The Federal Energy Regulatory Commission last week called for a review of the physical security of the utility’s power systems. The order comes after attacks on substations in North Carolina, Ohio, Oregon and Washington state. Justin Sullivan/Getty Images
After Substation Shooting, Federal Regulator Orders Review Of Security Standards
The Federal Energy Regulatory Commission ordered the North American Electric Reliability Corporation to review existing “physical security” rules for the components of the power system.
Less than two weeks after gunfire damaged two Duke Energy substations in Moore County, N.C., knocking out power to about 45,000 people, federal regulators ordered a review of security standards at electric transmission facilities and control centers.
The Federal Energy Regulatory Commission on Thursday, Dec. 22, ordered the North American Electric Reliability Corporation (NERC), which sets and enforces reliability standards for the bulk power system in the U.S., Canada and part of Mexico, to review existing “physical security” rules for the components of the power system.
The order, which requires NERC to deliver within 120 days its report on the effectiveness and applicability of current standards and whether improvements are necessary, comes amid reports of similar attacks at other sites across the country.
Earlier this year, three men in Ohio pleaded guilty to planning an attack on electric substations as part of a white supremacist plot. In November, shots were fired at an American Electric Power substation near Centerburg, Ohio, knocking out power, a local news outlet reported. The FBI is also investigating a string of attacks at substations that happened in Washington and Oregon, per The Seattle Times.
“One, it reminds us that we need to take physical security into account just as we do cyber security,” FERC Chairman Richard Glick said last week at the commission meeting, cautioning that the motives for the Moore County attack and some similar incidents elsewhere remain murky and under investigation by local and state law enforcement.
“But in the meantime I think it’s a good idea and this is a good step of trying to reassess our existing physical security standards and whether changes need to be made.”
In 2014, following a sniper attack the year before on a Pacific Gas and Electric’s Metcalf substation in California, FERC approved a physical security reliability standard for owners of electric transmission facilities. The standard requires utilities and other transmission owners to conduct regular risk assessments on transmission stations and substations “that, if rendered inoperable or damaged, could result in instability, uncontrolled separation or cascading within an interconnection,” Mark Hegerle, director of FERC’s Division of Operation and Planning Standards, told the commission.
That means facilities that could create hazards for the larger grid if they are knocked out, a risk not posed by the North Carolina outages, said Rachel Sherrard, a spokeswoman for NERC.
“The assets in North Carolina were not individually deemed critical to the grid and the recent attack did not create an uncontrolled or cascading outage, which is what the standards are designed to protect from,” she said. “However, this does raise the question of the need to review an event that impacts several non-critical assets that collectively can have impact beyond any single asset failure.”
Substations serve a variety of purposes, including stepping down voltage from the transmission system that transports electricity across long distances to the distribution wires that bring into homes and businesses. Asked if the shootings had made Duke re-examine how it protects substations, a spokeswoman said the company wouldn’t discuss specific security measures.
“We have multiple layers of security across our system that allow us to monitor and protect critical infrastructure,” the spokeswoman, Logan Kureczka, wrote in an email. “As the largest grid operator in the country, our responsibility to protect the power grid is paramount, and our security evolves as threats do.”
In a statement earlier this month, the Electricity Subsector Coordinating Council, which describes itself as the “principal liaison between leadership in the federal government and in the electric power sector,” said investor-owned electric companies, electric cooperatives and public power utilities “continuously monitor and prepare for threats to the grid and other infrastructure.”
The organization, which coordinates efforts to guard against threats to critical infrastructure to improve the reliability and resilience of the grid, said it was working with law enforcement investigating the attacks.
“Understanding what happened in North Carolina will be important to minimize future threats and to keep our industry’s defenses at the forefront,” the organization said.
FERC Commissioner Mark Christie, a former Virginia utility regulator, said attacks on transformers, the drum-shaped devices on utility poles that lower the voltage before electricity is delivered to residences and businesses, are relatively common.
“They’re vulnerable to a drunk with a gun and an attitude. We have a lot of incidents of that. That’s not unusual,” he said. “The substations are a different ballgame. … A transformer knocks out a block or two. A substation, several tens of thousands of people.”
Noting that it was likely that NERC would come back with a recommendation to upgrade security standards, Christie said he hoped the Department of Energy would find a way to use grid resilience money from the bipartisan infrastructure law to lessen the blow for electric ratepayers.
“It’s going to cost money and I hope this doesn’t all flow through to ratepayers,” he said.
Nevada Current is part of States Newsroom, a network of news bureaus supported by grants and a coalition of donors as a 501c(3) public charity. Nevada Current maintains editorial independence. Contact Editor Hugh Jackson for questions: info@nevadacurrent.com. Follow Nevada Current on Facebook and Twitter.