Electric Reliability Update - July 17, 2014

July 17, 2014

FERC

FERC Approves Uncontested NERC Request to Discontinue Quarterly Nuclear System Restoration Informational Filings - July 10 - In a letter order, FERC approved NERC's uncontested request to discontinue its obligation to collect data and provide quarterly informational filings under Paragraph 629 of Order No. 693. That paragraph directed NERC to collect and submit information from simulations and drills on restoration of auxiliary power at nuclear facilities.  NERC requested that FERC discontinue its obligation under Paragraph 629 because subsequently developed reliability standards for nuclear facilities now require collection of this and other information. 

FERC Approves CIP VSL and VRF Revisions - July 9 - FERC issued a letter order approving NERC's proposed revisions to several Violation Severity Levels and Violation Risk Factors for Version 5 of NERC's Critical Infrastructure Protection standards.  The revisions increase several risk factors from Lower to Medium, as well as making technical clarifications and corrections.

FERC Approves Stipulation and Consent Agreement Regarding Arizona Public Service Company's ("APS") 2011 Blackout
- July 7 - FERC approved a Stipulation and Consent Agreement ("Agreement") between FERC's Office of Enforcement ("Enforcement"), NERC, and APS that resolves Enforcement's investigation of APS for potential reliability violations stemming from a September, 2011 blackout in the southwestern U.S. that left more than 5 million people without power for up to 12 hours.  The Agreement includes a $3.25 million civil penalty, as well as commitments by APS to a number of additional mitigation measures and ongoing compliance monitoring.  $1.25 million of the penalty will be invested in reliability enhancement measures intended to exceed the minimum requirements contained in NERC's mandatory reliability standards.

FERC Issues Letter Order Approving Interchange Scheduling and Coordination Reliability Standards - June 30 - FERC issued a letter order approving NERC's petition for approval of revised Reliability Standards INT- 004-3 (Dynamic Transfers), INT-006-4 (Evaluation of Interchange Transactions), INT- 009-2 (Implementation of Interchange), INT-010-2 (Interchange Initiation and Modification for Reliability), and new Reliability Standard INT-011-1 (Intra Balancing Authority Transaction Identification).  The letter order also approved NERC's proposed implementation plan, violation risk factors and violation severity levels, retirement of related standards, and new definitions.

NERC

NERC Releases Second Draft of 2015 Budget Documents - July 15 - NERC released its second draft of budget documents for 2015, which will be the last round open to public comment.  Comments are due by July 29, and NERC anticipates submitting its budget for board approval and a subsequent filing to FERC in August.  NERC simultaneously released final budgets for the regional entities, as well as reliability coordinator Peak Reliability.

NERC Enforcement Filings – July 7  NERC filed with FERC a spreadsheet notice of penalty detailing 23 violations of 10 reliability standards by 10 entities, and two separately-docketed enforcement proceedings.  Additionally, FERC declined to review NERC's April penalty filings.

NERC Submits Quarterly Report on Status of Revisions to TOP and IRO Standards - July 1 - NERC submitted its second quarterly report regarding the status of revisions to its TOP and IRO standards.  On December 20, 2013, NERC submitted a motion requesting that FERC defer action it proposed to take in a November Notice of Proposed Rulemaking regarding potential revisions to the TOP and IRO standards.  FERC granted NERC's motion to defer on January 14, 2014.  In its motion, NERC committed to providing FERC with quarterly updates on the progress of revisions to the TOP and IRO standards.  NERC's second quarterly report indicates that revisions to several TOP and IRO standards were posted for a 45-day formal comment period, which expired on July 2nd.  A drafting team meeting will be held July 22nd-24th to consider the comments received and revise the TOP and IRO standards accordingly.

NERC Submits FFT Report and Compliance Filing
 - June 20 - NERC submitted a compliance filing and report on its Find, Fix, Track, and Report (FFT) program to FERC.  The filing contains NERC's annual evaluation of the FFT program, a review of FFT treatment of moderate risk noncompliance, and a proposal to expand the timeframe for mitigation of FFT issues from 90 days to twelve months. Comments on the report and compliance filing are due July 21. 

