Grid Security Now!

Grid Security Now!

Michael Mabee – Author of The Civil Defense Book

Menu
  • Home
  • Library
    • Grid Security Library
      • Government Documents on Grid Security
      • OE-417 Electric Disturbance Events Database
      • CIP Violation Database
      • Grid Protection Posts
      • Video (EMP and Grid Security)
      • What is the Electric Grid and How is it Regulated?
    • Civil Defense Library
      • The cavalry is not coming
      • Civil Defense Posts
      • Video (Preparedness)
      • Civil Defense Checklists
  • Fund The Fight!
  • Take Action!
  • About Me
    • About Michael
    • My Book
    • Michael in the Press
    • Subscribe to Mike’s Blog
    • Interviews
    • My Friends
    • Contact Me
Menu

Electric Industry Wants to Defer Implementation of Cybersecurity

Posted on April 10, 2020April 11, 2020 by Michael Mabee
Share the knowledge...Tweet about this on Twitter
Twitter
Share on Facebook
Facebook
Share on LinkedIn
Linkedin
Pin on Pinterest
Pinterest
Share on Reddit
Reddit
Email this to someone
email
Print this page
Print

CLICK HERE for PDF copy

Protest Defer Implementation

Protest and Comments of Michael Mabee

Submitted to FERC on April 10, 2020

I am a private citizen who conducts public interest research on the security of the electric grid. I have also previously filed comments in one of the impacted dockets.

Protest of the Commission’s April 6, 2020 “Notice Shortening Answer Period”

On April 6, 2020, the North American Electric Reliability Corporation (NERC) filed a motion to delay the implementation of several Reliability Standards, including Critical Infrastructure Protection (CIP) standards, because of the current COVID-19 pandemic. This motion has a “First Received Date” of “4/6/2020 2:04:58 PM” and a “Posted Date” of “4/6/2020 4:47:33 PM” according to the Commission’s public records.[1]

Minutes after NERC’s motion was posted to the Commission’s public website (April 6, 2020 at 5:26 p.m.[2]), the Commission issued a notice that “that the date for filing answers to NERC’s motion is shortened to and including April 9, 2020.” This effectively gave the public three days to file comments and did not even include a weekend. Unlike the electric industry with their full-time attorneys and lobbyists, some of the public have “day jobs” and families. It is in the public interest to allow a reasonable amount of time for public comment in matters as important as the implementation of reliability standards.

I respectfully point out that three days is an unreasonably short time period and respectfully request that my comments be accepted and considered. I also would recommend that the time period on this matter be further extended to allow for further public comment.

Comments

For the reasons set forth below, the Commission should deny NERC’s Motion to Defer Implementation of Reliability Standards.

  1. A pandemic was NOT unexpected and the industry should have been prepared. Therefore, a delay in implementation of standards is not appropriate.

The U.S. government, NERC and the electric industry have been aware of the threat of a pandemic for years and this current pandemic should not have taken NERC or the electric industry by surprise.

In 2006 NERC (then the North American Electric Reliability Council) published their “Electricity Sector Influenza Pandemic Planning, Preparation, and Response Reference Guide.”[3] In fact, NERC still referred to this 2006 document in their 2015 revision of their “Security Guideline for the Electricity Sector: Continuity of Business Processes and Operations Operational Functions.”[4]

Also, in 2006 the Department of Homeland Security (DHS) published: “Pandemic Influenza Preparedness, Response, and Recovery Guide for Critical Infrastructure and Key Resources.”[5] The report cautioned:

Public health experts warn pandemic influenza poses a significant risk to the United States and the world—only its timing, severity, and exact strain remain uncertain. International, Federal, State, local, and tribal government agencies are diligently planning for the public health response to this potential pandemic. The disease could be severe and could affect our critical infrastructure and our nation’s economic and social security. It is important that you take action.

In 2007, there was an industry conference on pandemic planning in New York City: “Advanced Pandemic Planning for the Energy Sector.”[6] Clearly the industry has had pandemic planning on the radar for over a decade.

The Department of Energy (DOE) has long considered pandemic to be a threat to the electric grid. In fact, NERC joined DOE on June of 2010 in publishing a report “High-Impact, Low-Frequency Event Risk to the North American Bulk Power System.”[7] The report noted:

Today, targeted action is required to define clear roles for the public and private sectors in ensuring appropriate protections are in place to deal with the effects of a pandemic disease or geomagnetic disturbance.

