NOTE: The Deadline for comments is 2/26/2018
Citizens can help secure the grid
It is easy to feel helpless down at our level (and by “down at our level” I mean citizens). The electric grid is vulnerable to numerous threats and we know (because the Senate told us) that if the grid was to go down for a long period of time, millions of U.S. citizens could die. But what can we, regular citizens, do to secure the grid?
Here’s what we can do: The Federal Energy Regulatory Commission (FERC) is considering a new regulation on cyber security. The electric power industry is fighting it. Before FERC decides what to do, they are required by law (the Administrative Procedures Act) to seek and consider public comments.
What you can do is submit a comment to FERC urging them “to issue an order to direct the North American Electric Reliability Corporation (NERC), to develop and submit modifications to the NERC Reliability Standards to improve mandatory reporting of Cyber Security Incidents, including incidents that might facilitate subsequent efforts to harm the reliable operation of the bulk electric system.” The deadline for comments is February 26, 2018.
If you are familiar with federal rulemaking and submitting comments on proposed rules, click here for the Notice of Proposed Rulemaking (NOPR) and have-at-it.
For those who are unfamiliar with the electric grid and it’s regulatory scheme and need a short primer, here is a little background.
What is the grid?
The bulk power system – or “the grid” – is not really one thing. The grid is actually thousands of companies, both public and private sector, that operate in an interconnected system to facilitate the generation, transmission and distribution of electrical power. The grid is made up of power generation – such as power plants, wind turbines and solar farms, high voltage transmission lines that span long distances across the country and local distribution lines which bring the power from the street to your house.
This interconnected (and vulnerable) patchwork is what allows the United States to support her human population. Everything that enables 325 million people in the country to survive is wholly reliant on the grid. All of our critical infrastructures – food, water, fuel, transportation and medical systems are all 100% dependent on the grid.
How is the grid regulated?
The grid is self-regulated (similarly to Wall Street). The federal government under current law can’t tell “the grid” what to do. The North American Electric Reliability Corporation (NERC) is a not-for-profit corporation. It acts as the self-regulatory organization “whose mission is to assure the reliability of the bulk power system (BPS) in North America.” The Federal Energy Regulatory Commission (FERC) is an independent federal agency that regulates the interstate transmission of electricity, natural gas, and oil. FERC’s specific authority over the electric grid is to “oversee the reliability of the bulk power system.” The regulatory scheme of the grid between NERC and FERC is mind-numbingly complex. (Just the way most industries prefer their relationship with the federal government to be.)
The Energy Policy Act of 2005 added Section 215 to the Federal Power Act. This gave FERC the authority to certify an organization as an “Electric Reliability Organization” (ERO) which would develop reliability standards for the industry, subject to FERC’s approval. Yes, you read that right – the industry writes its own reliability standards.
On July 20, 2006, FERC certified NERC as the ERO. Other entities objected and administrative appeals and litigation ensued. Section 215 does give FERC the authority to “upon its own motion or upon complaint, may order the Electric Reliability Organization to submit to the Commission a proposed reliability standard or a modification to a reliability standard that addresses a specific matter if the Commission considers such a new or modified reliability standard appropriate to carry out this section.” In English, FERC can order NERC to develop a particular standard and submit it for FERC’s review and approval, but this again is very time consuming.
Thus, FERC (the government) can’t easily tell NERC (the industry) what to do. But the need to secure the grid and the dependent critical infrastructures is a national security issue – an issue of survival for families and the country. It gets worse.
There is no federal law that says that the grid has to protect itself from hazards and threats. In fact, as previously noted, “itself” is thousands of separate companies that regulate themselves through NERC. Our very survival is dependent on the industry’s willingness to do the right thing. They are not required to do the right thing. The industry will occasionally do the minimum that they feel they have to do to avoid the government getting off its slow and lumbering buttocks and doing something drastic to protect the grid – and the United States – from catastrophe.
But is the minimum enough to protect your family and the security of the United States?
Many of us in the Secure The Grid Coalition believe that it is not. It is time for the federal government (FERC) to step up and insure that we secure the grid from threats such as EMP, GMD, cyber-attacks, extreme weather and errant tree branches.
What is rulemaking?
Federal agencies are required by law to follow procedures when implementing or changing regulations. One requirement is the agency must allow public comments and must consider the comments they received. Also, interested persons can petition a federal agency to start the rulemaking process on an issue.
This is exactly what happened here. The Foundation for Resilient Societies petitioned FERC on January 13, 2017 to institute rulemaking because the U.S. electric grid is vulnerable to cyber threats and the current regulations did not adequately address the threats. This petition was met with instant opposition from the electric industry. Not surprising.
A call to action to secure the grid
The Foundation for Resilient Societies is standing up for you and your family. We need to all step up and back The Foundation for Resilient Societies’ petition. We need to send in comments requesting that FERC secure the grid by making NERC accountable for robust cyber security standards. And we need to do this by February 26, 2018.
You can file a comment online (click here). You have to register first to file online. You can also mail comments to FERC at this address – make sure to mention in the letter that you are responding to Docket Number RM18–2–000. Mail your comments to:
Federal Energy Regulatory Commission
Secretary of the Commission
888 First Street NE
Washington, DC 20426
- FERC Notice of proposed rulemaking December 28, 2017: https://www.gpo.gov/fdsys/pkg/FR-2017-12-28/pdf/2017-28083.pdf
- Foundation for Resilient Societies petition for rulemaking January 13, 2017: https://www.resilientsocieties.org/uploads/5/4/0/0/54008795/resilient_societies_petition_for_rulemaking_ad17-9.pdf
- Foundation for Resilient Societies past filings with the Federal Energy Regulatory Commission (FERC): https://www.resilientsocieties.org/federal-energy-regulatory-commission.html
- FERC Docket Number Search: https://elibrary.ferc.gov/IDMWS/docket_search.asp (type in RM18-2)