As advanced electrical meters and other smart grid devices designed to cut electricity consumption make their way into homes and businesses across the country, some are worried that this technology may make the nation’s power network more vulnerable to attack, according to a recent New York Times piece.
Rick Sergel, former CEO of the North American Electric Reliability Corp., or NERC, the nation’s electrical grid operations monitor, delivered this ominous message last January to the corporation’s trustees and industry representatives, warning that if NERC did not step in, the government would — by imposing its own rules and regulations.
If the industry doesn't move, "others will," said Sergel, referring specifically to bills in the House and Senate that would beef up federal cyber authority.
One of the things that the nation’s grid is especially vulnerable to is so-called "high-impact, low-frequency" risks, said Joseph McClelland, director of the Office of Electric Reliability at the Federal Energy Regulatory Commission.
For example, a major solar storm could trigger a electromagnetic pulse (EMP) in the atmosphere that would disable all satellite, radio and telephone communications and cause nationwide power blackouts.
Another threat could come from rogue states or terrorist organizations that use EMP attacks, which can destroy computer chips, transistors and other elements of smart grid technologies.
But keeping the grid safe from the enemy is no small potatoes. Peter Pry, a former staff member of a congressional commission that studied the EMP threat, told the Times that shielding vital and necessary parts of the grid could cost anywhere from $100 million to $400 million.
That hefty price tag may be one reason why the industry is slow to make changes, which is why Congress is now stepping in with three possible bills that will strengthen the Federal Energy Regulatory Commission’s ability to take the issue into its own hands.
According to the Times, H.R. 2165 would give FERC authority to order grid operators to take defensive actions when immediate cyber threats arise. Once the emergency has passed, FERC's interim actions would be replaced by consensus standards.
In addition, H.R. 2195 gives emergency powers to FERC, and while industry policies could replace such orders, there is no requirement for that to happen, Cook told the Times.
Finally, S. 1462 gives FERC and the Energy Department authority to act in emergencies and to address any cyber vulnerability, supplanting NERC consensus-based rules.
While Congress mulls over the strengths and weaknesses of each bill, lawmakers and industry leaders alike continue to worry about the vulnerability of the nation's electrical system, as well as how to establish balance of control over the grid.