In December of 2015 the Department of Energy’s. Pacific Northwest National Laboratory published a report: “Framework for Modeling High-Impact, Low-Frequency Power Grid Events to Support Risk-Informed Decisions.”[8] The report noted:

For instance, hazards associated with pandemics require a characterization of stressors and vulnerabilities that appropriately reflect the potential impact of loss of human resources to control and maintain grid and infrastructure assets. In this sense, the current framework goes beyond establishment of the basis for developing risk models to identifying methodology development needs.

Finally, in November 2019 (literally one month before the current virus became known) the Department of Homeland Security’s publication: “A Guide to Critical Infrastructure Security and Resilience,” still listed pandemic as a threat to the critical infrastructure.[9]

The current COVID-19 pandemic is an event long predicted and pandemic plans should long have been in place to ensure the reliability of the electric grid. Therefore, it is unreasonable to fail to implement long anticipated protections to the grid in the reliability standards which are the subject of NERC’s current motion.

  1. The Industry purports that they are prepared – and tells this to the public.

In February 2020, the Edison Electric Institute (EEI), whose members include state-owned corporations from the Communist regime of of the People’s Republic of China,[10] published a report: “Electric Companies & Pandemic Planning What You Should Know.”[11] The report tells the public:

The business continuity and pandemic plans developed by electric companies are designed to protect the people working for them and to ensure energy operations and infrastructure are supported properly. These measures help to guarantee that companies can continue to provide safe and reliable electricity throughout an emergency.

Therefore, EEI – the trade group representing all U.S. investor-owned electric companies – tells us that the companies were prepared for this pandemic.

On March 19, 2020 the Los Angeles Times published an article: “How power companies are keeping your lights on during the pandemic.”[12] The article notes:

The American power grid has been described as the world’s biggest machine — and the people who run that machine say they’re prepared to keep the lights on as the COVID-19 pandemic spreads.

The article quotes several industry officials:

“Say what you will about the utility industry — they’re pretty good about contingency planning,” said Stephen Berberich, president of the California Independent System Operator, which manages the electric grid for most of the state. “Things are changing quickly, and we’re doing our best to adapt to changing conditions. But I have every confidence in our people and our technology.”

And,

The power sector started developing more detailed pandemic plans over a decade ago, in the wake of SARS and other contagious disease outbreaks, said Scott Aaronson, vice president of security and preparedness for the Edison Electric Institute, a utility trade group. Now, electricity providers are implementing those plans, and participating in twice-weekly phone conferences with federal officials at the Department of Energy, the Department of Homeland Security and other agencies.

 “By planning for a lot of different worst-case scenarios and a lot of potential contingencies, I have confidence that the sector will be prepared to respond no matter how this evolves,” Aaronson said.

The industry is telling the public that they have been prepared for a pandemic. Therefore, it is unreasonable to fail to implement long anticipated protections to the grid in the reliability standards which are the subject of NERC’s current motion.

  1. The pandemic has made the U.S. more vulnerable to the impact of physical and cyberattacks on the grid and, therefore, implementing the CIP standards at the earliest possible opportunity is more critical than ever.

I would finally note that a coordinated cyberattack or physical attack during a pandemic is a threat to the national security of the United States. Now is not the time to defer protections to the electric grid that the industry has had ample time to prepare for – because of a pandemic that the industry is telling the public they are prepared for.

Granting NERC’s motion places the U.S. in further danger and is not in the public interest.

Recommendation

For the reasons set forth above, the Commission should deny NERC’s Motion to Defer Implementation of Reliability Standards.

If the Commission believes it must grant the requested relief, then this is evidence that the industry was not adequately prepared for a pandemic. Therefore, if granting the requested relief, the Commission should also direct NERC to develop a CIP standard for pandemic and biological hazard preparedness.

Respectfully submitted,

 

Michael Mabee

CLICK HERE for PDF copy


Footnotes:

[1] See “Document Information” at https://elibrary.ferc.gov/idmws/doc_info.asp?document_id=14849348

[2] See “Document Information” at https://elibrary.ferc.gov/idmws/doc_info.asp?document_id=14849369

[3] Available at: https://www.nerc.com/comm/CIPC_Security_Guidelines_DL/NAERC200701.pdf

[4] Available at: https://www.nerc.com/comm/CIPC_Security_Guidelines_DL/WTRMRK-Continuity_Business_Operational_Functions-Retired.pdf

[5] Available at: https://www.dhs.gov/sites/default/files/publications/cikrpandemicinfluenzaguide.pdf

[6] See: https://www.mcguirewoods.com/news-resources/publications/Roche-Energy-White-Paper.pdf

