FERC

NERC Revisions Approved for BES Definition  March 20 - FERC approved NERC's proposed Phase 2 revisions to the Bulk Electric System ("BES") definition.  In Order Nos. 773 and 773-A, FERC directed NERC to submit further revisions to certain exclusions and inclusions contained in its proposed revision to the BES definition.  The revised BES definition will supersede the Phase 1 BES definition as of July 1, 2014, and enforcement of compliance obligations will begin on July 1, 2016. 

There are four relevant parts to the revised BES Definition.  The first three parts are components of the bright-line BES definition:  (1) the core definition, (2) five specific inclusions, and (3) four specific exclusions.  The fourth part is a case-by-case exception process. The changes to Inclusion I4 in and Exclusions E1 and E3 are of particular importance for renewable generator owners and operators when determining whether their renewable generators and interconnection facilities will be newly classified as BES elements. 

FERC Approves New Generator Verification Standards  March 27 - In Order No. 796, FERC approved several new generator verification reliability standards to "help ensure that generators remain in operation during specified voltage and frequency excursions; properly coordinate protective relays and generator voltage regulator controls; and enhance the ability of generator models to accurately reflect the generator’s capabilities and equipment performance."  The new standards areCIP v5 Order on Rehearing March 20 - FERC issued Order No. 791-A addressing Version 5 of the Critical Infrastructure Protection standards (CIP v5).  In Order No. 791, issued in November 2013, FERC had largely accepted NERC's proposed CIP v5, which extends certain reliability requirements to a wider range of utility assets, including "low impact" systems.  However, FERC had required certain modifications and rejected "identify, assess, and correct" language in the standards.  In Order No. 791-A, FERC rejected requests for rehearing, declined to change implementation dates for CIP v5, indicated that NERC's compliance filing would have to address the changes from "identify, assess, and correct", and clarified which assets would fall under the definition of "cyber asset."

• MOD-025-2 (Verification and Data Reporting of Generator Real and Reactive Power Capability and Synchronous Condenser Reactive Power Capability), which MOD-025-2 merges former standards MOD-024-1 and MOD-025-1. 
• MOD-026-1 (Verification of Models and Data for Generator Excitation Control System or Plant Volt/Var Control Functions),
• MOD-027-1(Verification of Models and Data for Turbine/Governor and Load Control or Active Power/Frequency Control Functions),
• PRC-019-1 (Coordination of Generating Unit or Plant Capabilities, Voltage Regulating Controls, and Protection), and
• PRC-024-1 (Generator Frequency and Voltage Protective Relay Settings)

The approved standards will go into effect over periods ranging from 5 to 10 years, as explained in Appendix B to NERC's Petition. 

Rulemaking proposes New Reliability Standard for Generator Relay Loadability  March 27 - FERC issued a Notice of Proposed Rulemaking to approve a new reliability standard, PRC-025-1 (Generator Relay Loadability) along with modifications to existing standard PRC-023 (Transmission Relay Loadability).  The new standard "is designed to prevent generator tripping when conditions do not pose a direct risk to the generator and associated equipment." Proposed PRC-023-3 was modified to avoid the potential for overlap between the new Generator Relay Loadability standard and the existing Transmission Relay Loadability standard. Comments on FERC's proposed rule are due by April 28th. 

NERC

NERC Technical Conference on Physical Security Reliability Standard - March 17 - NERC announced that it will be holding a Physical Security Technical Conference in Atlanta, GA on April 1, 2014 at the Grant Hyatt Atlanta in Buckhead.  The conference comes as a response to FERC's March 7th Order directing NERC to develop a new reliability standard to address concerns over the physical security of the Bulk-Power System.  Details for conference registration or attendance via webinar are available on the NERC website.

NERC Requests Extension of Time for CIP Violation Risk Factors March 18 - NERC filed a request for an additional ten days to file revised Violation Risk Factors (VRFs) for two requirements of Version 5 of the Critical Infrastructure Protection reliability standards (CIP v5).  NERC indicated that the extension was needed to allow its Board to vote on the VRFs at its May meeting.

