On January, 29, 2016, the Federal Energy Regulatory Commission (FERC) issued a report on electrical grid recovery and restoration planning (Report). The Report was a collective effort authored by staff at FERC and the North American Electric Reliability Corp. (NERC), as well as representatives from the eight regional entities to which NERC has delegated certain compliance and enforcement authority.1
The Report presents the results of a review of the recovery and restoration planning of nine entities registered with NERC that have significant electrical grid responsibilities. Participation by the nine entities was voluntary and the Report does not identify the participants by name. It does note the following about the participants:
- Three entities were registered as reliability coordinators;
- Seven entities were registered as transmission operators;
- Five entities were registered as transmission owners (three of which were also registered as the transmission operator);
- One entity was registered as a generator operator;
- Two entities were registered as generator owners (one of which was also registered as the generator operator); and
- Five entities were registered as balancing authorities.
Based on the information and materials provided by the nine participants, the review sought (i) to access and verify the industry’s recovery and restoration planning and (ii) to test the effectiveness of related NERC reliability standards in maintaining reliability.
The Report makes 15 recommendations for improved restoration planning and cyber incident response and recovery plans. These recommendations include a mix of measures to be taken and further studies to be performed. For example, with respect to restoration planning, the Report recommends that NERC-registered entities do the following:
- Verify and test modifications to a system restoration plan;
- Plan for the potential loss of Supervisory Control and Data Acquisition computers and other data sources; and
- Obtain insight from entities that have experienced widespread outages.
And with respect to cyber incident response and recovery plans, the Report recommends that NERC-registered entities do the following:
- Ensure that cyber security response plans identify the types of events that trigger a response and which types should be reported;
- Obtain independent technical review of recovery plans for critical cyber assets and cyber security incident response plans; and
- Participate in exercises and simulations to help develop robust cyber security response and recovery plans.
The Report also describes beneficial practices that participants use to enhance preparation for a major reliability event, such as the following:
- Include in their restoration plans illustrations and accompanying steps to assist operators in system restoration;
- Engage extra personnel to augment operators and other support staff during system restoration; and
- Conduct drills that involve the actual transfer of control center operations to an alternate site to test the functionality of the recovery resources.
The Report advocates for the adoption of these the foregoing practices in order to (i) enhance the industry’s preparation for recovering from major storms and physical or cyber attacks, and (ii) allow other entities to recover more quickly and efficiently when such events occur.