November 16, 2018

November 15, 2018

Subscribe to Latest Legal News and Analysis

November 14, 2018

Subscribe to Latest Legal News and Analysis

November 13, 2018

Subscribe to Latest Legal News and Analysis

Electric Reliability Update - January 19, 2018

FERC

FERC Issues NOPR on Supply Chain Risk Management - January 18 - FERC issued a notice of proposed rulemaking proposing to approve NERC’s proposed supply chain risk management Reliability Standards CIP-013-1 (Cyber Security – Supply Chain Risk Management), CIP-005-6 (Cyber Security – Electronic Security Perimeters), and CIP-010-3 (Cyber Security – Configuration Change Management and Vulnerability Assessments) with certain modifications.  The proposed standards, which NERC submitted to address FERC’s directives in Order No. 829, would modify currently-effective CIP Reliability Standards to reduce cybersecurity risks associated with supply chain management.  FERC’s NOPR also proposes to reduce the implementation period for the proposed standards, directs NERC to develop modifications to include Electronic Access Control and Monitoring Systems  associated with medium and high impact BES Cyber Systems within the scope of the supply chain risk management Reliability Standards, and directs NERC to evaluate the cyber security supply chain risks presented by Physical Access Control Systems and Protected Cyber Assets in a recent study of cyber security supply chain risks requested by the NERC Board of Trustees.

FERC Approves Emergency Preparedness and Operations Reliability Standards - January 18 - FERC issued a final rule approving Emergency Preparedness and Operations (EOP) Reliability Standards EOP-004-4 (Event Reporting), EOP-005-3 (System Restoration from Blackstart Resources), EOP-006-3 (System Restoration Coordination), and EOP-008-2 (Loss of Control Center Functionality).  The approved EOP Reliability Standards enhance reliability by:  (1) providing accurate reporting to NERC’s event analysis group; (2) delineating the roles of entities that support system restoration from blackstart resources; (3) clarifying the requirements to execute system restoration processes; and (4) refining required elements of an operating plan to continue operation if primary control functionality is lost.

FERC Rejects DOE Proposal on Grid Reliability and Resilience Pricing - January 8 - FERC issued an order terminating the rulemaking proceeding initiated by the Secretary of Energy that proposed to develop cost recovery mechanisms for “grid reliability and resiliency resources.”  While declining to adopt the Secretary’s proposal, FERC acknowledged the importance of grid resilience and initiated a new proceeding to seek additional information from FERC-jurisdictional Independent System Operators (ISOs) and Regional Transmission Organizations (RTOs) to evaluate the resilience of the bulk power system in those regions.  There are three goals for the new proceeding: (1) to develop a common understanding among the Commission, industry, and others of what resilience of the bulk power system means and requires; (2) to understand how each RTO and ISO assesses resilience in its geographic footprint; and (3) to use this information to evaluate whether additional Commission action regarding resilience is appropriate at this time. Please see our Alert on this matter for more information.

NERC

NERC Files Comments on Proposed Reliability Standard CIP-0037 - December 22 - NERC filed comments in support of proposal to approve Reliability Standard CIP-003-7, stating that Reliability Standard CIP-003-7 would improve upon the currently-effective CIP Reliability Standards.  Further, NERC stated that it did not oppose proposed FERC directives that NERC modify Reliability Standard 003-7 to provide clear, objective criteria for electronic access controls for low impact BES Cyber Systems and address the need to mitigate the risk of malicious code that could result from third-party transient electronic devices.

NERC Submits Reliability Standards Development Plan - December 21 - NERC submitted to FERC its 2018-2020 Reliability Standards Development Plan (2018 Development Plan), which provides an update on active and future projects and an analysis comparing accomplishments with previous Development Plans.  The 2018 Development Plan focuses on completing already initiated Periodic Reviews and responding to FERC directives, assessing emerging risks that may generate new Reliability Standards projects, Standard Authorization Requests, and the standards grading initiative.

NERC Penalty Activity - December 28 - NERC filed with FERC a spreadsheet notice of penalty resolving 3 violations of 7 Reliability Standards totaling $75,000 in penalties.

Cybersecurity

NIST Issues Update for Systems Security Engineering - January 3 - The National Institute of Standards and Technology (NIST) issued the first update to its systems security engineering guidance document, Special Publication 800-160.  The update contains substantive and editorial changes that emphasize the importance of applying the document’s security design principles to systems that are part of the U.S. critical infrastructure.  NIST plans on releasing a second systems security engineering document on cyber resiliency in March 2018.

Department of Homeland Security Warns of Security Vulnerabilities - January 3 - The Department of Homeland Security’s United States Computer Emergency Readiness Team (US-CERT) issued an alert and guidance on the “Meltdown” and “Spectre” security vulnerabilities, which affect computer processors.

Congress

House Members Discuss Grid Security during Hearing on DOE Modernization - January 9 -The House Energy and Commerce Committee’s Subcommittee on Energy held a hearing entitled “DOE Modernization: Advancing DOE’s Mission for National, Economic, and Energy Security of the United States, at which senior leadership from the Department of Energy (DOE) testified.  DOE Undersecretary for Energy Mark Menezes called cybersecurity one of the energy issues that concerned him the most, and noted that the expectation of DOE to manage energy-related cyber emergencies generally exceeded its authority to do so.  Deputy Secretary Dan Brouillette also noted that DOE’s main focus with respect to cybersecurity it to ensure the agency’s internal security.

© 2018 Van Ness Feldman LLP

TRENDING LEGAL ANALYSIS


About this Author

Malcolm C. McLellan, Van Ness Feldman Law Firm, Seattle, Cybersecurity and Energy Law Attorney
Partner

Malcolm’s practice focuses on the generation, transmission, and distribution of electric energy and regulated businesses. Malcolm has an intricate knowledge of the technical, legal, and business considerations facing electric utilities.  He regularly advises on Open Access Transmission Tariff and business practice compliance issues, reliability standards, standards of conduct, market behavior rules, interlocking director rules, electronic quarterly reporting, and accounting rules. He has significant experience with developing comprehensive energy compliance programs;...

206-829-1814
Suzanne McBride, Van Ness Feldman Law Firm, Energy and Gas Attorney
Of Counsel

Suzanne McBride focuses her practice on the representation of electric and natural gas utilities and oil pipeline companies on a wide range of regulatory matters before the Federal Energy Regulatory Commission (FERC) and U.S. Courts of Appeal. She counsels various clients on rate development, contract and tariff provisions, regulatory compliance and investigation defense, administrative litigation, and transactional matters. She also advises on compliance with North American Electric Reliability Corporation (NERC) and regional reliability standards, including self-reports, spot checks, formal audits and enforcement actions involving NERC and FERC’s Office of Enforcement.

202-298-1921
Darshana Singh, Van Ness Feldman Law Firm, Washington DC, Cybersecurity and Energy Law Attorney
Associate

Darsh Singh assists clients and firm professionals in the energy regulatory arena. Prior to joining Van Ness Feldman, Darsh served as a law clerk in the Office of Administrative Litigation at the Federal Energy Regulatory Commission (FERC) and interned at the Federal Trade Commission (FTC).   While at FERC, Darsh assisted Trial Staff in natural gas and oil pipeline rate proceedings and conducted research on market-based rates.   During her time at the FTC, Darsh focused on complex antitrust and consumer protection issues. 

While at The George...

202-298-3726