The Vermont state legislature has voted to eliminate smart meter opt out fees, forcing state utilities to provide customers an opt out option for free. As part of its plan to roll out about 160,000 smart meters to customers in its territory, Central Vermont Public Service had proposed to charge customers who chose to opt out of having smart meter a $10 fee. The recently-approved legislation allows for customers to "choose not to have a wireless smart meter installed, at no additional monthly or other charge." Customers can ask for the removal of a previously installed wireless smart meter for any reason and must not be charged for the removal. Additionally, the legislation requires utilities to provide prior written notice to customers indicating that the smart meter will use radio or other wireless means for two-way communication between the meter and the company, and informing customers of their rights under the new law. Furthermore, the bill also puts a requirement for studies related to smart meters to be submitted to lawmakers. To that end, the Vermont Department of Public Service is to prepare a report on the cost-savings associated with smart meters, while also addressing any issues of security breaches because of the wireless smart meters, that is due to the legislature by January 1, 2014.

The Federal Energy Regulatory Commission (FERC) and the North American Reliability Corporation (NERC) have released a comprehensive report that pins the 2011 Southern California blackout on inadequate planning and grid coordination. Last September, millions of people in Southern California, Arizona and Mexico's Baja California were left in darkness after an employee's work on a transmission line at an Arizona substation triggered a massive blackout. The report dives into the causes of this incident, areas effected and the timeline of the system collapse and restoration.
The report’s overall recommendation calls for an improvement of bulk power system operators’ situational awareness through improved communication, data sharing and the use of real-time tools. It lists 27 specific recommendations to that end, each addressing specific findings from the investigating team. The full report can be accessed at http://1.usa.gov/KoSCTy

On May 1, 2012, the Federal Communications Commission held a workshop on wireless collocation featuring panelists, including UTC, who describing the opportunities and challenges of collocating wireless facilities. UTC’s Connie Durcsak brought the utility perspective on wireless collocation, and described various ways that electric and water utilities can provide wireless collocation on existing infrastructure. In particular, she highlighted the activities of the UtiliSite Council, a special membership group within UTC that provides support services to commercial wireless carriers and DAS providers with antenna construction and backhaul.
The Commission also noted that it wants the industry and localities to work together to implement provisions in the Middle Class Tax Relief and Job Creation Act of 2012 (Spectrum Act), which streamline the permitting process for wireless collocation. Specifically, section 6409 of the Spectrum Act provides that no state or locality may deny, and must approve, any request involving an eligible facility (for a modification of an existing wireless tower or base station that does not substantially change the physical dimensions of such tower or base station. Jeff Steinberg, deputy chief of the FCC’s Wireless Bureau’s Spectrum and Competition Policy Division presented a thorough review of the Spectrum Act provisions and said that the Commission strives for industry and local governments to work together to “satisfy both community and industry needs( to ensure that the legislation is implemented” without necessarily “stepping in and trying to set prescriptive rules.” The recorded webcast of the workshop can be viewed on the FCC’s website.

Following reports about a backdoor login account in its entire line of devices, RuggedCom, a Canadian manufacturer of equipment and software for critical industrial control systems has announced it will eliminate this vulnerability.
Security experts have raised concerns about this issue, noting that this security problem had been discovered a year ago. The backdoor, which reportedly cannot be disabled, leaves power utilities, military facilities, and municipal traffic departments using the industrial-strength gear vulnerable and could affect millions of indirect users. K. Reid Wightman, an industrial control systems security expert for Digital Bond, told tech blog Ars Technica, "If users are running non-redundant networks, this is probably going to require taking their process offline…so it's not the sort of thing that most users can patch right away—they're going to have to patch it during their normal manufacturing patching cycle, which might be a year."

Donald Vasek, UTC's Director of Spectrum Services, was elected Vice President of the Land Mobile Communications Council's Board of Directors (LMCC) at the LMCC's Annual Meeting held on April 18, 2012. Vasek previously also served on the LMCC Board as a Director-at-Large from 2010 to 2011 as well as Secretary/Treasurer from 2001-2010. Additionally, the LMCC formed a TV-band task force to decide how to handle the upcoming transition/clearing of the 470-512 MHz shared TV band, necessitated by the blanket narrowbanding waiver and freeze in that band (see related story). Klaus Bender, UTC's Senior Director of Standards and Engineering, will serve on the task force.