Cybersecurity and Grid Security

Senate Intelligence Committee Approves Bill to Provide Liability Protection for Companies that Share Cybersecurity Information with the Government - July 8 - The Senate Intelligence Committee approved S.2588, the Cybersecurity Information Sharing Act of 2014, a bill aimed at encouraging information sharing about cybersecurity threats and attacks between private companies and the federal government. The bill would also provide general liability protection for companies that voluntarily share such information, as long as they comply with the information-sharing requirements of the bill. The bill is sponsored by the Chair of the Committee, Sen. Diane Feinstein and the Vice Chairman, Sen. Saxby Chambliss. 

Additional Cyber and Physical Attacks on Grid Revealed –July 3 -  Power providers reported new attacks on the transmission grid: (1) a computer server tied to MISO's independent market monitor's system was breached last month, potentially compromising MISO market data; (2) shots were fired at a Colorado Springs Utilities transmission substation in April 2013, damaging an insulator and hitting the control room; and (3) a tower on a 500 kV line in Minnesota was attacked, resulting in the line being taken out of service temporarily.

Survey of IT Executives at Utility, Energy Companies Reveals Significant Cyber Risks – July 1 - A survey of IT executives at utilities, oil and gas companies, and other critical infrastructure entities commissioned by Unisys reveals significant gaps in companies cyber preparedness. Among the findings of the study are that 67% of respondents reported that their company had at least one security compromise that that led to the loss of confidential information or disruption to operations over the last 12 months, and that, despite those breaches, 50% of respondents say their IT security activities have either not been deployed or have only been partially deployed.

Targeted Trojan Attacks on Energy Infrastructure ICS Identified – June 26 -According to multiple media reports, sophisticated cyberattacks originating in Eastern Europe have targeted oil and gas infrastructure industrial control systems (ICS) in Europe and the US.  The Department of Homeland Security's DHS Industrial Control Systems Cyber Emergency Response Team issued an alert noting that the malware infects systems through phishing emails, redirects to compromised web sites and most recently, trojanized update installers.

Two Cybersecurity Bills Clear Senate Committee, Head to Floor – June 24 -Two cybersecurity bills sponsored by Senate Committee on Homeland Security and Governmental Affairs Chairman Tom Carper have been ordered reported favorably from that Committee. The National Cybersecurity and Communications Integration Center Act of 2014 (S. 2519) would codify the existing cybersecurity and communications operations center at the Department of Homeland Security (DHS), known as the National Cybersecurity and Communications Integration Center.  The Federal Information Security Modernization Act of 2014 (S.2521) would amend the Federal Information Security Management Act of 2002 by, among other things, delineating the roles and responsibilities of the Office of Management and Budget (OMB) and DHS and placing greater management and oversight attention on data breaches.

Regional Developments

WECC Announces September 2011 Outage Tracking Tool - July 11 - WECC announced the public release of its September 8, 2011 Southwest Outage Entity Activity Tracker.  The tool is a dashboard prepared by WECC to track the actions taken by entities in the Western Interconnection in response to the 27 recommendations issued as part of the NERC/FERC joint report on the September 8, 2011 Southwest Outage.  The initial tracking tool provides information for BAs and TOPs, but WECC intends to release information on activities undertaken by companies registered for other functions in the next iteration of its tracking tool.

Other Developments

DOE Announces Microgrid Competition - June 26 - The U.S. Department of Energy announced a competition to recognize and improve microgrids which have added to grid resiliency.  DOE will award six $100,000 prizes, each of which is dedicated to a specific sector such as healthcare facilities and emergency shelters.  Applications are due by August 29.

###

The Van Ness Feldman Electric Reliability Update is published by Andrew ArtMalcolm McLellan and Gabe Tabak, with assistance from Chris ZentzIlan GutherzTom Hutton, and Van Smith

Van Ness Feldman counsels, advises and trains a wide range of clients on reliability matters.  Please email usor call us at 202.298.1817 or 206.829.1814 for additional information.

Follow us on Twitter @VNFELECTRIC.