Electric Reliability Update - February 7, 2014

February 7, 2014

FERC

FERC Denies Request for Rehearing on Bulk Electric System Definition February 6 – FERC issued an order denying requests from Pacific Northwest Generating Cooperative (PNGC) and Northwest Requirements Utilities (NRU) for rehearing of NERC’s definition of “bulk electric system” (BES)  FERC approved the definition in Order No. 773 in late 2012, and compliance is scheduled to begin on July 1, 2014.  PNGC and NRU argued that FERC exceeded its jurisdiction by requiring entities to apply the BES definition before seeking a local distribution determination.    FERC held that requiring BES application was proper due to the inter-relationship between the BES definition and the local distribution determination.

FERC Accepts Revisions to NERC’s Rules of Procedure January 30 – FERC issued a letter order approving revisions submitted by NERC to Appendix 4D of its Rules of Procedure.  NERC submitted the revisions in response to a September 2013 FERC order, which directed the revisions to NERC’s procedure for requesting and receiving technical feasibility exceptions to the NERC CIP standards.  

FERC Accepts Revised SPP Standards Development Manual January 31 – FERC issued a letter order accepting NERC and SPP’s proposed Regional Entity Standards Development Manual, which had been submitted in December.   No protests or other interventions were filed.

Peak Reliability Proceeding Continues – WECC seeks to transfer its Reliability Coordinator (RC) and Interchange Authority (IA) functions to Peak Reliability.  NERC answered a protest of the Edison Electric Institute (EEI) contending  that the non-statutory functions performed by Peak Reliability cannot be funded under Section 215 of the Federal Power Act.  EEI also filed a petition for review in the D.C. Circuit of FERC’s underlying order conditionally approving the transfer of the RC and IA functions to Peak Reliability.

NERC

NERC Files Reply Comments on the Revised Definition of the BES February 3 – NERC submitted reply comments on the Phase 2 definition of the Bulk Electric System.  NERC’s comments focus on two main issues:  (1) 50 kV is the appropriate circuit loop voltage level for determining whether a system is considered radial and may be excluded from the BES (under exclusion E1); and (2) whether for generating resources that meet the definition under Inclusion I4, the individual generators (e.g., individual wind turbines)  should be included in the definition of “Bulk Electric System.”  NERC requests expedited FERC action and that an order approving the proposed Phase 2 BES Definition be issued no later than March 31, 2014.

NERC Enforcement Filings January 30 – NERC filed with FERC three notices of penalty in individual dockets, as well as a Spreadsheet Notice of Penalty addressing 29 violations of 9 standards by 9 entities.  FERC announced that it would not further review 16 notices of penalty filed in December.

NERC Files Analysis of North American Standard Process (Ballot) Results 4Q 2013 January 29 – The filing is available here.

CYBERSECURITY AND GRID SECURITY

NIST Cybersecurity Framework Update January 15 – The National Institute of Standards and Technology (NIST) issued an update on the development of its cybersecurity framework.  In the update, NIST announced that it expects to publish version 1 of its cybersecurity framework on February 13, 2014.  This version of the framework includes changes and updates resulting from NIST’s consideration of the more than 2,500 comments received on the preliminary version, which was published on October 29, 2013.

Report Suggests Russian Hackers Targeting American Energy Companies  January 22 - A report from security research firm Crowdstrike suggests that a coordinated set of attacks from Russian hackers may be targeting energy companies in the United States and elsewhere. The Russian group, which Crowdstrike calls “Energetic Bear”, has used “watering-hole” attacks to infect webpages which energy company employees will visit as a means of gaining access to computer networks.

Reports Address April Assault on Metcalf Substation February 4 – The Wall Street Journal published a report on the April 2013 sniper attack on 17 transformers at Pacific Gas & Electric’s Metcalf transmission substation near San Jose, CA.  National Public Radio also produced a story, interviewing Rebecca Smith, the Wall Street Journal reporter, and a second story interviewing former FERC Chairman John Wellinghoff. 

The NPR stories err by stating that physical security measures are not covered by mandatory reliability standards, and by implying that FERC does not have authority to require improvements to substation security measures that may affect the reliability of the grid.  Physical access and security requirements are covered by existing NERC reliability standards, over which NERC and FERC have jurisdiction.  FERC has jurisdiction under Section 215(a)(3) of the Federal Power Act to require NERC to propose reliability standards that include mandatory “requirements for the operation of existing bulk-power system facilities . . .  and the design of planned additions or modifications to such facilities,” including physical security controls at transmission substations.

Court Website Temporarily Shut Down by Hackers January 24 – Hackers shut down the federal courts’ website, uscourts.gov, and PACER, the courts’ online file management system in a denial-of-service attack that lasted for most of the day.  The attack disrupted access to legal filings and opinions on PACER, and may have prevented litigants from e-filing documents.  

CONGRESS

Senate Staff Report on Federal Cybersecurity Breaches February 4 – The Minority Staff of the Senate Homeland Security and Governmental Affairs Committee released a report detailing breaches of cybersecurity at many Federal agencies, including the Nuclear Regulatory Commission, the Securities and Exchange Commission, the Army Corps of Engineers, and the Federal Communications Commission.

House Homeland Security Committee Approves Cybersecurity Bill February 5 – The House Committee on Homeland Security marked up and unanimously passed H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection (NCCIP) Act of 2013. The NCCIP Act is a bipartisan bill that would strengthen and facilitate existing DHS cybersecurity initiatives and prohibit certain new DHS regulatory authority, among other things (summary here).

 

###

The Van Ness Feldman Electric Reliability Update is published by Andrew ArtMalcolm McLellan and Gabe Tabak, with assistance from Christopher ZentzThomas HuttonIlan Gutherz, and Van Smith.  Van Ness Feldman counsels, advises and trains a wide range of clients on electric reliability matters.  Please email us for additional information.