The Federal Energy Regulatory Commission (FERC) has approved Version 4 of the Critical Infrastructure Protection (CIP) Reliability Standards submitted by the North American Electric Reliability Corporation (NERC). The currently-effective Version 3 CIP Reliability Standards. NERC had sent the CIP 4 standards over to FERC for approval back in February 2011, and FERC’s rulemaking on the same was initiated in September.
NERC CIP 4 presents significant changes in the way utilities identify critical assets and the means used to protect them. The main difference between Version 3 and Version 4 is a change in definition for “Critical Assets” (found in CIP-002-4). Specifically, Version 4 includes uniform “bright line” criteria for the identification of “Critical Assets,” which replace the “risk-based assessment methodology” developed and applied by individual responsible entities under Version 3.
NERC now has till March 31, 2013 to submit the next version of the CIP Reliability Standards, and Version 5 is still waiting approval by NERC. Discussions on NERC CIP 5 suggest that it is intended to finally address all of Order 706.

Leaders of the Department of Homeland Security’s Industrial Control Systems-Certified Emergency Response Team (ICS-CERT) provided a troublesome assessment of the actions and problems faced by United States’ utilities when it comes to cybersecurity. One of the basic problems identified by Sanaz Browarny (Chief of the intelligence and analysis, control systems security program at Department of Homeland Security) was that a lot of utility employees "are using older systems previously not connected to the Internet…The mindset is the equipment would last 20 or 30 years with updates. These systems are quite vulnerable."
She also outlined the types of attacks faced by utilities into three categories. The first is the thrill-seeking "garden-variety" hackers that target known vulnerabilities. The second is the dangerous volley of viruses, worms and botnet attacks. The last is "nation-state actors" that have "unlimited funding available" and conduct espionage as they "establish a covert presence on a sensitive network."
More worrisome was the observation that while "only nine incidents" were reported in 2009, over the last year the number of reported incidents rose to 198. Kevin Helmsley, who works for the Control Systems Security Program at ICS-CERT, noted that slightly more than 40% came from water-sector utilities with others stemming from various energy, nuclear energy and chemical providers.
Overall, Browarny expressed concern that it is in the nature of regulated industries, such as the water and energy utilities, to "do the bare minimum" to pass regulatory audits as they seek to comply with North American Electric Reliability Corporation (NERC) or National Institute of Standards and Technology (NIST) standards. Browarny noted that such steps are simply not enough. For more information, see this news report on the GovSec conference.

The Federal Communications Commission (FCC) rulemaking on interoperability in the Lower 700 MHz band (698-746 MHz) was published in the Federal Register earlier this week. Thus, the official deadline for comments has been set for June 1, 2012 and for reply comments on July 16, 2012.

The Notice of Proposed Rulemaking (NPRM) invites comments on whether the Commission should consider requiring interoperability in the Upper 700 MHz band (746-806 MHz) as well as the lower 700 MHz band, is a key issue for utilities who may be interested in sharing the upper 700 MHz band with public safety. The Upper 700 MHz band consists of the C Block, which is comprised of 22 megahertz of paired spectrum for commercial use, two guard bands, the public safety allocation and the D Block, which consists of 10 megahertz of paired spectrum that will be reallocated for use by public safety entities in accordance with the Spectrum Act. Read more »

The Administration announced today that nine major utilities and electricity suppliers will commit to providing more than 15 million households access to data about their own energy use with a simple click of an online “Green Button.” These utilities have agreed to base their Green Buttons on a common technical standard developed in collaboration with a public-private partnership supported by the Commerce Department’s National Institute of Standards and Technology (NIST).
"The Green Button Initiative will help consumers monitor and manage their energy consumption. We believe that engaging consumers as a crucial stakeholder in the process will help us achieve national energy policy goals, deliver important societal benefits and realize important advancements in the utility value chain," said Connie Durcsak, UTC President and CEO, in a press release supporting this project. Read more »

A proposal put forward by the North American Electric Reliability Corporation (NERC) to use a three-tier format informational filing to report possible violations of Reliability Standards has been approved by the Federal Energy Regulatory Commission (FERC). In an Order released yesterday, FERC set conditions related to NERC's "Fix, Find, Track and Report" (FFT) proposal intended to ensure that the minor violations dealt with under the program were handled properly. Minor violations are defined as minimal to moderate risk, and include administrative, documentation, and certain maintenance or testing program implementation failures. FERC will also survey a random sample of FFTs each year to determine how the program was working and to see if improvements to the program were needed. The full text of the Order can be viewed here.