The mission of this group is to bring together utility professionals in the power industry who are in the thick of the digital utility transformation. 

Richard Brooks's picture
Co-Founder and Lead Software Engineer Reliable Energy Analytics LLC

Inventor of patent 11,374,961: METHODS FOR VERIFICATION OF SOFTWARE OBJECT AUTHENTICITY AND INTEGRITY and the Software Assurance Guardian™ (SAG ™) Point Man™ (SAG-PM™) software and SAGScore™...

  • Member since 2018
  • 1,444 items added with 597,184 views
  • Jun 23, 2020
  • 1987 views

FERC has issued a white paper and is requesting public comments on its proposed framework to incentivize cybersecurity investments in the Bulk Electric System (BES). The paper is available from FERC.

I've found that the paper represents an acknowledgement that more can be done to protect our electricity supply from cyber threats (i.e. malware and other harmful items). The NERC CIP standards are a "baseline" (e.g. minimum) set of requirements that simply don't reach the level of security controls that are warranted to deter a serious attack on the software supply chain, and greater protections are needed for the BES to remain safe, as indicated by this FERC work paper. Command and control are the "beating heart" that keeps the electricity supply running smoothly, but it is the software "brain" that is vital to this command and control operation and both must be protected from dangerous parties with an incentive to disrupt our vital supply of electricity. It is incumbent on all of us to let FERC know that we support their recommendations to protect our electric supply by ensuring that the heart and brain of the system remains safe from harm so that life saving electricity continues to flow. I will leave you with this excerpt from the FERC white paper: "augmenting the current CIP Reliability Standards with an incentive-based approach under FPA section 219 that encourages utilities to undertake cybersecurity investments on a voluntary basis
may have significant benefits.
"

Never trust software, always verify and report!™

Please consider filing your comments with FERC on docket AD20-19-000.

Richard Brooks's picture
Thank Richard for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member
Discussions
Spell checking: Press the CTRL or COMMAND key then click on the underlined misspelled word.

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »