On May 1, 2020, the White House ratcheted up cybersecurity protection for the nation’s power grid by empowering the Secretary of Energy to prohibit the sale of certain foreign-made equipment for use in the US bulk power system. The executive order could disrupt equipment procurement and supply chains for US electric utilities and generation owners and may eventually result in rules requiring installed non-complying equipment to be replaced.
As such, the executive order may create commercial opportunities for power system equipment manufacturers in the United States and friendly countries who have recently struggled against competition from China.
The executive order specifically targets the equipment used in electric system control centers, as well as reactors, capacitors, turbine controls, protective relays, voltage regulators, transformers, automatic circuit reclosers and safety instrumentation systems (among other items) used throughout the bulk power system.
The executive order allows the Secretary of Energy to prohibit the “acquisition, importation, transfer or installation” of bulk-power equipment which is “designed, developed, manufactured or supplied” by any person who is “subject to the jurisdiction of a foreign adversary.” The secretary may prohibit the use or trading in the equipment if it is found to “pose an undue risk of sabotage or subversion” of the US bulk power system.
By September 28, 2020, the Secretary of Energy must issue regulations to identify the adversary nations against whom the prohibitions apply. The regulations may also identify the specific manufacturers subject to an adversary’s control, and specific equipment and transactions that are outlawed. The regulations may also white-list particular vendors and equipment and establish licensing processes for otherwise prohibited transactions. These regulations are to be issued in consolation or collaboration with OMB, Defense, Homeland Security and Intelligence. Though not named, it is generally understood that China and Russia are principal targets of the executive order.
The executive order also empowers the Secretary of Energy to identify installed bulk power equipment that poses a cybersecurity risk and develop recommendations on how to “identify, isolate, monitor or replace” such equipment.
The executive order does not outline how or if utilities or others will be compensated for isolating or replacing “compromised” components.The new executive order injects major uncertainty into procurements of bulk power equipment that may be subject to the forthcoming rules and regulations. Unfortunately, there is not likely to be any mechanism for obtaining rulings or exemptions from the new regulations until they are issued. Both buyers and vendors, as well as contractors scoping and pricing bulk power projects, should proceed with great care and include provisions in their contracts expressly dealing with the risks posed by these forthcoming regulations. The terms on which existing bulk power equipment may need to be replaced or isolated in the future are unknown but will be of great concern to generators and transmission or bulk power system operators and should be monitored closely. The applicable contracts should be carefully reviewed for potential rights or consequences in light of these potentialities.