PJM closely monitored the situation surrounding the cyberattack that shut down Colonial Pipeline last week, as stakeholders encouraged the RTO to spearhead discussions on improving cybersecurity among utilities, RTO officials said.
Paul McGlynn, PJM executive director of system operations, updated members on the pipeline closure impacts on the RTO during last week’s Operating Committee meeting. McGlynn said PJM began an immediate assessment of potential impacts to fuel supplies to the generation fleet in the region upon hearing the news of the cyberattack on May 7.
PJM reached out to the interstate natural gas pipelines serving the RTO, and there were no impacts to their utilities from the shutdown of Colonial, McGlynn said. He said many natural gas pipeline operators moved to a heightened security posture in response to the cyberattack that took down the largest pipeline for refined oil products in the U.S.
McGlynn said PJM was fortunate that during this time of year it doesn’t use many generating units that rely on the types of fuel carried by Colonial, including diesel and gasoline. PJM learned of no issues after informally polling generation owners about actual or expected impacts from the outage, McGlynn said.
“The bottom line is there was really no impact on our operations due to the pipeline,” McGlynn said.
Gary Greiner, director of market policy for Public Service Enterprise Group, said the pipeline issue “rekindled” his concern about examining the coordination between gas and electric utility operations. Greiner wondered if the cyberattack would prompt PJM and Experts Call for Cyber Shift in Response to Colonial Hack.)
Greiner said conflicts between management styles and rules pertaining to electricity and gas have made it difficult to find common ground and solve vulnerability issues.
“I think it’s time to overcome some of those issues and make some real progress,” Greiner said.
McGlynn said PJM shares Greiner’s concerns and that the incident should be a “wake-up call” for all stakeholders to make sure it doesn’t happen again. He said PJM has done a great deal of work to protect its systems from cyberattacks.
“I suspect this has opened up the eyes of some people,” McGlynn said.
Carl Johnson of the PJM Public Power Coalition said stakeholders seemed to have been more focused on security issues before the onset of the COVID-19 pandemic. He said now is the time to restart discussions and provide updates on PJM’s cybersecurity efforts and start conversations among RTOs, ISOs, FERC and the gas industry to improve coordination.
Johnson said the outcome could have been much worse for PJM if the cyberattack had been on a different pipeline and that some of the resources the RTO relies on are increasingly vulnerable to cyberattacks.
“If they hit some other pipeline, we would be having a way different set of conversations, or we wouldn’t be having conversations because we wouldn’t have electricity,” Johnson said. “These cyberattacks are becoming more and more real and are no longer theoretical.”
Paul Sotkiewicz of E-Cubed Policy Associates said while electrical utilities have “fairly strict” cybersecurity rules through FERC and NERC, pipeline operators have relatively lax cybersecurity rules. Sotkiewicz said the entire energy system, including power, gas, oil and refined fuels, is “only as strong as its weakest link,” which was demonstrated by the Colonial Pipeline cyberattack and the extreme cold weather conditions experienced in ERCOT, MISO and SPP in February that led to system failures. (See ERCOT was ‘Seconds and Minutes’ from Total Collapse.)
“I think this is an initiative that PJM and the industry really need to push hard on in Washington to develop standards for the pipelines to bring them up to speed with where we’re at,” Sotkiewicz said.
Manual 03 Changes Endorsed
Stakeholders endorsed changes to Manual 03: Transmission Operations after complaints last month that PJM didn’t have the updated language available for the first read. (See “Manual 03 First Read,” PJM Operating Committee Briefs: April 8, 2021.)
Lagy Mathew of PJM’s transmission operations reviewed the Manual 03 changes, which included minor additions such as updated email contact addresses and clarification language. Mathew said one of the most significant changes was the new Attachment G: Transmission Outage Ticket Best Practices, which created new guidelines for transmission owners to follow when creating and submitting transmission outage tickets.
Sharon Midgley of Exelon thanked PJM staff for working on the updated language in Section 3.4.2 and 3.5.4 regarding the nuclear plant interface requirement (NPIR) language changes for eDART nuclear voltage limits. Midgley said she appreciated PJM’s “flexibility” to give time for Exelon and other generation owners to establish internal processes to prepare for the changes.
The changes now go for a final vote at the May 26 Markets and Reliability Committee meeting.
Manual 36 Changes Endorsed
Members unanimously endorsed changes to Manual 36: System Restoration as part of the periodic review. Rich Brown, manager of system operator training for PJM, reviewed the manual changes, which included the deletion of restoration plans in eDART in Attachment F and an updated transmission owner list and due dates in Attachment G.
Brown said a note was also added to Attachment H, indicating that PJM’s under frequency load shed program doesn’t require “automatic switching of capacitor banks, transmission lines or reactors.” He said the note was requested by stakeholders in the Reliability Standards and Compliance Subcommittee to address NERC standard PRC-006 R10.
The changes will be voted on at the May 26 MRC meeting and implemented on June 15 if endorsed.