Securing the Modern Electric Grid from Physical and Cyber Attacks

Overview:

Statement for the Record, July 21, 2009 Hearing before the Subcommittee on Emerging Threats, Cybersecurity, Science and Technology.

I appreciate the opportunity to provide the following statement for the record. I have spent more than thirty-five years working in the commercial power industry designing, developing, implementing, and analyzing industrial instrumentation and control systems. I hold two patents on industrial control systems, and am a Fellow of the International Society of Automation. I have performed cyber security vulnerability assessments of power plants, substations, electric utility control centers, and water systems. I am a member of many groups working to improve the reliability and availability of critical infrastructures and their control systems.

On October 17, 2007, I testified to this Subcommittee on "Control Systems Cyber Security—The Need for Appropriate Regulations to Assure the Cyber Security of the Electric Grid."

On March 19, 2009, I testified to the Senate Committee on Commerce, Science, and Transportation on "Control Systems Cyber Security—The Current Status of Cyber Security of Critical Infrastructures."

I will provide an update on cyber security of the electric system including adequacy of the NERC CIPs and my views on Smart Grid cyber security. I will also provide my recommendations for DOE, DHS, and Congressional action to help secure the electric grid from cyber incidents.