NERC

GridEx: Is This Exercise Enough to Protect Critical Infrastructures?

GridEx bottom line upfront

GridEx is a biennial exercise run by North American Electric Reliability Corporation (NERC). The latest iteration, GridEx IV, was held on November 15-16, 2017. Most Americans have never heard of GridEx and didn’t even know it was taking place. If fact, most people don’t really have a clear understanding of what “the grid” is and what role NERC (a private not-for-profit corporation) and the federal government play in regulating the grid.

Bottom line up front:

  • GridEx is a voluntary exercise designed to test the grid’s response to large-scale power outages.
  • GridEx lacks transparency – very little public information is available. NERC says: “Due to the sensitive nature of the scenario discussion, this exercise program is not open to the general public or the media. A public report will be available after the exercise concludes.”
  • GridEx is held for two days every two years.
  • Very limited overview reports are available to the public for the last three GridEx exercises. They don’t say much.

GridEx is too little, not often enough and with little transparency. While any exercise involving testing the bulk power system’s capabilities, resilience and response is admirable and seemingly useful, it seems to me that GridEx is the minimum necessary for the bulk power industry to avoid having the federal government step in – which no industry wants.

But is GridEx sufficient to protect the United States from the catastrophic, existential threats to the power grid? Unfortunately, the answer is no.

What is the grid?

NERC GridEx

The bulk power system – or “the grid” – is not really one thing. The grid is actually thousands of companies, both public and private sector, that operate in an interconnected system to facilitate the generation, transmission and distribution of electrical power. The grid is made up of power generation – such as power plants, wind turbines and solar farms, high voltage transmission lines that span long distances across the country and local distribution lines which bring the power from the street to your house.

This interconnected (and vulnerable) patchwork is what allows the United States to support her human population. Everything that enables 325 million people in the country to survive is wholly reliant on the grid. All of our critical infrastructures – food, water, fuel, transportation and medical systems are all 100% dependent on the grid.

How is the grid regulated?

GridEx FERCThe grid is self-regulated (similarly to Wall Street). The federal government under current law can’t tell “the grid” what to do. The North American Electric Reliability Corporation (NERC) is a not-for-profit corporation. It acts as the self-regulatory organization “whose mission is to assure the reliability of the bulk power system (BPS) in North America.” The Federal Energy Regulatory Commission (FERC) is an independent federal agency that regulates the interstate transmission of electricity, natural gas, and oil. FERC’s specific authority over the electric grid is to “oversee the reliability of the bulk power system.” The regulatory scheme of the grid between NERC and FERC is mind-numbingly complex. (Just the way most industries prefer their relationship with the federal government to be.)

The Energy Policy Act of 2005 added Section 215 to the Federal Power Act. This gave FERC the authority to certify an organization as an “Electric Reliability Organization” (ERO) which would develop reliability standards for the industry, subject to FERC’s approval. Yes, you read that right – the industry writes its own reliability standards.

On July 20, 2006, FERC certified NERC as the ERO. Other entities objected and administrative appeals and litigation ensued. Section 215 does give FERC the authority to “upon its own motion or upon complaint, may order the Electric Reliability Organization to submit to the Commission a proposed reliability standard or a modification to a reliability standard that addresses a specific matter if the Commission considers such a new or modified reliability standard appropriate to carry out this section.” In English, FERC can order NERC to develop a particular standard and submit it for FERC’s review and approval, but this again is very time consuming.

Thus, FERC (the government) can’t easily tell NERC (the industry) what to do: There is a convoluted and time consuming rule making process involved. Before FERC can order NERC to take any action, they have to issue a proposed rule, solicit and consider any public comments (including those of the regulated entities and their representatives) and then issue a final rule (which is subject to industry lawsuit). This can take an incredibly long time. In terms of “sausage making” this rule making process is no way to get anything done quickly. A final rule can literally take years to issue. In some contexts, perhaps this regulatory scheme makes sense, but the protection of the grid and the dependent critical infrastructures is a national security issue – an issue of survival for families and the country. But it gets worse.

There is no federal law that says that the grid has to protect itself from hazards and threats. In fact, as previously noted, “itself” is thousands of separate companies that regulate themselves through NERC. Our very survival is dependent on the industry’s willingness to do the right thing. They are not required to do the right thing. This is why, in my estimation, GridEx is the bare minimum that the industry felt they had to do to avoid the government getting off its slow and lumbering buttocks and doing something drastic to protect the grid – and the United States – from catastrophe.

