Skip to main content

MIT Recommends Single Agency to Manage Cyber Security Threats for Electricity Grid

The Massachusetts Institute of Technology released a report on Monday that discusses the future challenges facing the U.S. electricity grid and several recommendations for how to best manage them. The researchers found that one of the most notable challenges facing the electricity grid is the threat of cyber attack.

MIT writes in the report:
Perfect protection from cyberattacks is not possible. There will be a successful attack at some point.
This is a huge threat to the grid because a cyber attack in one area has the ability to affect other areas very rapidly, which could greatly disrupt power supply all over the country. Cyber attacks are also considered by the Pentagon to be an “act of war,” said the MIT researchers at a National Press Club event this week.

To best manage this issue, MIT recommends that:
The federal government should designate a single agency to have responsibility for working with industry and to have the appropriate regulatory authority to enhance cybersecurity preparedness, response and recovery across the electric power sector, including both bulk power and distribution systems.
But which agency should be tasked with this authority? CNET’s Don Reisinger writes:
The Obama administration has argued in the past that the Department of Homeland Security should be charged with securing the electrical grid, while many members of Congress have called on the Department of Energy or Federal Energy Regulatory Commission [FERC] to take over. So far, a decision hasn't been made, and MIT researchers didn't provide insight into which organization might be best.
Although the MIT researchers believe that a single agency should be tasked with overseeing these efforts, the nuclear industry believes that the U.S. Nuclear Regulatory Commission has extensive regulations already in place for protecting nuclear energy facilities from cyber attack and that regulatory oversight by other agencies would be “unnecessary and duplicate strict NRC oversight.” In response to the White House’s proposal for DHS to manage a cyber security program, NEI writes:
However, this proposal—along with recent efforts to legislate cyber security for critical infrastructure—is not needed for nuclear plants because NRC regulations and oversight of industry actions to respond to cyber threats. Additional regulation would be duplicative and risk creating inconsistencies in requirements.
Some of you may remember NEI’s cyber security expert Bill Gross who posted in October on the House Republican Cybersecurity Task Force’s recommendations. He had this to say about the MIT’s recommendation:
The U.S. Nuclear Regulatory Commission has mandatory cyber security requirements in place for all power plants. While there may be value in a central coordinating authority, the regulators of jurisdiction have the subject matter expertise to manage the cyber security issue. Any centralized role should be focused on minimizing the potential for dual or duplicate regulatory requirements across sectors.
The industry does agree with MIT, however, that cyber attacks are one of the greatest threats facing the electric power industry today. Exelon Nuclear’s President and Chief Nuclear Officer Mike Pacilio commented on current cyber security programs in place in the nuclear industry in a recent video interview at the 10-year anniversary of September 11.
All of our plants today, not only Exelon, but in the industry, have a very comprehensive cyber improvement program where we are essentially making our plants an island. Any of the controls that interface with the Internet, for example, that could possibly control the reactor are not connected.
See NEI’s website for more information on cyber security programs in the nuclear energy industry.

Among MIT’s other recommendations outlined in the report are:
  • To facilitate the integration of remote renewables, the Federal Energy Regulatory Commission should be granted enhanced authority to site major transmission facilities that cross state lines.
  • To improve the grid’s efficiency and lower rates, utilities with advanced metering technology should begin a transition to pricing regimes in which customers pay rates that reflect the time-varying costs of supplying power.
  • To improve utilities’ and their customers’ incentives related to distribution generation and energy conservation, utilities should recover fixed network costs through customer charges that do not vary with the volume of electricity consumption.
  • To make effective use of new technologies, the electric power industry should fund increased research and development in several key areas, including computational tools for bulk power system operation, methods for wire-area transmission planning, procedures for response to and recovery from cyber attacks, and models of consumer response to real-time pricing.
  • To improve decision making in an increasingly complex and dynamic environment, more detailed data should be compiled and shared, including information on the bulk power system, comprehensive results from “smart grid” demonstration projects, and standardized metrics of utility cost and performance.
For more information on MIT’s research, see the full report, “The Future of the Electric Grid.”

Image credits: From the Department of Homeland Security’s Web page on Cybersecurity.


Popular posts from this blog

A Billion Miles Under Nuclear Energy (Updated)

And the winner is…Cassini-Huygens, in triple overtime.

The spaceship conceived in 1982 and launched fifteen years later, will crash into Saturn on September 15, after a mission of 19 years and 355 days, powered by the audacity and technical prowess of scientists and engineers from 17 different countries, and 72 pounds of plutonium.

The mission was so successful that it was extended three times; it was intended to last only until 2008.

Since April, the ship has been continuing to orbit Saturn, swinging through the 1,500-mile gap between the planet and its rings, an area not previously explored. This is a good maneuver for a spaceship nearing the end of its mission, since colliding with a rock could end things early.

Cassini will dive a little deeper and plunge toward Saturn’s surface, where it will transmit data until it burns up in the planet’s atmosphere. The radio signal will arrive here early Friday morning, Eastern time. A NASA video explains.

In the years since Cassini has launc…

Sneak Peek

There's an invisible force powering and propelling our way of life.
It's all around us. You can't feel it. Smell it. Or taste it.
But it's there all the same. And if you look close enough, you can see all the amazing and wondrous things it does.
It not only powers our cities and towns.
And all the high-tech things we love.
It gives us the power to invent.
To explore.
To discover.
To create advanced technologies.
This invisible force creates jobs out of thin air.
It adds billions to our economy.
It's on even when we're not.
And stays on no matter what Mother Nature throws at it.
This invisible force takes us to the outer reaches of outer space.
And to the very depths of our oceans.
It brings us together. And it makes us better.
And most importantly, it has the power to do all this in our lifetime while barely leaving a trace.
Some people might say it's kind of unbelievable.
They wonder, what is this new power that does all these extraordinary things?

Missing the Point about Pennsylvania’s Nuclear Plants

A group that includes oil and gas companies in Pennsylvania released a study on Monday that argues that twenty years ago, planners underestimated the value of nuclear plants in the electricity market. According to the group, that means the state should now let the plants close.


The question confronting the state now isn’t what the companies that owned the reactors at the time of de-regulation got or didn’t get. It’s not a question of whether they were profitable in the '80s, '90s and '00s. It’s about now. Business works by looking at the present and making projections about the future.

Is losing the nuclear plants what’s best for the state going forward?

Pennsylvania needs clean air. It needs jobs. And it needs protection against over-reliance on a single fuel source.

What the reactors need is recognition of all the value they provide. The electricity market is depressed, and if electricity is treated as a simple commodity, with no regard for its benefit to clean air o…