A recent study conducted by the Idaho National Laboratory for the Department of Energy reported on security vulnerabilities in the computer networks that control the electric grid. The report expressed concerns that gaps, such as a failure to install software security patches or poor password management, allow for intruders to redirect power delivery and steal data. This study is based on the findings of 24 assessments of computer-control systems performed between 2003 and 2009. It was completed in May and released July 22 on the Energy Department's website. Read more »

 The United States and other governments launched an International Smart Grid Action Network (ISGAN) at a "Clean Energy Ministerial" in Washington, D.C. that was attended by government representatives from around the world. The network will seek to accelerate the development and deployment of digital electricity grids around the world. The United States has pledged $4 million in 2010 funding to help get the International Smart Grid Action Network under way. The participants will also work with the International Energy Agency (IEA) to develop a global Smart Grid Technology Roadmap to conduct an inventory of global smart grid initiatives and needs and identify opportunities for collaborative technology and policy development efforts.  The Roadmap will be published in November 2010.  It will also create a forum to discuss standards policy for infrastructure needed to charge plug-in electric vehicles, and it will develop a set of case studies of successful projects. The other participating governments include Australia, Belgium, Canada, China, the European Commission, France, India, Italy, Japan, Korea, Mexico, Norway, Russia, Sweden and the United Kingdom.

At long last, the FCC’s latest order on pole attachments was published in the Federal Register and will officially go into effect on September 2, 2010.  The order comes almost a month after the FCC’s further notice of proposed rulemaking was published in the Federal Register, even though the order and the further notice were released simultaneously by the FCC back on May 20, 2010.  By way of background, the order clarifies that communications providers have a statutory right to use space-and cost saving techniques that are consistent with pole owners’ use of those techniques.  The order also establishes that providers have a statutory right to timely access to poles.  As a practical matter this order means that a pole does not have “insufficient capacity” if it can accommodate a new attachment through boxing and extension arms and bracketing; and it means that utilities are obligated to provide timely “make ready”, regardless of whether the FCC ultimately adopts specific timelines, as proposed in its further notice of proposed rulemaking.

In a related development, the FCC also published in the Federal Register a correction to its proposed telecom rate formula in its further notice of proposed rulemaking.  Specifically, the correction substitutes the term “maintenance and administrative carrying charge” for the term “maximum carrying charge” in the proposed telecom rate formula.

 UCA International Users Group completed its work on the second  version of the Open Home Area Network (Open HAN) System Requirement Specification (SRS) at its face to face meeting in Detroit at the end of July. The document defines the system requirements for an open standard Home Area Network system and promotes open standards to foster interoperability for home area network smart grid products. The most notable change from the first version is a new focus on security in the HAN environment.  The document provides mapping from home area network requirements to various functions and devices, including home energy management systems, load control capability and plug in hybrid vehicles. The mappings define the interfaces, and security levels for HAN communications. The document is being edited and once approved by the UCAIug board, will be released for public review. 

 PAP 17: Facility Smart Grid Information Standard was recently approved by the SGIP Governing Board. This new PAP will lead to development of a data model standard to enable energy consuming devices and control systems in the customer premises to manage electrical loads and generation sources in response to communication with the Smart Grid. It will also be possible to communicate information about those electrical loads to utilities, other electrical service providers, and market operators. The addition brings the total number of PAPs to 17. Several of the PAPs are near the completion of their action items. UTC tracks the progress of communications related PAPs, PAP01 (internet protocol), PAP02 (wireless communications) and PAP10 (Energy Usage Information). PAP17 was initially developed as part of PAP10 before being approved for a separate action item.  Read more »

 In a letter from NIST's George Arnold to the Smart Grid Interoperability Panel (SGIP), it was announced that Annabelle Lee is leaving NIST for a position with FERC. The move adds depth to FERC's cybersecurity capabilities and re-enforces the opinion that FERC to take a leading role in smart grid cybersecurity. Read more »

Per its recommendations outlined in the National Broadband Plan, the Federal Communications Commission issued a Notice of Proposed Rulemaking (NPRM) and a Notice of Inquiry (NOI) on its Part 101 rules with the intention “to remove regulatory barriers to the use of microwave spectrum for wireless backhaul”. While the documents have not been officially released yet, the FCC notice issued following its meeting today explained them as follows: Read more »

The Energy secretary will have the power to issue emergency orders for imminent cybersecurity threats to the electric grid according to legislation passed unanimously by the Senate Energy and Natural Resources Committee. Amending the GRID Act (H.R. 5026) that was passed by the House two months ago, the Senate Committee approved the bill to give authority to the Federal Energy Regulatory Commission (FERC) for risks that are not as imminent. It also gives FERC the authority to order, without notice or hearing, and circumvent the North American Electric Reliability Corporation (NERC) process and directly order generation, transmission and select distribution utilities to address cyber vulnerabilities pertaining to programmable electronic devices or communications networks. FERC is directed to establish a cost recovery mechanism for utilities for prudently incurred compliance costs. A spokesperson for the Senate Committee Chairman Jeff Bingaman (D-N.M.) told CongressDaily that these provisions will give  the bill a better chance passing the Senate this year. 

The Federal Communications Commission’s Public Safety and Homeland Security Bureau (PSHSB) seeks public comment on the creation of a Cybersecurity Roadmap, as recommended by the National Broadband Plan. The deadline for comments is September 23, 2010.

The notice rightly states that cybersecurity is a vital topic for the Commission because of the risk that unchecked vulnerabilities in the communications infrastructure pose for safety and privacy. The Plan calls for the Roadmap to identify the five most critical cybersecurity threats to the communications infrastructure and its end users, and to establish a two-year plan on how to address those threats. The Roadmap aims to identify vulnerabilities to communications networks or end-users and to develop countermeasures and solutions in preparation for, and response to, cyber threats and attacks in coordination with federal partners.

The Roadmap is an opportunity for utilities to comment on the high level of reliability and security required to run their internal communications networks that support the nation’s critical infrastructure. This effort to outline cybersecurity standards is one of the many being undertaken by the government as cybersecurity gets a larger focus. The Department of Energy and the National Institute of Standards and Technology (NIST) are also drafting guidelines for cybersecurity principles for the industry. Additionally, utility customer experiences with security will determine their adoption and demand of smart grid enabled energy data management technologies.