Part of Grid Network »

The Grid Professionals Group covers electric current from its transmission step down to each customer's home. 

WARNING: SIGN-IN

You need to be a member of Energy Central to access some features and content. Please or register to continue.

Post

Cybersecurity 2020: A System Operator Training Perspective

image credit: Shutterstock

This item is part of the Cybersecurity - Special Issue - 04/2020, click here for more

Our electric system is undergoing a dramatic transformation resulting in countless challenges in planning, operations, and maintenance. The complexity and challenges of operating the grid continues to test our systems as well as the performance of our system operators.

 

Among the many changes, roles, and responsibilities our system operators must deal with to reliably operate an efficient and increasingly complicated distribution system, cybersecurity concerns have worked their way to the top of the list.

 

The recent cyber attacks on the Ukraine electric system add to the ever-growing list of cybersecurity concerns of system operations and the technology currently being applied to these systems. These attacks demonstrate the vulnerability of our essential public systems, including power and water utilities, transportation systems, and communications networks. Power grids are an obvious target for bad actors who want to negatively impact many people, especially in a world grown dependent on a vast array of electronic gadgets. 

 

An estimated 55,000 power plant, transmission, and distribution system operators are employed in North America. This number includes approximately 6,700 NERC-certified system operators holding jobs as Reliability Coordinators, Balancing Authorities, and Transmission Operators. Research estimates one-third (1/3) to one-half (1/2) of these system operators could retire over the next five (5) years, leaving an unprecedented number of vacancies to be filled.

 

We must consider how to best train incoming system operators to be successful at recognizing and responding to potential cyber attacks as they monitor the operations in control rooms 365 days a year, 24 hours a day. This training requires collaboration from various companies and organizations to incorporate new technologies that specialize in the interface between real-time operations and our system operators. New training technologies are available for intensive, immersion training using a platform which more accurately represents the rapidly changing power grid. This state-of-the-art training results in better preparation for system operators for recognizing and responding to emergency events such as cyber attacks.

 

We have observed, from working across many entities, operators know what to do when their system is failing. Cyber operators and support personnel including IT professionals know what to do when the technology is failing. However, very few know what to do when their system is operational and being misused against them. Generation, transmission, and distribution system operators need focused cybersecurity training. Our operators are aware of the cyber events in the Ukraine and operators at all levels desire and hunger for specific cyber training.

It’s time for the industry to consider a path for system operators similar to NERC system operator certification and credentialing. This path includes supporting the necessary tools, technology, and specialized training directly relied upon by the system operators for real-time job tasks.  System operator credentialing and continuing education is essential and should be included in system operator training plans as we go forward.

Even though the laws of physics remain the same, training the system operators of tomorrow looks very different from training the system operators of today. Leveraging cybersecurity technology with simulation training is the solution to many of the challenges our system operators will certainly face in the future.

Melissa Sease's picture

Thank Melissa for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

Matt Chester's picture
Matt Chester on Apr 28, 2020 4:10 pm GMT

Thanks for sharing, Melissa-- the idea of simulation being a standard part of the training sounds really exciting and, unfortunately, necessary. How often are such employees being retrained on these issues? I would imagine that in the fast-moving world of cyberrisk and cybersecurity, year-to-year updates and changes would be huge, so I'm curious how often these are made tentpoles of their professional development

Melissa Sease's picture
Melissa Sease on Apr 30, 2020 2:03 pm GMT

Great question, Matt. While there are no NERC cybersecurity training requirements specifically for System Operators, forward-thinking companies have integrated this training, as well as collaboration with IT staff, for their Operators' training plans. Many of them have developed scenarios, using simulation, as annual training events.

Matt Chester's picture
Matt Chester on Apr 30, 2020 4:05 pm GMT

Makes sense-- annual training events (at the very least) will not only give the opportunity to provide new updates, but also give a gentle reminder of the existing measures that employees may know and understand but find the lapse and don't think about as much as time goes on.

Thanks for the reply!

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »