At the penultimate Open Meeting of the year (and the last open meeting of Chairman Wellinghoff), the Federal Energy Regulatory Commission (FERC) took a number of significant actions related to electric reliability. Commissioner LaFleur issued a statement regarding the actions and FERC Staff provided a presentation regarding each item. In her remarks, Commissioner LaFleur noted that the three orders described below “have broader implications for NERC’s efforts to reform its standards development process and enforcement processes.” She explained that she “strongly support[s] NERC’s efforts in both the standards and enforcement areas, but emphasize that for them to be successful the standards themselves must be clear, enforceable, and technically justified.”
CIP Version 5
FERC issued its long awaited order on Version 5 of the critical infrastructure protection (“CIP”) reliability standards related to cybersecurity. As we reported in a prior blog post, Version 5 extends the scope of the CIP standards from critical cyber assets regulated under prior versions to all “BES Cyber Systems,” which can adversely affect the BES within 15 minutes of being compromised.
FERC largely approved Version 5, and even approved NERC’s proposed implementation plan to allow responsible entities to transition their compliance programs directly from Version 3 to Version 5. This allows responsible entities to bypass implementation of Version 4, which was due to be implemented on October 1, 2104. FERC’s order will become effective in late January or early February 2014 depending on when it is published in the Federal Register, and responsible entities will be required to comply with Version 5 as of April 1, 2016 for Medium and High Impact BES Cyber Systems and as of April 1, 2017 with respect to Low Impact BES Cyber systems.
FERC, however, directed several changes to the Version 5 standards. First, FERC directed NERC to remove language in the standards that would require responsible entities to establish policies and procedures designed to “identify, assess and correct” deficiencies in compliance. Although FERC recognized that this language was an attempt to have the standards implemented and enforced in a more risk-based manner (which FERC supports), FERC found the “identify assess and correct” language to be ambiguous. Second, FERC directed NERC to address the lack of specific protections Low Impact BES Cyber Systems or objective criteria for assessing individual entity programs to protect such assets. FERC also directed NERC to establish standards governing transient devices (laptops, USB sticks, etc.) and their interconnection with BES Cyber Systems and governing security of communications networks. With the exception of the directive to establish standards for transient devices, FERC gave NERC a one year deadline for implementing the other directives, which could mean that a Version 6 may need to be developed as expeditiously as possible.
Beyond the directives to revise the standards and various other rulings clarifying the meaning of various terms, FERC also required NERC to take other actions as well. With respect to the 15 minute threshold built in to NERC’s definition of BES Cyber Systems, FERC directed NERC to conduct a survey on the industry’s implementation of that threshold to identify what assets are included and excluded from the classification of BES Cyber Systems as a result of that threshold, what specific methods the industry is using to implement that threshold, and what common problems the industry may have in implementing the threshold. In addition, FERC directed FERC staff to conduct a technical conference in June or July 2014 to address such issues as communications security, remote access, and the National Institute of Standards and Technology (NIST) Risk Management Framework.
Paragraph 81 Reliability Standards Retirements
FERC issued an order approving the retirement of 34 requirements within 19 Reliability Standards identified by NERC on the basis that the requirements either: (1) provide little protection for Bulk-Power System reliability or (2) are redundant with other aspects of the Reliability Standards. In addition, FERC withdrew 41 of 150 outstanding directives that NERC develop modifications to Reliability Standards (Attachment A to the order lists the withdrawn directives). These changes resulted from P 81 of FERC’s March 15, 2012 order, in which FERC raised the prospect of revising or removing requirements of Reliability Standards that “provide little protection for Bulk-Power System reliability or may be redundant.” See North American Electric Reliability Corp., 138 FERC ¶ 61,193, at P 81 (March 2012 Order), order on reh’g and clarification, 139 FERC ¶ 61,168 (2012). See also Energy & Environmental Law Advisor blog post re NERC Submits Compliance Filing and Report on the Compliance Enforcement Initiative and Proposed Enhancements to the Find, Fix, Track and Report Program.
In the final order, FERC also agreed with commenters that NERC should continue the process of identifying additional Reliability Standards and requirements as candidates for retirement or streamlining but declined to direct NERC to develop additional criteria for identifying candidate requirements for retirement. We anticipate that NERC, through the standards development process and with the assistance of industry, will continue to evaluate requirements for retirement and may submit additional proposals to FERC.
Transmission Operations and Interconnection Reliability Operations Standards
Finally, FERC issued a notice of proposed rulemaking (NOPR) proposing to remand certain revisions to the Transmission Operations (TOP) and Interconnection Reliability Operations and Coordination (IRO) reliability standards (TOP-001-2, TOP-002-2, TOP-003-2, IRO-001-3, IRO-002-3, IRO-005-4, and IRO-014-2). These standards relate to ensuring that the transmission system is operating within established operating limits.
While FERC found that the proposed TOP and IRO reliability standards contain organizational and administrative improvements that reduce redundancy and clarify roles of various entities involved in operations, FERC found that the revisions create regulatory gaps in these critical standards. FERC’s main area of concern raised is that, unlike the currently effective TOP standards, the proposed TOP standards do not contain an explicit requirement for transmission operators to plan and operate the grid to meet all System Operating Limits (SOLs). Rather, to reflect actual operating policies, NERC’s proposed revisions would require Transmission Operators to operate within Interconnection Reliability Operating Limits (IROLs) and those SOLs supporting reliability internal to the TOP’s footprint (as opposed to SOLs supporting a neighboring TOP). FERC found that the standards’ failure to require analysis of all SOLs and to focus analysis only on a subset of non-IROL SOLs could reduce system reliability and cause negative consequences outside of a TOP’s internal area. FERC noted that both the Arizona-Southern California Outages on September 8, 2011 and the Northeast Blackout of 2003 were the result of non-IROL SOL exceedances.
Because NERC requested that the revised TOP standards and the revised IRO standards be considered together, FERC is proposing to remand both sets of revisions. FERC proposes to direct NERC on remand to address the SOL issue discussed above as well as to seek comment on a number of other clarification issues related to whether and how obligations under the current TOP and IRO reliability standards will be implemented under the revised standards.
In the same NOPR, FERC proposes to approve NERC’s proposed revision to reliability standard TOP-006-3 concerning the monitoring role and notification obligation of reliability coordinators, balancing authorities and transmission operators. FERC notes that this particular standard is consistent with FERC’s approval of NERC’s approach to ensure that reliability entities (particularly transmission operators and balancing authorities) have clear decision making authority and capabilities to take appropriate actions during an emergency.