GridEx is not sufficient to protect the United States from Catastrophe

The only thing standing between America and catastrophe are thousands of moving parts, a self-regulatory organization (NERC) and a regulator (FERC) with little actual power to protect us. Moreover, as we saw from the Great Northeast Blackout of 2003, a weakness in one of these thousands of moving parts can have cataclysmic consequences for the whole. In 2003, untrimmed foliage in Ohio started a chain of failures which resulted in a blackout for over 50 million people in the U.S. and Canada.

So, with the United States facing increasing threats from cyberattack, terrorism, electromagnetic pulse (EMP), geomagnetic disturbance (GMD) as well as the traditional threats to the grid, is a biennial (once every two years) two-day voluntary exercise enough? In the last GridEx (2015), only “364 organizations across North America participated in GridEx III, including industry, law enforcement, and government agencies.” 364 organizations out of thousands voluntarily participated.

The public reports from the three past GridEx exercises are not confidence inspiring. They lack detail about how the exercises were conducted. They are all spun to make each exercise seemingly a “success.” All objectives were met. Perhaps they were, but there is not enough detail to really assess how effective these exercises actually were. If you want to decide for yourself, here are the public reports.

In order for GridEx to be more meaningful, here is what should happen.

  • GridEx participation should be mandatory – this is an issue of national security.
  • GridEx should be held annually.
  • “Lessons Learned” should be turned to action items for NERC, FERC and DHS.
  • More information should be available to the public and press – In the GridEx III report, it actually said that they constructed the exercise reporting to thwart Freedom of Information Act requests!
  • The Department of Homeland Security should use this opportunity to implement the provision of the National Defense Authorization Act for FY 2017 that requires DHS to “include in national planning frameworks the threat of an EMP or GMD event.”
  • Congress should insist that the results of future GridEx events be reported to the House and Senate Homeland Security Committees.
  • Finally, local emergency management organizations across the country need to participate.

In sum, I am not against GridEx by any stretch of the imagination. I just think in its present form, GridEx is a paper tiger. And we live in a real jungle.

Share the knowledge...Tweet about this on TwitterShare on FacebookShare on LinkedInPin on PinterestShare on Google+Email this to someone

Civil Defense: Why We Need a Congressional Resolution

Civil Defense: Why We Need It

Here are two undisputed facts:

  1. FACT: The electric grid is extremely vulnerable to a variety of natural and man-made threats.
  2. FACT: A long-term loss of the electric grid would be catastrophic for the U.S.

The Civil Defense Book. Prepping for a Suburban or Rural Community: Building a Civil Defense Plan for a Long-Term CatastropheEverything depends on the electric grid. Food, water, fuel, sanitation, medical services, the economy and everything else that enables the United States to support its population of 314 million people. Without the grid, supporting this population would be impossible.  Any large scale power outage for any significant length of time (several weeks or more) would put millions of Americans at risk. In a long term national power outage, millions of Americans would die. We would die of starvation, disease and societal collapse. A danger of this magnitude threatens the security of the United States.

It is a fact that a long term power outage is possible – and the results of such an outage are predicable.  So there is a third fact to add to our list:

  1. FACT: The electric grid is extremely vulnerable to a variety of natural and man-made threats.
  2. FACT: A long-term loss of the electric grid would be catastrophic for the U.S.
  3. FACT: A danger of this magnitude is a national security concern.

If you are at all skeptical, I encourage you to do your own research. Congress certainly has. There are reams of federal reports and congressional hearings that discuss the threats to the grid and the ramifications of a long-term power outage (click here for a comprehensive list of these documents). 

I have not heard (nor can I imagine) any serious debate about the above three facts.

Despite the heroic efforts of a bi-partisan group in Congress, the U.S. has failed to pass any legislation to protect the electric grid since these vulnerabilities and dangers first started to come to light 15 years ago. There have been many bills introduced – all have failed so far. How is this possible? Well, let’s remember what “the grid” is. There are over 3000 electricity providers in the United States. And these companies and utilities make political contributions. As Judge Jeanine of Fox News recently reported:

There is one bill that can help us prevent this catastrophe and remedy our vulnerability. And make no mistake – it can be remedied.

