The Federal Energy Regulatory Commission has issued new rules approving, with modifications, a power system physical security reliability standard submitted by the North American Electric Reliability Corp.
The Nov. 20 order (RM14-15) considers 39 sets of comments and finalizes a notice of proposed rulemaking issued in July. The commission had issued an order in March directing NERC to develop a reliability standard requiring owners and operators of the bulk power system to address risks due to physical security threats and vulnerabilities. That order, No. RD14-6, required physical security for the facilities most critical to reliable operation of the bulk power system. FERC held a conference in June on system reliability.
The latest order finds NERC’s proposed reliability standard largely satisfies the directives of its March order. FERC did direct NERC to revise wording that the commission thinks could narrow the scope and number of identified critical facilities. Specifically, the FERC said NERC’s term “widespread instability” is more ambiguous than the simple term “instability.”
The final rules do not adopt another proposal from the notice of proposed rulemaking that would have directed NERC to develop language specifically to allow FERC or other governmental authorities to add or subtract facilities from an operator’s list of critical facilities. Instead, FERC is to use its audit authority to determine if any further action by the commission is needed.
FERC also directed NERC to submit a report analyzing whether the physical security reliability standard should apply to additional control centers, consistent with the scope of critical facilities under other Critical Infrastructure Protection standards.
The final order drops another item from the proposed rulemaking that would have required NERC to analyze grid resiliency and what can be done to maintain reliable operations when faced with loss or degradation of critical facilities. Instead, FERC is to consider ways for the industry to inform it of current and future resiliency efforts, which could be in the form of reports or technical conferences to address specific areas of concern.
In April, the Energy Department’s Office of Inspector General ordered FERC to take immediate steps to protect national security information pertaining to the bulk power system, which in some cases includes hydroelectric facilities. Citing lapses in FERC’s control of sensitive power system information, DOE Inspector General Gregory Friedman issued a management alert recommending immediate steps by FERC Chairman Cheryl LaFleur.
FERC also issued final rules last year updating Critical Infrastructure Protection Reliability Standards by expanding cyber security standards for the bulk electricity system, including hydroelectric projects.