Skip to main content

MIT Recommends Single Agency to Manage Cyber Security Threats for Electricity Grid

The Massachusetts Institute of Technology released a report on Monday that discusses the future challenges facing the U.S. electricity grid and several recommendations for how to best manage them. The researchers found that one of the most notable challenges facing the electricity grid is the threat of cyber attack.

MIT writes in the report:
Perfect protection from cyberattacks is not possible. There will be a successful attack at some point.
This is a huge threat to the grid because a cyber attack in one area has the ability to affect other areas very rapidly, which could greatly disrupt power supply all over the country. Cyber attacks are also considered by the Pentagon to be an “act of war,” said the MIT researchers at a National Press Club event this week.

To best manage this issue, MIT recommends that:
The federal government should designate a single agency to have responsibility for working with industry and to have the appropriate regulatory authority to enhance cybersecurity preparedness, response and recovery across the electric power sector, including both bulk power and distribution systems.
But which agency should be tasked with this authority? CNET’s Don Reisinger writes:
The Obama administration has argued in the past that the Department of Homeland Security should be charged with securing the electrical grid, while many members of Congress have called on the Department of Energy or Federal Energy Regulatory Commission [FERC] to take over. So far, a decision hasn't been made, and MIT researchers didn't provide insight into which organization might be best.
Although the MIT researchers believe that a single agency should be tasked with overseeing these efforts, the nuclear industry believes that the U.S. Nuclear Regulatory Commission has extensive regulations already in place for protecting nuclear energy facilities from cyber attack and that regulatory oversight by other agencies would be “unnecessary and duplicate strict NRC oversight.” In response to the White House’s proposal for DHS to manage a cyber security program, NEI writes:
However, this proposal—along with recent efforts to legislate cyber security for critical infrastructure—is not needed for nuclear plants because NRC regulations and oversight of industry actions to respond to cyber threats. Additional regulation would be duplicative and risk creating inconsistencies in requirements.
Some of you may remember NEI’s cyber security expert Bill Gross who posted in October on the House Republican Cybersecurity Task Force’s recommendations. He had this to say about the MIT’s recommendation:
The U.S. Nuclear Regulatory Commission has mandatory cyber security requirements in place for all power plants. While there may be value in a central coordinating authority, the regulators of jurisdiction have the subject matter expertise to manage the cyber security issue. Any centralized role should be focused on minimizing the potential for dual or duplicate regulatory requirements across sectors.
The industry does agree with MIT, however, that cyber attacks are one of the greatest threats facing the electric power industry today. Exelon Nuclear’s President and Chief Nuclear Officer Mike Pacilio commented on current cyber security programs in place in the nuclear industry in a recent video interview at the 10-year anniversary of September 11.
All of our plants today, not only Exelon, but in the industry, have a very comprehensive cyber improvement program where we are essentially making our plants an island. Any of the controls that interface with the Internet, for example, that could possibly control the reactor are not connected.
See NEI’s website for more information on cyber security programs in the nuclear energy industry.

Among MIT’s other recommendations outlined in the report are:
  • To facilitate the integration of remote renewables, the Federal Energy Regulatory Commission should be granted enhanced authority to site major transmission facilities that cross state lines.
  • To improve the grid’s efficiency and lower rates, utilities with advanced metering technology should begin a transition to pricing regimes in which customers pay rates that reflect the time-varying costs of supplying power.
  • To improve utilities’ and their customers’ incentives related to distribution generation and energy conservation, utilities should recover fixed network costs through customer charges that do not vary with the volume of electricity consumption.
  • To make effective use of new technologies, the electric power industry should fund increased research and development in several key areas, including computational tools for bulk power system operation, methods for wire-area transmission planning, procedures for response to and recovery from cyber attacks, and models of consumer response to real-time pricing.
  • To improve decision making in an increasingly complex and dynamic environment, more detailed data should be compiled and shared, including information on the bulk power system, comprehensive results from “smart grid” demonstration projects, and standardized metrics of utility cost and performance.
For more information on MIT’s research, see the full report, “The Future of the Electric Grid.”

Image credits: From the Department of Homeland Security’s Web page on Cybersecurity.

Comments

Popular posts from this blog

Fluor Invests in NuScale

You know, it’s kind of sad that no one is willing to invest in nuclear energy anymore. Wait, what? NuScale Power celebrated the news of its company-saving $30 million investment from Fluor Corp. Thursday morning with a press conference in Washington, D.C. Fluor is a design, engineering and construction company involved with some 20 plants in the 70s and 80s, but it has not held interest in a nuclear energy company until now. Fluor, which has deep roots in the nuclear industry, is betting big on small-scale nuclear energy with its NuScale investment. "It's become a serious contender in the last decade or so," John Hopkins, [Fluor’s group president in charge of new ventures], said. And that brings us to NuScale, which had run into some dark days – maybe not as dark as, say, Solyndra, but dire enough : Earlier this year, the Securities Exchange Commission filed an action against NuScale's lead investor, The Michael Kenwood Group. The firm "misap

An Ohio School Board Is Working to Save Nuclear Plants

Ohio faces a decision soon about its two nuclear reactors, Davis-Besse and Perry, and on Wednesday, neighbors of one of those plants issued a cry for help. The reactors’ problem is that the price of electricity they sell on the high-voltage grid is depressed, mostly because of a surplus of natural gas. And the reactors do not get any revenue for the other benefits they provide. Some of those benefits are regional – emissions-free electricity, reliability with months of fuel on-site, and diversity in case of problems or price spikes with gas or coal, state and federal payroll taxes, and national economic stimulus as the plants buy fuel, supplies and services. Some of the benefits are highly localized, including employment and property taxes. One locality is already feeling the pinch: Oak Harbor on Lake Erie, home to Davis-Besse. The town has a middle school in a building that is 106 years old, and an elementary school from the 1950s, and on May 2 was scheduled to have a referendu

Wednesday Update

From NEI’s Japan micro-site: NRC, Industry Concur on Many Post-Fukushima Actions Industry/Regulatory/Political Issues • There is a “great deal of alignment” between the U.S. Nuclear Regulatory Commission and the industry on initial steps to take at America’s nuclear energy facilities in response to the nuclear accident in Japan, Charles Pardee, the chief operating officer of Exelon Generation Co., said at an agency briefing today. The briefing gave stakeholders an opportunity to discuss staff recommendations for near-term actions the agency may take at U.S. facilities. PowerPoint slides from the meeting are on the NRC website. • The International Atomic Energy Agency board has approved a plan that calls for inspectors to evaluate reactor safety at nuclear energy facilities every three years. Governments may opt out of having their country’s facilities inspected. Also approved were plans to maintain a rapid response team of experts ready to assist facility operators recoverin