Tighter control of grid security information urged
The US Department of Energy’s inspector general Gregory Friedman has urged the Federal Energy Regulatory Commission to improve the protection of information on vulnerabilities in the US electricity grid. The recommendation follows publication in March of a leaked FERC modeling study indicating that a simultaneous attack on as few as nine of the nation’s 45 000 transmission substations could cause a nationwide blackout.
In a “management alert,” Friedman told acting FERC chairman Cheryl LaFleur that the report leaked to the Wall Street Journal should have been classified. That would have kept the material out of the hands of uncleared personnel at FERC, Friedman said, and would also have prevented the study from being disseminated to unsecured electronic devices. “The methods used in creating and distributing this document led us to the preliminary conclusion that the Commission may not possess adequate controls for identifying and handling classified national security information,” Friedman stated.
LaFleur told the Senate Energy and Natural Resources Committee on 10 April that FERC was “meticulously following” Friedman’s recommendations, including removing grid-security-modeling documents from unclassified FERC databases and computer hard drives. She added that FERC is reaching out to former employees including former chairman Jon Wellinghoff, who has spoken out on the need for improved grid security, and is advising them to guard sensitive material they may have.
Threatening Silicon Valley
In addition to the leaked vulnerability modeling study, Friedman said that “non-public information” from FERC relating to the investigation of the April 2013 attack on Pacific Gas and Electric Company’s Metcalf substation near San Jose, California, also had been leaked. In that incident, an unknown number of assailants with guns disabled the substation in what authorities concluded had been a sophisticated attack. Grid operators were able to reroute power around the damaged facility, and a blackout was averted.
“Publication of sensitive information about the grid undermines the careful work done by professionals who dedicate their careers to providing the American people with a reliable and secure grid,” La Fleur said in testimony to the Senate Energy and Natural Resources Committee on 10 April. “While there may be value in a general discussion of the steps we take to keep the grid safe, the publication of sensitive material about the grid crosses the line from transparency to irresponsibility, and gives those who would do us harm a roadmap to achieve malicious designs.”
LaFleur said that FERC ordered the North American Electric Reliability Corp on 7 March to develop mandatory physical security standards for the grid within 90 days. NERC is the bulk-power industry organization charged with ensuring the security and reliability of the grid. In November, FERC approved NERC’s newly developed standards for grid cybersecurity.
The physical protection standards must require owners and operators of the bulk power system to identify which of their facilities are critical to the reliable operation of the interstate grid, LaFleur said. If those facilities were rendered inoperable or damaged, their failure could critically impact the operation of the grid through instability, uncontrolled separation, or cascading failures. The number of critical facilities will be relatively small, she said, and some grid owners and operators won’t have any.
Second, the mandatory reliability standards should require owners and operators of identified critical facilities to evaluate potential threats and vulnerabilities to those facilities. Third, the mandatory reliability standards must require owners and operators of critical facilities to develop and implement plans to protect against attacks to their identified critical facilities.