Search
`
July 4, 2024
FERC Seeks Cyber Controls on Portable Devices; Sets GMD Plans
© RTO Insider
Oct 23, 2017
FERC proposed rules to prevent malware from infecting “low impact” computer systems through transient electronic devices such as laptops and thumb drives.

By Rich Heidorn Jr.

WASHINGTON — FERC on Thursday proposed rules to prevent malware from infecting “low impact” computer systems through transient electronic devices such as laptops and thumb drives.

FERC NOPR GMDs cybersecurity
| © RTO Insider

The Notice of Proposed Rulemaking would approve critical infrastructure protection reliability standard CIP-003-7, a response to an order issued by FERC in January 2016 (RM17-11). (See FERC Postpones Action on Supply Chain Protections.)

In addition to setting controls on devices frequently connected and disconnected from low-impact Bulk Electric System (BES) facilities, the NOPR also requires such facilities to have a policy for declaring and responding to “exceptional circumstances.”

High- and medium-impact BES cyber systems already have rules for responding to “exceptional circumstances,” which include situations that impact BES reliability or pose the risk of injury or death and cybersecurity incidents requiring emergency assistance.

The NOPR also directs NERC to revise the standard to provide objective criteria for electronic access controls for low-impact systems and add ways to mitigate the risk of malicious code introduced by third-party transient electronic devices, such as scanning devices prior to use.

GMD Order

In a separate order, FERC approved NERC’s preliminary geomagnetic disturbance (GMD) research work plan and ordered it to file a final plan within six months (RM15-11-002).

NERC’s GMD work plan, which it developed in collaboration with the Electric Power Research Institute and its GMD Task Force, identified nine research areas and sets an estimated time frame for their completion. It was developed in response to the commission’s September 2016 order requiring grid operators to assess and protect against the threat of GMDs. (See FERC Approves GMD Reliability Standard.)

Thursday’s order sets the priority in which NERC should conduct the GMD research, saying it should first seek to improve earth conductivity models for studies of geomagnetically induced currents. The commission cited the models’ importance in completing the GMD vulnerability assessments required by reliability standard TPL-007-1.

It said the second priority should be improving harmonics analysis “because the synergistic effects of harmonics during GMD events are not well understood.”

FERC & FederalReliability
Keywordscritical infrastructure protection (CIP)cybersecurityFederal Energy Regulatory Commission (FERC)geomagnetic disturbances (GMD)North American Electric Reliability Corp. (NERC)RM15-11
Rich Heidorn Jr.
FERC Demand Response Standards Leave Industrials, Bowring Unhappy
More From This Author

Leave a Reply

Your email address will not be published. Required fields are marked *

We Recommend

1
Wildfire Prompts CAISO’s 1st Transmission Emergency of Summer
Jul 3, 2024Public PolicyAyla Burnett
2
Study: Significant Benefits for Merchant Tx Line
Jul 3, 2024CAISO/WEIMTom Kleckner
3
Portland General Electric Formalizes EDAM Commitment
Jul 2, 2024CAISO/WEIMAyla Burnett
4
Avangrid Details Progress on NECEC Tx Line
Jul 2, 2024ISO-NEJon Lamson
5
Federal Judge Stays Biden’s LNG Export Application Pause
Jul 2, 2024FERC & FederalJames Downing

Popular Stories

1
Group Claims Powerex Backing Markets+ to Benefit from Divided West
Jun 20, 2024CAISO/WEIMRobert Mullin
2
FERC Order 1920 Sees Wide-ranging Rehearing Requests
Jun 18, 2024Public PolicyJames Downing
3
NYISO Reveals Bids in NYC Offshore Transmission Solicitation
Jun 25, 2024NYISOVincent Gabrielle
4
Report Shows Wide Range of Data Center Demand Scenarios for Virginia
Jun 20, 2024MarketsJames Downing
5
FERC Issues Show-cause Order on TO Self-funding in 4 RTOs
Jun 14, 2024ResourcesAmanda Durish Cook

Industry Gatherings