[7] Available at: http://bit.ly/2O3Tlns

[8] Available at: http://bit.ly/2T0XEnV

[9] Available at: https://www.cisa.gov/publication/guide-critical-infrastructure-security-and-resilience

[10] See report: https://michaelmabee.info/edison-electric-institute-china/
Also see EEI’s February 2020 member list at: https://www.eei.org/about/members/uselectriccompanies/Documents/memberlist_print.pdf

[11] Available at: https://www.eei.org/issuesandpolicy/Documents/Electric%20Companies%20and%20Pandemics%20-%20What%20You%20Should%20Know.pdf

[12] Available at: https://www.latimes.com/environment/story/2020-03-19/how-power-companies-are-keeping-your-lights-on-during-the-pandemic




 

Share the knowledge...Tweet about this on Twitter
Twitter
Share on Facebook
Facebook
Share on LinkedIn
Linkedin
Pin on Pinterest
Pinterest
Share on Reddit
Reddit
Email this to someone
email
Print this page
Print

News

  • COVERUP UPDATE: CIP Violation Database and FOIAs
  • Federal Complaint Filed on Texas Grid Collapse
  • We Are Plugged In To Life Support
  • Texas Blackout: The Unacceptable Outcome of a Foreseeable Event
  • Chinese Transformers in the Electric Grid: Lights Out For NYC?
  • Message to Governor Jennifer Granholm and the Department of Energy
  • Chinese Transformers in the Electric Grid
  • The U.S. Has 300 Chinese Large Power Transformers
  • Senator Murkowski Questions Cybersecurity Order Suspension
  • Grid Supply Chain Cybersecurity Order “Suspended”
  • A Billion Reasons We Do Not Have Grid Security
  • Money Talks, Grid Security Walks
  • Critical Infrastructure Attacks Expose Regulatory Failures
  • Lawsuit: The Federal Government Must Secure The Grid
  • Securing America with Frank Gaffney: Threats to the Electric Grid
  • FERC: Who Will Be Responsible For All The Deaths If The Grid Goes Down?
  • Federal Energy Regulatory Commission Lays Down On The Job!
  • EMP Progress Report – A National Disgrace
  • EMP Ignorance Is Bliss – Dr. Peter Vincent Pry
  • China: EMP Threat – A New Report by Dr. Peter Pry
  • FERC Denies Grid Physical Security Complaint, BUT…
  • Secure the Grid Coalition Opposes Senate Bill S.3688
  • Electric Industry Lobbyist’s China Ties Questioned
  • Supply Chain Cybersecurity Complaint Filed with FERC
  • Executive Order 13920: Securing the United States Bulk-Power System
  • Electric Industry Wants to Defer Implementation of Cybersecurity
  • Electric Sector Protests Effective Grid Physical Security
  • Emergency Preparedness: Souhegan and Derry CERT
  • Coronavirus: Don’t Panic, Prepare!
  • New Hampshire Rep. David Testerman on Grid Physical Security

Fund The Fight!


Subjects

Search Website

Subscribe for Updates!

Follow me on Twitter

Tweets by CivilDefenseBK

Click To Get Prepared!

The Civil Defense Book: Emergency Preparedness for a Rural or Suburban Community
The Civil Defense Book Get it now!

Subscribe for updates

Follow Me On Facebook

The Civil Defense Book

2 days ago

The Civil Defense Book
Charles Coolidge, Medal of Honor Recipient Who Fought Boldly in WWII, Dead at 99www.military.com/daily-news/2021/04/08/charles-coolidge-medal-of-honor-recipient-who-fought-boldl... ...

Charles Coolidge, Medal of Honor Recipient Who Fought Boldly in WWII, Dead at 99

www.military.com

Charles Coolidge, one of the nation's most storied World War II veterans and a Medal of Honor recipient, has died at the age of 99.
View on Facebook
· Share

Share on Facebook Share on Twitter Share on Linked In Share by Email

The Civil Defense Book

2 days ago

The Civil Defense Book
Belgorod nuclear submarine carrier with Poseidon nuke drones to serve in Pacific — sourcetass.com/defense/1274461 ...

Belgorod nuclear submarine carrier with Poseidon nuke drones to serve in Pacific — source

tass.com

The sub will be able to perform missions in any location of the World Ocean, according to the top brass
View on Facebook
· Share

Share on Facebook Share on Twitter Share on Linked In Share by Email

Fund The fight!


©2021 Grid Security Now! | Theme by SuperbThemes