Cybersecurity and Grid Security

Leaking Details From Physical Security Report Draws FERC, Senate Criticism - A March 12 story in the Wall Street Journal reported details from a non-public FERC analysis of the potential for large-scale, long-lasting power outages if a few key substations were damaged or destroyed in an attack.  Although specific system-critical transformers were not identified, the story drew a pointed response on March 12 from FERC's Acting Chairman Cheryl LaFleur, who criticized the publication of the article as "highly irresponsible."  Senator Lisa Murkowski (R-AK), the ranking member of the Senate Committee on Energy and Natural Resources, also released a statement on March 13 critical of the WSJ and the unknown source who provided the newspaper with a details from the confidential FERC analysis of grid vulnerabilities.  On March 27, Senators Murkowski and Mary Landrieu (D-LA), the Chair of the Energy and Natural Resources Committee, sent a letter to DOE's Inspector General requesting an investigation into the source of the documents leaked to the WSJ.

Acting FERC Chairman LaFleur Supports New Federal Agency Authority  March 13 -  Chairman Cheryl LaFleur in a response to a February 12 letter from Congressman Jim Bridenstine regarding the vulnerability of the electric grid to physical attacks urges Congress to designate a single federal agency with responsibility and authority to act in the face of imminent cyber or physical threats to the grid.  

NIST Announces National Cybersecurity Center of Excellence March 18 - The National Institute of Standards and Technology published notice in the Federal Register announcing the creation of the National Cybersecurity Center of Excellence (NCCoE), a public-private collaboration for accelerating the adoption of cybersecurity tools and technologies.  NIST invites technology companies to submit statements of interest to participate in the NCCoE "use case" to demonstrate cybersecurity systems and capabilities for the utility industry.  Letters of interest will be accepted on a first-come, first-served basis, beginning April 17, 2014.

FERC Commissioner Tony Clark Issues Statement on Physical Grid Security  March 20 - FERC Commissioner Tony Clark released a statement offering additional thoughts and comments on FERC's Order directing NERC to develop a reliability standard to address concerns over the physical security of the Bulk-Power System.  Commissioner Clark's statement emphasizes that FERC is seeking to balance the regulation of physical security and to mitigate most risks.  Commissioner Clark also highlighted that individuals with sensitive or confidential information about recent situations involving physical security threats should not have chosen to release such information.

NIST to hold Privacy and Cybersecurity Workshop - The National Institute of Standards and Technology (NIST) will hold a workshop on privacy and cybersecurity on April 9 and 10 in Gaithersburg, MD.  The workshop is intended to advance standards and processes outlined in NIST's Cybersecurity Roadmap, released in February 2014.

Congress

GRID Act for Cyber and Physical Security Introduced March 26 - Senator Ed Markey (D-MA) and Representative Henry Waxman (D-CA) announced that they have introduced the Grid Reliability and Infrastructure Defense Act (GRID Act) in the Senate and House, respectively.  The GRID Act creates a new category of "Defense Critical Electric Infrastructure," which can include distribution-level assets.  The bill requires FERC to assess current vulnerabilities in electric facilities, and provides prospective authority for the agency to initiate rulemakings or act on the President's request to address security threats.  Additionally, the GRID Act also allows for cost recovery for prudent security measures, provides a framework for sharing of defense critical information, and requires FERC to implement a program to share information and best practices with electric grid stakeholders. 

Regional Developments

NERC Interpretation of WECC reliability standard TOP-007-WECC-1 March 12 - NERC petitioned FERC to approve a proposed interpretation of WECC regional standard TOP-007-WECC-1 that would clarify that the standard applies only to Transmission Operators, and not Path Operators. 

The Van Ness Feldman Electric Reliability Update is published by Andrew Art, Malcolm McLellan and Gabe Tabak, with assistance from Chris Zentz, Ilan Gutherz, Tom Hutton, and Van Smith. 

Van Ness Feldman counsels, advises and trains a wide range of clients on reliability matters.  Please email usor call us at 202.298.1817 or 206.829.1814 for additional information.