations Reliability Standards EOP-004-4 (Event Reporting), EOP-005-3 (System Restoration from Blackstart Resources), EOP-006-3 (System Restoration Coordination), and EOP-008-2 (Loss of Control Center Functionality). NERC agrees with FERC that the proposed Reliability Standards are intended to: (i) provide accurate reporting of events to NERC’s event analysis group; (ii) outline the responsibilities of entities that support system restoration from blackstart resources; (iii) clarify procedures for Reliability Coordinator personnel to execute system restoration processes; and (iv) refine requirements of an operating plan to continue operation if primary control functionality is lost.
NERC Submits Petition for Approval of Proposed Revisions to Rules of Procedure - November 21 - NERC submitted to FERC a petition for approval of proposed revisions to Appendix 3D (Registered Ballot Body Criteria) of the NERC Rules of Procedure. The proposed revisions help ensure that the votes of Independent System Operators (ISO) and Regional Transmission Organizations (RTO) are appropriately represented in Segment 2 of NERC’s Registered Ballot Body for voting on Reliability Standards by excluding non-ISO/RTO individuals or entities from joining Segment 2.
NERC Winter Reliability Assessment Finds Adequate Generation Resources - November 20 - NERC’s 2017-2018 Winter Reliability Assessment found adequate generation and transmission resources are in place to meet or exceed their Planning Reference Margin Levels for the upcoming winter season. Impacts from Hurricane Harvey and Hurricane Irma are not expected to threaten reliability for the winter period in Texas, Louisiana, and Florida. The report also found that despite progress made in addressing interdependence between natural gas and electric infrastructure, growing reliance on natural gas continues to raise reliability concerns.
NERC CEO Resigns and Charles Berardesco Named Acting CEO - November 20 - NERC’s Board of Trustees accepted the resignation of Gerry Cauley effective November 20. The Board of Trustees plans to engage a search firm to support recruitment of the next CEO. In the meantime, Charles Berardesco, who has served as the NERC’s senior vice president, general counsel and corporate secretary, will serve as acting CEO.
GridEx IV Focuses on Recovery from Cyber, Physical Security Events - November 15 - GridEx IV, which took place from November 15-16, is a biennial exercise designed to simulate a cyber/physical attack on electric and other infrastructure across North America. Coordinating during and recovering from a wide-scale cyber and physical attack was the focus of GridEx IV. Participants this year include security experts, senior leaders and CEOs from industry and government in the United States, Canada and Mexico. NERC acting CEO Charles Berardesco emphasized the importance of GridEx, stating, “GridEx is a vital part of the tools and training used by industry and government to stay ahead of potential cyber and physical security threats to the grid.”
NERC Conducts Assessment of Dependence on Natural Gas - November 14 – In an assessment titled “Potential Bulk Power System Impacts Due to Disruptions of the Natural Gas System,” NERC analyzed the potential reliability impacts from disruption of natural gas delivery. Among its many findings, the NERC found that natural gas facility disruptions can have varying impacts depending on geographical location and overall infrastructure dynamics and that natural gas supply sources have become more diversified, reducing the likelihood of natural gas infrastructure outages affecting electric generation. The report includes recommendations for planning coordinators to identify, evaluate, and plan for potential natural gas disruptions.
NERC Files Budget-to-Actual Variance for 3rd Quarter of 2017 - November 13 - In compliance with a FERC order dated January 16, 2013, the NERC submitted to FERC the unaudited report of NERC’s budget-to-actual variance information for the third quarter of 2017. In summary, NERC reports that it was 2.8% over budget in total funding due, in large part, to additional funding for new Cyber Risk Information Sharing Program member. On the other hand, NERC was 6.2% under budget in total expenditures.
NERC Board of Trustees Meeting 2017 - November 9 – At its quarterly meeting, the NERC Board of Trustees: (1) approved the 2018–2020 Reliability Standards Development Plan; the ERO Enterprise Long-Term Strategy; (2) approved the Compliance Monitoring and Enforcement Program technology project; (3) adopted Reliability Standard TPL-007-2 – Geomagnetic Disturbance Mitigation and (4) accepted the NERC’s Special Assessment: Potential Bulk Power System Impacts Due to Severe Disruptions on the Natural Gas System.
Cybersecurity
DHS Report Reveals Areas for Improvement in Cyber Threat Information Sharing - November 6 - A report issued by the Department of Homeland Security (“DHS”)’s Office of the Inspector General (“OIG”) concluded that, despite improvements in the process for sharing cyber threat information between the Federal government, substantial work remains. In a statement provided alongside the report, the OIG acknowledged progress made by DHS, but stated that “DHS still faces challenges to effectively share cyber threat information across Federal and private sector entities.” The report identifies where vulnerabilities within DHS’s system lie and recommends implementing required configuration settings and applying security patches in a timelier manner to improve areas of weakness.
Congress
NIST Cybersecurity Framework, Assessment, and Auditing Act of 2017 Placed on House Calendar - October 31 - The NIST Cybersecurity Framework, Assessment and Auditing Act of 2017 (H.R. 1224) is now eligible for floor consideration after being reported and amended by the House Committee on Science, Space, and Technology. First introduced by Representative Ralph Abraham (R-LA) on February 27, 2017, the bill would require the National Institutes of Standards and Technology (NIST) to provide guidance for agencies to incorporate the Framework for Improving Critical Infrastructure Cybersecurity into their information security risk management efforts.
Grid Cybersecurity Research and Development Act Introduced in House - October 25 - Representative Ami Bera (D-CA) introduced the Grid Cybersecurity Research and Development Act (H.R. 4120). The proposed legislation would, among other things, direct the Secretary of Energy and other Federal agencies to develop an electricity sector cybersecurity research, development, and demonstration program to identify cybersecurity risks, develop cybersecurity tools, assess new energy technology cybersecurity capabilities, and develop secure industrial control system protocols for the electric sector. The bill has been referred to the Subcommittee on Cybersecurity and Infrastructure Protection. This bill was first introduced in a previous Congress in 2016.