Search
December 15, 2025
Texas RE Offers Compliance Help for New Registrants
Webinar Targeted Operators of Newly Registered Generation
A graph showing how the number of newly registered entities in Texas, especially generator owners, has grown each year since 2022
A graph showing how the number of newly registered entities in Texas, especially generator owners, has grown each year since 2022 | Texas RE
Apr 8, 2025 | Holden Mann
Presenters at a Texas RE webinar focused on helping newly registered entities with the most frequently seen violations among utilities in similar circumstances.

With new registrants entering the Texas Reliability Entity’s system at an ever-increasing rate, staff from the regional entity stressed the importance of adhering to NERC’s reliability standards at an April 8 webinar.

Speaking to attendees of the webinar, part of the regular Talk with Texas RE series, Cybersecurity Principal William Sanders said the organization has noted a significant increase in the number of new registrants over the past few years, from 31 in 2022 to 53 in 2024. Most of the new additions were generator owners, he continued, reflecting the “large amount of generation being built” in the Texas Interconnection.

Texas’ recent generation additions have come at “an incredibly rapid pace,” ERCOT CEO Pablo Vegas told the grid operator’s Board of Directors in December. Solar resources and battery storage accounted for 83% of the 1,775 active interconnection requests at the time. (See ERCOT Faces Uphill Battle to Meet Large Loads.)

Sanders said the accelerating pace of registration prompted Texas RE to reach out to these incoming entities. Whether they are builders of new generation resources or purchasers of existing assets, many of them may be responsible for following NERC’s standards for the first time, he said. Noting that “Texas RE’s violation data is different from the rest of the interconnections, just because of how many new entities we have,” Sanders said the RE wanted “to make sure that [new registrants] have everything in place they need to be successful.”

To best serve their target audience of prospective generation builders or purchasers, Sanders and his co-presenter Alex Petak, enforcement attorney at Texas RE, focused their presentation on standards violations most often recorded within 31 days, one year, or two years of registration. Sanders covered NERC’s Critical Infrastructure Protection (CIP) standards, while Petak handled the suite of standards grouped under the Operations and Planning (O&P) label. Both discussed the most-violated requirements and best practices to prevent infringements.

Among the CIP standards, Sanders said the most-recorded violation is of requirement R2 of the CIP-003 family, the currently enforceable version of which is CIP-003-8 (Cybersecurity — security management controls). This requirement mandates that entities “with at least one asset … containing low impact [grid] cyber systems shall implement one or more documented cybersecurity plan(s)” for those systems.

Sanders reviewed the mandatory components of such cybersecurity plans, which comprise:

    • Cybersecurity awareness: Staff must be trained on cybersecurity best practices at least every 15 months.
    • Physical security controls: Any physical barriers, such as fences, locks and security cameras, between intruders and cyber assets.
    • Electronic access controls: Firewalls and other obstacles to online intruders.
    • Cybersecurity incident response plans: Plans must be tested at least once every 36 months.
    • Transient cyber asset and removable media: Safety protocols for USB drives and other physical media that can be added to or removed from a computer.

Other CIP violations frequently recorded within the first two years of registration include requirements R1 and R2 of CIP-002 (Cybersecurity — BES cyber system categorization). These require GOs to identify assets that contain low-impact grid cyber systems and review and update those identifications every 15 months.

“If your organization only has one generation facility, this may seem fairly straightforward. You obviously know about the generation asset [around] which your entire company is built,” Sanders said. “However, that documentation does need to exist, and for entities who are purchasing generation assets, you might have multiple generation facilities under a single [registration], [and] we need to have surety that you are aware of each of those facilities.”

In his O&P presentation, Petak noted that “facility ratings come up a lot in the early days,” with violations of NERC’s FAC family of standards comprising more than 20% of noncompliances that begin within 31 days of registration.

He reminded attendees that requirements R1 and R2 of FAC-008 (Facility ratings) mandate that GOs maintain documented methodologies for determining facility ratings, while R6 requires how those ratings are to be implemented and maintained. All three requirements are among the most frequent violations within the first month of registration, with R6 topping the list.

However, after the first 31 days, the biggest share of infringements shifts to NERC’s modeling (MOD) requirements, particularly MOD-026-1 (Verification of models and data for generator excitation control system or plant volt/var control functions) and MOD-027-1 (Verification of models and data for turbine/governor and load control or active power/frequency control functions).

Noncompliance with these standards usually is associated with requirement R2 of each one, which require GOs to have models in place for the applicable system functions. Petak noted that a common complaint among GOs is that “the deadline sneaks up on them in some way, or they were not tracking the deadline well enough,” and they or their third-party contractors lacked time to complete the verification.

“Having some sort of tracking software can definitely help out” with meeting the deadlines, Petak said. “In fact, most of the mitigating activities that we see when we’re processing these noncompliances involve the entity initiating some sort of software into their compliance program. So doing it before the noncompliance comes up would be ideal.”

CIPFACMODTexas RE
KeywordsCIP-002CIP-003-8critical infrastructure protection (CIP)FAC-008facility ratingsMOD-026MOD-027North American Electric Reliability Corp. (NERC)Talk with Texas RETexas Reliability Entity (TX RE)
Holden Mann
RSTC Approves Leaders for Next 2 Years
More From This Author

Leave a Reply

Your email address will not be published. Required fields are marked *

We Recommend

1
SERC: East, Central Subregions Face Elevated Risk in Severe Weather
Dec 11, 2025Regional EntitiesHolden Mann
2
RSTC Approves Leaders for Next 2 Years
Dec 10, 2025NERC & CommitteesHolden Mann
3
NERC Standards Committee Pushes Projects Forward
Dec 9, 2025Standards/ProgramsHolden Mann
4
NERC Board Approves Committee Reorganization
Dec 8, 2025NERC & CommitteesHolden Mann
5
DOE’s National Petroleum Council Releases Report on Gas-electric Coordination
Dec 4, 2025Resource AdequacyJames Downing

Popular Stories

1
NERC Board Approves Committee Reorganization
Dec 8, 2025NERC & CommitteesHolden Mann
2
SERC: East, Central Subregions Face Elevated Risk in Severe Weather
Dec 11, 2025Regional EntitiesHolden Mann
3
West Needs Unified IBR Approach, WIRAB Says
Dec 3, 2025Regional EntitiesHenrik Nilsson
4
CISA Publishes Guide for AI Critical Infrastructure Integration
Dec 3, 2025FERC & FederalHolden Mann
5
Power Industry Asks Congress to Authorize Cyber Defense Programs
Dec 2, 2025FERC & FederalJames Downing

Industry Gatherings


Upcoming Event

Upcoming Event