Electricity is a key component of the fabric of modern society and the goal of the Electric Reliability Organization (ERO) Enterprise is to strengthen that fabric and protect it from various risks and threats, both physical and digital ones. ERO’s mission is the effective and efficient reduction of risks to the reliability and security of the grid.
Towards this direction, ERO published in October 2021 the annual Compliance Monitoring and Enforcement Program (CMEP) Implementation Plan (IP), which describes the top priority risks for all energy grid organizations in the US. Although the Plan is full of useful information, if you find yourself lacking time to go through the whole 19 pages, we prepared a succinct overview for you covering the most important highlights.
The pandemic risk factor
The coronavirus pandemic has caused some risks to Bulk Power System (BPS) Operations. As identified in NERC’s Preparedness and Operational Assessment, pandemic risk differs from many of the other threats facing the BPS because it is a “people event.” The fundamental risk is the loss of staff critical to operating and maintaining the BPS affecting the reliability and security of these entities. ERO suggests that electric grid facilities review requirements related to personnel training to address this risk. In doing so, regions should consider not only short-term impacts but also long-term impacts, such as:
- Supply chain issues affecting entities’ ability to acquire Bulk Electric System (BES) assets
- Microchip supplies affecting cyber assets, specifically where entities already had aging BES Cyber Systems (BCS) or legacy systems
- Staffing shortage affected by the reduction in workforce, or the changing landscape of the workforce as people leave jobs not allowing remote work
- Future trained staff shortage due to the slow-down in graduates and certification programs
2022 risk elements
After reviewing the 2021 risk elements, ERO came up with the following list of risk elements for 2022.
2022 Risk Elements |
Remote Connectivity |
Supply Chain |
Models Impacting Long-term and Operational Planning |
Gaps in Program Execution |
Protection System Coordination |
Extreme Events |
Remote connectivity
This risk element focuses on the human element of security. One of the effects of the coronavirus pandemic has been changes to the interaction between employees, vendors, and their workspaces which could have unintended effects on the controls in place to protect critical infrastructure. Compliance monitoring should seek to understand how entities manage the risk of remote connectivity and the complexity of the tasks the individuals perform.
Leveraging compromised credentials and exploiting physical and logical access of authorized users pose a major risk to systems that monitor and control the BES. With the target being users, privileged or non-privileged, who have authorized unescorted physical access and various levels of access to critical elements of the BES, the risk becomes elevated. By actively and covertly employing social engineering techniques and phishing emails, attackers may deceive authorized users to harvest credentials and gain unauthorized access.
Supply chain
Supply Chain risks are growing and continue to be a focal point. The recent high-profile supply chain attacks and guidelines issued by NERC and FERC highlight the importance of strengthening the security of complex and vast supply chains used by electric grid operators. For example, the SolarWinds Orion attack mainly affected key suppliers, resulting in the industry being impacted downstream even though the registered entity may not have purchased, and/or installed, the infected software. Additionally, the supply chain attacks on meat processing giant JBS and Colonial Pipeline have lessons learned that can be applied to the electric sector. While these risks may create reliability issues, collectively the risks could cause BPS cascading disruptions.
Models impacting long-term and operational planning
Insufficient operational planning can lead to increased risks to reliability in the near term. With the energy sector changing rapidly during the last few years – digitalization, renewable sources, dependence on natural gas – it is important to assess the emerging risks and adapt operational planning accordingly.
As stated in the NERC 2021 State of Reliability report, “The addition of variable resources, primarily wind and solar, and the retirement of conventional generation is fundamentally changing how the BPS is planned and operated. Planning and operating the grid must increasingly account for greater uncertainty across the resource fleet as well as uncertainty in electricity demand that is being affected by increasing amounts of demand-side resources.”
Gaps in program execution
The coronavirus pandemic has complicated registered entity inspection and maintenance programs because of travel limitations and physical distancing requirements. Change management weaknesses have also led to significant violations related to Facility Ratings and maintenance of Protection System devices. Some registered entities have Facility Ratings based on inaccurate equipment inventories, or ratings are not being updated during projects or following severe weather. Where records are not kept up to date, inaccurate models and damaged equipment can result. Failing to keep accurate inventories of equipment, following asset transfers, the addition of new equipment, or mergers and acquisitions, is also resulting in incomplete Protection System Maintenance and Testing Programs that jeopardize the functionality of the equipment to respond to faults or disruptions in the electric system.
In response to these deficiencies, the ERO Enterprise will assess the effectiveness of CIP-008-6 R4 by seeking to understand how these processes are being developed and executed, whether the thresholds established are effective, and whether there are opportunities to share best practices more broadly among the industry.
Protection system coordination
Protection systems are designed to remove equipment from service so the equipment will not be damaged when a fault occurs. Protection systems that trip unnecessarily can contribute significantly to the extent of an event. When protection systems are not coordinated properly, the order of execution can result in either incorrect elements being removed from service or more elements being removed than necessary. A thorough analysis of lessons learned from maloperations can have a substantial reliability impact.
Extreme events
Extreme events encompass a wide range of events that can cause major BPS impacts. Cold weather events, as well as heat events, show that not only do extreme events pose challenges due to the nature and frequency of the event itself but also that the grid digital transformation also amplifies the effects and complicates mitigation of an extreme event. Other extreme events include pandemics and threats to national security. Extreme events can stress the BPS and expose weaknesses, including:
- difficulties obtaining equipment
- discovery of critical infrastructure dependencies
- aging infrastructure coupled with inadequate maintenance
- failure of large power transformers resulting from a Geomagnetic disturbance, wildfires, or other weather-related effects
- any type of intentional (or unintentional) physical or cyber-security breach, including the impacts of an electromagnetic pulse (EMP)
Recent cybersecurity events and the evolving threat landscape have highlighted the concern around the possibility of additional risks posed by potential coordinated cyberattacks. The ability to reach many BES Cyber Systems simultaneously electronically across multiple BES assets could greatly impact the reliable operations of the BPS.
If you want to find out how ITEGRITI can help you address these risks, contact one of our experts.