What hath the NERC CIPs wrought?

A peaking plant may see little use until it is REALLY needed, and at that point it must run in a prescribed period of time. Depending on whether the peaker is on Automatic Generator Control (AGC) or other form of dispatch, it will be required to be available within 10-30 minutes. This stringent timing requirement will often result in some form of remote vendor and/or corporate engineering access to ensure the unit(s) can meet the dispatch requirements. If the plant is unmanned, which happens often with peaking units, automated remote access is the only option for dispatch. By definition, an automated dispatch request to a control system that results in the unavailability of a peaker unit(s) is a control system cyber incident.

A peaking plant in almost all cases will not fall under the NERC CIP bright line of 1500 MW. Consequently, it will likely have minimal cyber mitigation technology and minimal cyber training for on-site or remote staff. Unlike a large unit falling under the NERC CIP criteria, the peaker is wholly judged (and potentially fined) by its impact on grid reliability even though the dispatch problem was a control system cyber incident. The other impact beyond the immediate loss of revenue or fine is even bigger- the potential loss of the unit being considered for dispatch which can result in the long-term shutdown of the unit.

Isn't it ironic that the NERC CIPs can lead to reduced grid reliability and the economic shutdown of utility assets?

Joe Weiss