On March 7, 2014, the Federal Energy Regulatory Commission (FERC) issued an order directing the North American Electric Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the Bulk-Power System to address risks due to physical security threats and vulnerabilities within 90 days of the date of the order (June 5, 2014). FERC expects the proposed Reliability Standards to “require owners or operators of the Bulk-Power System to take at least three steps to address the risks that physical security attacks pose to the reliable operation of the Bulk-Power System,” the results of which should be updated periodically and verified independently by NERC, the Regional Entities, reliability coordinators or some other third parties. Order at P 6.
First, FERC states that “the Reliability Standards should require owners or operators of the Bulk-Power System to perform a risk assessment of their systems to identify their ‘critical facilities.’” Id. As under CIP-002, FERC defines a “critical facility” as “one that, if rendered inoperable or damaged, could have a critical impact on the operation of the interconnection through instability, uncontrolled separation or cascading failures on the Bulk-Power System.” Id. Based on discussions with NERC staff and past experience with identifying critical assets under NERC’s cybersecurity standards, the physical security standards will likely provide high level criteria by which the industry should assess which facilities are critical, but NERC and FERC staff contemplate that the new standards will cover relatively few (under 500) bulk-power system facilities.
Second, FERC states that “the Reliability Standards should require owners or operators of the identified critical facilities to evaluate the potential threats and vulnerabilities to those identified facilities.” Id. at P 8. FERC expects the Reliability Standards to require that owners or operators of critical facilities “tailor their evaluation to the unique characteristics of the identified critical facilities and the type of attacks that can be realistically contemplated.” Id.
Third, FERC states that “the Reliability Standards should require those owners or operators of critical facilities to develop and implement a security plan designed to protect against attacks to those identified critical facilities based on the assessment of the potential threats and vulnerabilities to their physical security.” Id. at P 9. FERC expects that the Reliability Standards will “require that owners or operators of identified critical facilities have a plan that results in an adequate level of protection against the potential physical threats and vulnerabilities they face at the identified critical facilities.” Id.
Finally, FERC directs NERC to “include in the Reliability Standards a procedure that will ensure confidential treatment of sensitive or confidential information but still allow for the Commission, NERC and the Regional Entities to review and inspect any information that is needed to ensure compliance with the Reliability Standards” because “[g]uarding sensitive or confidential information is essential to protecting the public by discouraging attacks on critical infrastructure.” Id. at P 10. FERC also has designated six employees as non-decisional staff to assist in the development of the physical security standards.
The impetus behind the Order is the recent public focus on an April 16, 2013 attack on PG&E’s Metcalf substation, located south of San Jose, California, and pressure from lawmakers, including U.S. Senators Harry Reid, D-NV, Ron Wyden, D-OR., Dianne Feinstein, D-CA, and Al Franken, D-MN, for FERC and NERC to establish new physical security standards. During the Metcalf attack, 150 rounds were fired from an assault rifle, knocking out 17 transformers. (Smith, Rebecca, “Mystery Assault on Power Grid,” WSJ, Feb. 5, 2014; Martinez, Michael, “Sniper Attack on Silicon Valley Power Grid Spurs Security Crusade by Ex-Regulator,” CNN, Feb. 7, 2014; Smith, Rebecca, “Assault on California Power Station Raises Alarm on Potential for Terrorism,” WSJ.com, Feb. 18. 2014.) Utility workers successfully rerouted power to avoid a blackout, but the repair to the substation took almost a month, which is not atypical given the limited inventory and custom nature of transformers. To date, no arrests have been made in connection with this incident
While attention has remained focused on the Metcalf incident, it is not alone. Utilities regularly contend with sabotage. In October 2013, the U.S. Attorney’s office for the Eastern District of Arkansas announced the arrest of an Arkansas resident charged with multiple acts of sabotage on transmission facilities in August and September of 2013. The sabotage included (1) setting fire to a control house at a substation, (2) removing bolts from the base of a transmission tower, which was subsequently pulled down by a moving train, (3) cutting into and then using a tractor to pull down two electrical poles causing outages for 9,000 customers.
In response to public interest on the physical security of the grid, NERC officials and electric industry representatives have reiterated that providing safe, reliable, and affordable electricity is the industry’s top priority. Although the 90-day time frame by which NERC must write the new physical security standards is very short compared to other standards development projects, NERC officials recognize the political pressure to act expeditiously. Because FERC’s order contemplates process-oriented standards, technical input will be needed less in the drafting of the standards and more in the implementation. This should facilitate NERC’s prompt compliance with FERC’s directive.
In a separate concurring statement, Commissioner Norris was critical of FERC’s order for a number of reasons. Procedurally, Commissioner Norris was concerned that the order and the Commission’s ex parte rules would cut off needed discussion with the industry for the development of a comprehensive approach to physical security issues. In addition, Commissioner Norris indicated that the Commission’s ability to succeed in developing a comprehensive approach to physical security depended on its ability to manage confidentiality of sensitive materials, and he urged Congress to amend the Freedom of Information Act to foster more direct, but more protected dialog between the industry and the Commission on physical threats and vulnerabilities to the grid. Finally, and most fundamentally, Commissioner Norris cautioned the industry against overreacting to news reports about the Metcalf incident or undertaking costly physical security measures at the expense of other activities needed to protect grid reliability. This is in keeping with Commissioner Norris’s statements leading up to the Order in which he cautioned that “erecting various physical barriers to our grid infrastructure” is a “20th century solution for a 21st century problem.” Statement of Commissioner John R. Norris on Physical Security of the Electric Grid, Feb. 20, 2014.