And one person holds the keys to the kingdom. Congressman Fred Upton from Michigan is the chair of the House Energy Committee where these kind of laws are funneled. Bills that can protect us are bottled up in his committee.

Curiously though, almost 60 percent of Congressman Upton’s campaign contributions are from electric utilities, lobbyists, and oil and gas investors.

Of course the companies that comprise the electric grid don’t want government regulation.  They claim that the industry does not need congress to be involved – in other words they’ve got it (move along, there is nothing to see here.) For example, see this interview by the Wall Street Journal of Nick Akins, CEO of American Electric Power:  

So, the utility companies do not see the need for the government to get involved. But somehow, we are still vulnerable. They have failed to take action themselves to harden the grid from known threats. “Self-regulation” by the industry has failed here.

Moreover, many politicians receive generous campaign contributions from these companies. Draw whatever inference you will, but the end result is that Congress has been unsuccessful for years in enacting legislation to protect the electric grid – and the American people.

So let’s review what we know.

  1. FACT: The electric grid is extremely vulnerable to a variety of natural and man-made threats.
  2. FACT: A long-term loss of the electric grid would be catastrophic for the U.S.
  3. FACT: A danger of this magnitude is a national security concern.
  4. FACT: The companies that comprise the electric grid do not wish to be regulated.
  5. FACT: The companies that comprise the electric grid make substantial campaign contributions.
  6. FACT: Self-regulation by the industry has failed to address the vulnerabilities of the electric grid.
  7. FACT: Congress has not passed legislation to protect the grid.

Some in Congress get it

We still have some heroes in Congress such as Trent Franks (R-AZ), Yvette Clarke (D-NY) and the other members of the bi-partisan Congressional Electromagnetic Pulse (EMP) Caucus who have introduced the SHIELD Act and CIPA in the House. There are also Rep. Henry Waxman (D-CA) and Sen. Edward Markey (D-MA) who reintroduced the GRID Act into the House and Senate.

There are presently four bills pending in congress this session – three in the house and one in the Senate: 

Two of these bills would actually attempt to harden the grid from the known threats (the SHIELD Act and the GRID Act). One bill would simply include the threat of EMP (electromagnetic pulse) events in national planning scenarios (CIPA).

There are two possible outcomes:

  1. Congress will pass one or more of these bills (unlikely, in my view)
  2. Congress will again fail to pass any legislation (likely, in my view)

Even if legislation is passed this session, it would take years to actually harden the grid and actually be prepared on a national level for a long term power outage. The president’s ink on the bottom of the bill turning it into law does not immediately harden the grid. It could take years for regulations to be written, implemented and concrete results to take place. Remember, the utilities do not want to be regulated and will work vehemently to delay and soften any regulations that may come in the future from a new law. They are well organized. The same apparatus that opposed legislation for years will continue to resist. We can rest assured that the North American Electric Reliability Corporation (NERC), as the mouth piece of the electric industry, will work tirelessly to oppose, delay and soften regulations.

And that is the best case scenario! While we badly need this legislation in the interest of national security, it will not be an instant fix.

On the other hand, there is a strong possibility that legislation will not pass and America (and all of us) will remain at substantial risk to natural and man-made threats to the electric grid – threats that literally could kill us by the thousands and millions.

Does anybody think that the electric company is going to take care of you and your family if the grid gets taken down long term? Since the federal and state governments do not even drill for such a scenario (the purpose of the CIPA Act), we are unprepared as a nation to deal with a catastrophe of this magnitude.

Civil Defense: Why We Need a Congressional ResolutionThe fatal flaw in our emergency management system is that it depends on the ability to bring in outside resources if the scope of the emergency overwhelms the local capabilities. The problem is, in a national scale emergency where a large part of the country is in trouble at the same time, where are the resources going to come from? Who’s going to deliver them?  

This means that if the grid goes down for a long period of time, federal and state aid will not be coming any time soon to the tens of thousands of cities and towns across America. FEMA does not have a plan, or the capability, to helicopter in MREs, fuel, medicine and water to over 30,000 towns and cities (or even a fraction of that number).

Survival will be a local issue. The cavalry will not be coming.

