Power system operators across the country have told federal regulators the time for talks is over to ash the grid for clean energy transformation and the threats of devastating weather and cyber attacks.
“I feel like I’m on the railroad tracks at the end of the tunnel, and the light is getting brighter and brighter,” said Peter Brandien, an official from ISO New England, at a conference yesterday. on the future of the electricity grid at the Federal Energy Regulatory Commission.
FERC must order U.S. grid operators to explain the risks they face as a result of extreme weather conditions, the shift to variable wind and solar power, and hacking threats – and detail what they are doing at about this, said Brandien, vice president of the New England network operator. for the operation of the systems and the administration of the market.
“The time to speak is over and we need to empower people to do so,” he said.
Former FERC President Cheryl LaFleur, another speaker at the session who is currently a member of the ISO New England board, urged the commission to move forward with a policy it considers that the agency is considering which would require forward-looking risk assessments and necessary actions to maintain the reliability of the system.
Today, network planners do not systematically plan to equip their systems to withstand severe and high-impact weather attacks, she said. This must change.
The goal should be to “focus on the standards that govern the identification and management of evolving risks,” said LaFleur, a Democrat who led FERC on several occasions from 2013 to 2017. She left the agency independent in 2019.
The call to action was hailed by FERC Democratic President Richard Glick, who pledged a firmer agency response to climate change, cyber threats and extreme weather conditions like the winter storm that cut through electricity to millions of customers in Texas earlier this year (Energy wire, September 29).
“Look at the pictures of the devastation caused by forest fires, the devastation caused by hurricanes. Talk to the families of those people who froze to death last February in Texas because they had no electricity, ”said Glick. “It’s serious business here. We have to do something about it.
James Robb, managing director of the North American Electric Reliability Corp., which drafts the grid reliability and safety regulations that it submits to FERC for approval, saw the same urgency as he ended a multi-year debate on divided federal regulatory oversight of the US interstate power grid and interstate gas pipeline system. FERC has no authority over the safety and reliability of pipelines – a flaw exposed by gas system outages during the cold snap and blackout in Texas.
“We really need to stop admiring this problem and put solutions into action,” Robb said, pledging to support a proposal for a conference of grid and gas industry leaders and regulators on the issue.
Under current policy, created by Congress in 2005 following the Northeast power outage two years earlier, FERC tasked NERC to draft mandatory reliability and safety regulations for approval. by the commission and monitor compliance. NERC does this through committees of utility leaders and outside experts, whose recommendations require a qualified majority vote of approval before going to the commission. Serious infractions can be punished with fines imposed by the FERC.
The process is inherently slow as standards are written and voted on by company officials who will have to comply with the rules, LaFleur said. Businesses “are understandably afraid of law enforcement,” and that tends to produce watered-down rules that most industry players can agree with, she added.
“Going forward, it will be important to guard against such excess conservatism if the standards are to adapt to the needs of the future network,” said LaFleur. “I think it may be necessary for the commission to point out a less enforcement-oriented regime as standards are developed to address these evolving risks that are not well understood.”
Several representatives of the major US network operators supported calls on the federal government to respond to the need to plan for evolving risks.
“Really, what we look forward to… is to move beyond the discussion… and see the commission take action,” added Christopher Pilong, director of operations planning at PJM Interconnection.
Natural gas, cyber threats
Glick urged Congress to give the commission the power to set reliability and cybersecurity regulations for the gas pipelines that power the generators, which provide about 40 percent of America’s electricity.
“I think we need to bring the two sides together and kind of hit heads and suggest that we really need to make changes here,” he told the Senate Committee on Energy and Natural Resources this week.
Under President Biden’s proposed energy strategy, natural gas production would decline as renewable energy expands – but it will remain a much-needed backup when wind and solar production fail, according to Glick.
“It’s the fuel that keeps the lights on,” he said.
Glick did not get backing, however, when he yesterday interviewed a panel of cybersecurity experts on creating a “whitelist” of approved equipment vendors providing critical equipment and controls to U.S. network operators. , or a “blacklist” of unapproved vendors that could pose security risks.
High on the conference agenda yesterday was the persistent threat of malware-infected vendor software, pushed back to late last year by the breach of a widely used system management tool from Austin-based tech company SolarWinds. Thousands of ignorant SolarWinds customers have downloaded a pirated version of the vendor’s Orion software platform, leaving their systems compromised.
Jennifer Sterling, vice president of security compliance at Exelon Corp., said the current pressure from FERC to demand stricter cybersecurity for network company vendors is not succeeding.
“We need to do 450 security risk assessments [of Exelon vendors], and we need to monitor the reaction of our suppliers, ”Sterling said. “As big as we are, we don’t have the resources to verify every single answer all of our suppliers give us.
She called for forging “strong partnerships with the government” to help solve the problem, starting with better threat alerts from intelligence agencies.
“If the government has specific, actionable intelligence, it needs to be shared,” Sterling said, using much of the same plea that Exelon officials and other network leaders have launched for years.
Tony Hall, director of the FERC regulatory program at Louisville Gas and Electric Co. and Kentucky Utilities Co., agreed. “The only way to solve this problem is a strong partnership between government, industry and suppliers,” Hall said. FERC and NERC “cannot impose demands on industry over which industry has no control to manage,” he said.
Whitelists, however, are not the answer, said Matthew Halvorsen of the FBI, strategic program manager for the Directorate of Supply Chain and Cyber Security at the National Counterintelligence and Security Center.
“It’s obsolete 10 minutes after you make the list,” he said.
Puesh Kumar, Acting Senior Assistant Deputy Secretary in the Energy Ministry’s Office of Cyber Security, Energy Security and Emergency Response, suggested using a risk-based approach that identifies devices and systems critical supply chain networks, and investigating where they are used across the network. and what the consequences would be if they were disabled.
“I understand the appeal” of the list idea, said Robb, chief executive of NERC. “Administratively, it’s almost impossible.