FERC on Friday accepted a slew of settlements for violations of NERC reliability standards, with American Electric Power, DTE Energy, Eversource Energy, Portland General Electric and Exelon among the utilities hit with monetary penalties by their regional entities.

AEP’s violation carried the largest penalty at $1 million, followed by DTE ($375,000), Eversource ($120,000), Exelon ($110,000) and PGE ($112,000). Additional penalties were assessed against unnamed entities in the Western, Eastern, and Texas interconnections.

NERC submitted Notices of Penalty (NOPs) for AEP (NP20-16) and DTE (NP20-17), along with a spreadsheet NOP detailing the violations by Eversource and an unnamed entity in the Western Interconnection, on May 28 (NP20-18). An additional spreadsheet NOP for Exelon, PGE and unnamed utilities in the Eastern and Texas interconnections was filed on April 30 (NP20-14). In a notice Friday, FERC said it would not review the settlements, leaving the penalties intact.

Trees at Root of $1M AEP Settlement

The settlement between AEP and ReliabilityFirst stemmed from reliability standard FAC-003-4 (Transmission vegetation management).

On Aug. 21, 2018, AEP reported to the RE that its Kammer-Mountaineer 765-kV circuit in West Virginia had tripped and locked out for over 28 hours, starting on June 30 and ending the following day. The cause of the trip was later determined to be vegetation growth that had “caused a flashover to two trees within the [minimum vegetation clearing distance].”

The span between towers 202 and 203 on the transmission line, where the flashover occurred, is classed in AEP’s transmission vegetation management plan (TVMP) as a “valley span” based on assumptions about the amount of clearance beneath the line. However, following a post-event inspection, this classification was determined to be incorrect because of previously undetected hills that violated the minimum clearance requirements — including the hill with the trees involved in the flashover.

ReliabilityFirst concluded that the root cause of the event was reliance on “visual cues and professional and historical knowledge” to assess whether complete clearing was needed in a particular zone, constituting a failure by AEP to effectively design and implement a FAC-003 compliance strategy. The RE classed the risk posed by the violation as “serious,” as it could have led to overloading of nearby transmission lines and cascading outages.

According to NERC’s filing, AEP neither admitted nor denied the violation but agreed to the $1 million penalty along with additional mitigation actions. The mitigation plan includes removing all suspect trees and brush from the affected span of the Kammer-Mountaineer line, conducting additional inspections of other lines with long spans and deep valleys along with clearing vegetation as needed, and commissioning a third-party review of the TVMP.

Continued Oversights Heighten DTE Penalties

ReliabilityFirst also settled with DTE over violations of PRC-005-1 and PRC-005-1.1b (Transmission and generation protection system maintenance and testing) that occurred in 2017 and 2018.

The first violation was self-reported by DTE to ReliabilityFirst on April 17, 2017, and involved four combustion turbine generators (CTGs) at the Enrico Fermi Nuclear Power Plant in Michigan. DTE notified the RE that it had not maintained or tested relays for the CTGs since the late 1990s. ReliabilityFirst later determined that the oversight was caused by misclassification of relay maintenance requirements for the CTGs, along with insufficient detective controls and procedures and lack of communication between DTE’s engineering team and personnel at the facility.

In the second violation, DTE initially reported possible compliance issues to ReliabilityFirst during audit preparation in 2017. During the audit, the RE confirmed that nine components in DTE’s protection system “did not satisfy the requirements of PRC-005” because of insufficient testing and maintenance records; a further investigation by DTE concluded that the issues covered 325 components in all.

Unlike the earlier infraction — determined by ReliabilityFirst to pose a moderate risk to the bulk power system — the RE concluded that this violation constituted a serious risk. Several root causes for the problem were identified:

• Incomplete and inaccurate equipment inventory records.
• Ineffective test tracking systems.
• Multiyear backlog of unchecked test records.
• Failure to include certain components in the maintenance and testing program.
• Failure to understand applicable standards and requirements.

DTE’s mitigation activities for both infractions included the development of a comprehensive inventory list and electronic work management system to maintain it, along with more effective process documentation.

In determining the penalty amount, NERC noted that ReliabilityFirst acknowledged that the first violation, although continuing for several years, was self-identified and reported by DTE, that the utility had accepted responsibility for its noncompliance, and that it was “highly cooperative” throughout the enforcement process. However, the RE also observed that DTE has prior violations of PRC-005, which served as an aggravating factor to the penalty determination.

Eversource Fails on Facility Ratings

The first of the two spreadsheet NOPs submitted by NERC covers a violation of FAC-009-1 (Establish and communicate facility ratings) by Eversource, and two violations of CIP-014-2 (Physical security) settled between WECC and an entity in the Western Interconnection. NERC did not identify the second offender because of security concerns.

Eversource’s $120,000 settlement resulted from a discovery made by the utility during preparation for an on-site audit in May 2018. In a self-log submitted to the Northeast Power Coordinating Council the following month, Eversource reported that it found that the facility ratings on three 345-kV transmission lines and three autotransformers in the Eastern Massachusetts Area (EMA) did not align with its rating methodology.