So let’s add two final facts to our list:

  1. FACT: The electric grid is extremely vulnerable to a variety of natural and man-made threats.
  2. FACT: A long-term loss of the electric grid would be catastrophic for the U.S.
  3. FACT: A danger of this magnitude is a national security concern.
  4. FACT: The companies that comprise the electric grid do not wish to be regulated.
  5. FACT: The companies that comprise the electric grid make substantial campaign contributions.
  6. FACT: Self-regulation by the industry has failed to address the vulnerabilities of the electric grid.
  7. FACT: Congress has not passed legislation to protect the grid.
  8. FACT: The federal and state governments are unprepared for a national scale loss of the electric grid.
  9. FACT: In a national scale power outage, local governments (towns and cities) will be on their own for a long period of time.

This brings me to what I really want to say. We need legislation to protect the grid, but we also need our communities to be prepared, self-reliant and resilient.

We need a civil defense resolution from Congress

Perhaps my all-time favorite piece of failed legislation is House Resolution 762 (112th Congress).   It was one of the major inspirations for my book and I’ve written about it here on my website.

Communities need to be aware of the threat (which most are not) and work to be prepared and resilient. I would venture to guess that very few – if any – communities in the United States are prepared for a long term loss of our critical infrastructures.

A House Resolution that encourages communities to have a civil defense plan and to prepare for a worst case scenario is critical to those of us at the grass roots level who are trying to accomplish this. Presently, Emergency Managers across the country believe that outside resources will always be available to help “the disaster area.” Since we have never had a national-scale catastrophe, such as a long-term loss of the electric grid, nobody is planning for it. Nobody is prepared for it. Nobody is even thinking about it. The very strength of our present emergency management system is also a critical weakness: It only works when there are outside resources to call in. (I wrote about this here.

We need a civil defense Congressional Resolution to get the attention of our local governments and local emergency managers that a national scale catastrophe is a realistic scenario and it is the local communities that will be holding the bag if the grid goes down long term. (They really need to think about putting some long term preparedness and resilience in that bag.)

Note to Mr. Franks, Ms. Clarke and the House EMP Caucus:

Reintroducing and passing a resolution like the 112th Congress’ H. Res 762 is critical: While it won’t harden the grid, it will harden the country. Moreover, as communities start to think about how they can prepare for a long-term catastrophe, there is sure to be an outcry to Congress and the federal government to protect the grid so this never happens to begin with.

But if somehow it does happen, we need our communities to be prepared if America is to survive.

Civil Defense: Why We Need a Congressional Resolution

Yvette Clarke (D-NY)

Civil Defense: Why We Need a Congressional Resolution

Rep. Trent Franks (R-AZ)

Share the knowledge...Tweet about this on TwitterShare on FacebookShare on LinkedInPin on PinterestShare on Google+Email this to someone

VIDEO: American Blackout: Did GridEx II Protect Against It or Ensure It?

Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens? Published on Oct 28, 2013 by the Center for Security Policy (SecureFreedom on YouTube) (Time: 18:59)

Video Description from SecureFreedom:

On October 27th, 2013, National Geographic aired a docu-drama entitled “American Blackout.” It simulated what would happen to our country, its economy and its people if a cyber attack shut down the nation’s electric power distribution system known as “the grid.”

As the movie makes clear, in just 10 days, hundreds of thousands lost their lives, vast destruction of property occurred and societal breakdown was underway.

Is such an horrific scenario a real possibility? Could the grid, in fact, be taken down in other ways that would deny the nation electrical power for far longer than 10 days? If so, what would be the consequences?

Several members of the EMP Coalition and other experts speak on this video including:

Andrea Boland
Clare Lopez
Frank Gaffney
Michael Del Rosso
Robert Newman (Major General, Ret.)
Dr. Peter Vincent Pry
Representative Trent Franks

Rep. Trent Franks Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Rep. Trent Franks (R-AZ)

Dr. Peter Vincent Pry Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Dr. Peter Vincent Pry

Rober Newman - Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Robert Newman

Michael Del RossoReal American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Michael Del Rosso

Frank Gaffney - Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Frank Gaffney

Clare Lopez, Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Andrea Boland - Real American Blackout: Will GridEx II Protect Against It or Ensure It Happens?

Andrea Boland

Share the knowledge...Tweet about this on TwitterShare on FacebookShare on LinkedInPin on PinterestShare on Google+Email this to someone