Supply chain security and football at FERC

Supply chain security and football dominated Thursday’s (Jan.18) Federal Energy Regulatory Commission meeting. The commission unanimously approved a notice of proposed rulemaking to establish new mandatory reliability standards offered by the North American Electric Reliability Corp. (NERC) to boost security in the supply chain for the nation’s bulk electric system.

NERC proposed the standards in response to a July 2016 order (Order No. 829), which called on NERC to develop supply chain standards to ward off cyber attacks. FERC said the supply chain for industrial control systems hardware, software, and computing and network services presents opportunities for adversaries to attack the grid. At Thursday’s meeting, Commissioner Richard Glick noted a recent study by ICF that electric utilities are increasingly reliant on equipment manufactured overseas.

FERC said in the proposed rule that NERC has made progress in addressing concerns about supply chain risks. But the commission said the NERC proposal doesn’t address electronic access control and monitoring systems, physical access controls, and protected cyber assets. The proposed rule directs NERC to address those weaknesses.

Commissioner Cheryl LaFleur dissented in the 2016 order, but concurred on the Thursday order. In a written concurrence,  she said that she originally dissented because the 2016 order was too hasty for such an important issue. “I remain concerned that the supply chain is a significant cyber vulnerability for the bulk power system,” she said. But she voted for the latest order, saying, “I acknowledge that a significant amount of time and effort have been committed to the development of these standards in response to a duly voted Commission order. Most importantly, I agree that they are an improvement over the status quo. I do not believe that remanding these standards or the larger supply chain issue to the NERC standards process would be a prudent step at this point.”

The only other item of interest at the FERC meeting, aside from what have become routine protests resulting in visitors being expelled from the event, was football. With the National Football League playoffs in full swing, LaFleur showed up in a New England Patriots jersey. Commissioner Neil Chatterjee wore a Patriots jersey under his dress shirt, opened his shirt and proclaimed his fealty to Patriots quarterback Tom Brady. Commissioner Glick held up a Minnesota Vikings jersey. Commissioner Robert Powelson, a former Pennsylvania utility regulator, proclaimed his support for the Philadelphia Eagles. Chairman Kevin McIntyre diplomatically eschewed endorsing a dog in the football fights.