Senate Energy and Resources Hearing on Cyber Security of the Electric Grid

May 7, 2009
This morning, the Senate Energy and Resources held hearings on Cyber Security of the Electric Grid. The witnesses were Joe McClelland from FERC, Rick Sergal from NERC, Patricia Hoffman from DOE, Allen Mosher from APPA, and David Owens from EEI. The hearing was on the draft language in the revision to the energy bill, specifically focused on oversite and scope. The hearing can be found at http://energy.senate.gov/public/index.cfm?Fuseaction=Hearings.LiveStream&Hearing_id=f846c4d4-f573-db68-4821-4be9a19886ff

My observations were the following:
"
This morning, the Senate Energy and Resources held hearings on Cyber Security of the Electric Grid. The witnesses were Joe McClelland from FERC, Rick Sergal from NERC, Patricia Hoffman from DOE, Allen Mosher from APPA, and David Owens from EEI. The hearing was on the draft language in the revision to the energy bill, specifically focused on oversite and scope. The hearing can be found at http://energy.senate.gov/public/index.cfm?Fuseaction=Hearings.LiveStream&Hearing_id=f846c4d4-f573-db68-4821-4be9a19886ff My observations were the following: -    There is a concern with both the Senate and the industry witnesses on having both FERC and DOE in the loop to determine when an emergency should be declared.  To me, this is a valid issue that needs to be resolved. -    There was a concern on how to expeditiously get the message out to all affected entities.  One of the issues was the sensitivity of the information going to people without security clearances. Joe McClelland even mentioned the utilities were “out in the wild” meaning not knowing the threats and vulnerabilities. There has to be a better way to expeditiously get appropriate information to people that need it whether they have clearances or not. -    There were questions concerning testing of Smart Grid devices – who should do it and under what auspices. My concern is the Smart Grid is just another example of control system environments – they are systems of systems. Testing individual devices is important. However, it is an individual test, not a system test. Many control system cyber incidents occurred because of system interactions which testing of individual devices will not address. -    There was significant disagreement about scope. The current definition of “Bulk Power System” under FPA 215 does not include distribution and non-interconnected locations. That means Alaska, Hawaii, and Guam are excluded as well as New York City which has high voltage networks (138KV). FERC raised the issue that if the Committee intended to cover these areas with the new proposed authority, it should not use the current definition of “Bulk Power System” under Section 215.  The current draft includes distribution and would therefore cover much of the Smart Grid equipment which is distribution-centric. NERC, APPA, and EEI (effectively the voice of the utilities) feel that scope is too broad. The redrafted bill is to be available Wednesday. Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...