Further investigation found 65 instances in the EMA where ratings did not match the methodology. The divergences were found to have been caused by various factors such as failure to update ratings after modifications to field equipment, failure to consider series-limiting components, and the incorrect use of legacy calculations based on industry rating practices but not authorized by the utility’s ratings methodology.

While NPCC determined that the violation posed a moderate risk to the safety of the grid, the RE found that Eversource had been cooperative throughout the enforcement process and thorough in its mitigation approach. Its responses included re-evaluating all 262 elements in the EMA area and updating their ratings if needed, along with expanding functions of the Thermal Ratings Coordinator into the EMA area and establishing a facilities rating update system.

WECC Escalates Unfinished Mitigation

WECC’s settlement with the unnamed entity carried no monetary penalty and was escalated from an infraction slated for NERC’s milder “find, fix and track” enforcement strategy.

At issue was the entity’s physical security plans, which lacked resilience or security measures to address potential threats identified in an earlier threat and vulnerability evaluation. The violation was determined to have begun on June 27, 2016, when the relevant requirement in CIP-014-2 became enforceable. WECC later found the entity had not effectively completed its mitigation activities and thus withheld certification of mitigation completion, escalating the matter to a formal NOP.

In response, the utility agreed to expand its mitigation plan and resubmit it. The final plan includes a number of major updates to its security posture:

• Revisions to the primary control center threat and vulnerability assessment.
• Updates to the substation physical security plan.
• Interdepartmental meetings focused on protections needed at critical sites.
• Creation of communication avenues for discussing critical infrastructure protection measures.
• Establishing a new position to assist with issues relating to CIP-014-2.
• Partnering with local first responders for an active shooter exercise testing its security plans.

WECC certified the entity’s completion of mitigation activities on Jan. 21.

Exelon Reports Testing Gaps in Nuclear Fleet

The final spreadsheet NOP approved by FERC details agreements between NPCC, ReliabilityFirst and Exelon for infractions of PRC-005-1.1b; between WECC and PGE for violations of COM-002-4 (Operating Personnel Communications Protocols) and VAR-002-2b (Generator operation for maintaining network voltage schedules); and between several unnamed entities and their REs for violations of NERC’s CIP standards.

Exelon’s violation, for which NPCC and ReliabilityFirst assessed a $110,000 penalty, arose from a self-report submitted to NPCC in April 2017 — and updated following subsequent review — that it had failed to perform testing required by its protection system maintenance program. The deficiencies occurred at the R.E. Ginna Nuclear Power Plant, the Nine Mile Point Nuclear Station and the James A. FitzPatrick Nuclear Power Plant. All three facilities are located in New York.

In addition, Exelon reported to ReliabilityFirst in April 2018 that it had uncovered deficiencies in testing at several nuclear stations. Two of the affected stations — Three Mile Island Unit 1 and Oyster Creek — have since been permanently shut down, which the RE considered to have mitigated the issue.

In determining the penalty, NPCC and ReliabilityFirst noted that the utility had inherited some of the units in question and thus did not deserve all of the blame for the missed testing. On the other hand, Exelon also has prior instances of noncompliance with PRC-005, and this was an aggravating factor. The REs will conduct a follow-up spot check of Exelon Nuclear in 2021 to confirm its compliance status.

PGE Admits to Communication Failures

PGE reported its violation of COM-002-4 to WECC on June 29, 2017, regarding its behavior as a balancing authority during the outage of a generation facility on Dec. 8, 2016. During the outage, PGE’s BA operator and staff at generating facilities failed to follow communications procedures; specifically, the generating facility staff failed to repeat the operator’s instructions and the operator did not ask them to, both of which are required in the standard.

WECC assessed the infraction as a moderate risk because of the repeated nature of the violation and the large amount of generating capacity that was affected. PGE agreed to update its internal procedures to clarify the required responses to operating instructions and to apply the same changes to its training manuals and performance evaluations.

In addition, WECC determined that PGE had numerous issues with communicating status changes for voltage controlling devices at its wind and hydropower facilities, with incidents beginning in 2013 and continuing through 2017 when the utility updated transmission operators with the correct information as required by VAR-002-2b. These violations were included when assessing PGE’s $112,000 penalty in the spreadsheet NOP.

CIP Penalties for Unnamed Entities

Finally, NPCC and ReliabilityFirst reached a $42,000 settlement with an unidentified utility over servers that it had discovered were not correctly identified as Electronic Access Control or Monitoring Systems (EACMS), as required by CIP-010-2 (Configuration change management and vulnerability assessments). The entity had failed to identify the EACMS because of outdated inventory systems, as well as internal miscommunication as to who was responsible for implementing the proper CIP controls.

Texas Reliability Entity also flagged an unnamed entity for violating CIP-002-5.1 (BES cyber system configuration). The violations were discovered in an internal review in 2017, after a third-party study had raised concerns that some of the entity’s cyber systems were improperly rated as low-impact; the utility confirmed that the systems in question should be changed to medium-impact, with the appropriate security measures applied.

In response to the self-report, Texas RE assessed no monetary penalty, reasoning that the entity had demonstrated a strong internal compliance program and had implemented a number of mitigating activities and controls, which it verified had been completed by Feb. 25. The infraction was also acknowledged to have posed only a moderate risk to reliability.