Conference Coverage cybersecurity Department of Homeland Security (DHS) drones Electric Power Research Institute (EPRI) Electricity Information Sharing and Analysis Center (E-ISAC) FERC & Federal grid resilience high-frequency radio (HFR) incident command system (ICS) Latest Major Issues NERC North American Electric Reliability Corp. (NERC) North American Transmission Forum (NATF) Public Policy Reliability Special Reports & Commentary Transmission Resiliency Summit

The mission's Sustainability Summit focuses on network security

The mission's Sustainability Summit focuses on network security

Michael Brooks

CHARLOTTE, NC – Last yr's Transmission Resiliency Summit didn’t have a theme held on the Electric Energy Research Institute final week, but some common motives ran by means of the event.

North America Mission Discussion board (NATF), headquartered in less than 6 kilometers from EPRI laboratories, met representatives of utilities, RTOs, NERC regional workplaces, and government businesses to discuss easy methods to enhance the pliability of the majority system.

Over 200 representatives of utilities, RTOs, NERC regional workplaces and government businesses gathered at EPRI's laboratory in Charlotte, NC | © RTO Insider

Tom Galloway, Managing Director of NATF, stated that this group met for the primary time in April 2013 after Superstorm Sandy, targeted on severe climate circumstances. Lower than two weeks later, the gunmen made a really refined attack on Pacific Fuel and Electric's Metcalf station, costing over $ 15 million in direct costs and $ 100 million in security updates.

Galloway's reminder of those events started two days after discussing the numerous threats the network faces, and the most effective ways to safe the electrical energy grid each physically and digitally – but in addition how to answer a catastrophic occasion and recuperate from it

Andrew Phillips | © RTO Insider

Final week's summit with NERC this yr was the most important NATF and EPRI, and the first is open to non-NATF members, together with the press. Andrew Phillips, Vice President of EPRI's Transfer and Distribution Infrastructure, stated that 230 individuals have been registered, representing over 100 totally different models from the USA and Canada.

Maximum conference room capacity: 230.

“Who is at the zoo [are] here,” stated Brian Harrell, Deputy Director of Infrastructure Security at CISA, Department of Inner Security. "No. 1, I think this is a testimony of this particular conference, and two, it will show that you are all very attentive to the resistance." emphasised collaboration and sharing of data between the public and private sectors and between utilities

From left to proper: Charles Poliseno, Duke Power, Bennett Gaines, FirstEnergy, and Kathy Bosse, Exelon. | RTO Insider

defend collective defense: Whether you’re a essential infrastructure company, whether you’re a US citizen or a US government, we are all on this collectively, ”stated Harrell (E-ISAC), former head of the Digital Info Sharing and Analysis Middle. The Duke drawback becomes no Quickly SCANA's Drawback, Turning into a Dominion Drawback, and so forth. ”

Invoice Lawrence | © RTO Insider

Invoice Lawrence, present E-ISAC Director, invited individuals to hitch NERC and famous efforts to enhance their web-based instruments in recent times. "Basically, in 2015, many organizations looked at us hard and said," Hello, ISAC, if [you want us] is using you, you need to suck less. “”

E-ISAC benefits from Reporting in accordance with NERC Crucial Infrastructure Protection Requirements, however we additionally have to get hold of this voluntary trade of data, Lawrence stated in his presentation on measuring program effectiveness. "We will definitely not sit … pile of gold as voluntary shares, but it will grow because our vision is to be a world-class, reliable source of quality analysis and rapid sharing of e-Infrastructure security information." to make higher help for shifting E-ISAC forward. "

" Aside from All – "Sharing More" – Challenge Us, "Lawrence replied. He encouraged the members to inform the center in the event that they found its assets not helpful to them.

Wike Graham © RTO Insider

A lot of the first day of the event was used to debate the Event Command System (ICS). The concept was initially developed by firefighters in several states in the 1970s to offer their models widespread hierarchies and standardized phrases to coordinate their responses to forest fires. It is now being used in many sectors, businesses and establishments to coordinate their emergency conditions

“Fire Fighting is Team Sports,” stated Wike Graham, Chief of the Charlotte Hearth Department Battalion. He recalled that Carolina Panthers head coach Ron Rivera watched the firefighters in his house after the hearth, and in contrast the commander of the incident to the coach. "They're sending plays and watching these guys, they all know what they're doing they usually're working as a workforce." That's what ICS is all about. "

ICS determines who is responsible (accident supervisor) among the models chargeable for numerous emergencies – for instance, native police, FBI and soldiers. , Xcel Power Business Continuity Marketing consultant. "Yes, sir, I understand that you were responsible for Iraq. You are not responsible here," reminded Cox, a former member of the National Protection Forces. Powered by Wall Road on September 11, 2001. Kathy Bosse, Exathon's Disaster Management Director, stated his company had been utilizing the system throughout civilian follow. to answer simulated cyber security attacks.

Emergency Communication

Metcalf attackers, whose motives and identities remain mysterious, reduce fiber cables less than one kilometer from the substation, briefly sweeping the web, telephone and 911 providers within the space. "One of the most worrying things is that it was a very deliberate attempt to influence communication," Galloway stated.

Tom Galloway | © RTO Insider

One conference panel targeted solely on communication during an occasion where not all different strategies are available.

DHS's Ross Merlin launched the SHAred Assets (SHARES) Excessive Frequency Radio (HFR) program. He began by explaining how the HFR works.

“It works something called“ PFM ”. It means “pure charming magic. “”

Truly, it's quite simple, but as a public response to know-how, not much less impressive. The HFR works by rotating alerts from the Earth's ionosphere, that part of the environment that’s ionized by photo voltaic radiation, about 80 km above the floor.

Usually, HFR is used for communication over very lengthy distances. However it can be used when all short-distance instructions are down

“With the right antenna you can make your signal almost straight up, which sounds useful unless you try to talk to an international space station,” Merlin stated. But when it bounces from the ionosphere, the sign comes "not just down, but like an upside down ice cream cone" that permits communication inside a given beam. Users can even send audio, but in addition emails and footage.

Ross Merlin © RTO Insider

SHARL has over 2,600 individuals using some 2,300 radio stations in response to Merlin. The program was restricted to the federal authorities solely, however “a couple of years ago we found an enormous loophole, so we discovered a approach to re-interpret the principles so that the state and native authorities and significant infrastructures and key assets can reap the benefits of this. … Individuals you’re addicted to, any habit, so you’ll be able to proceed, we will in all probability get them right here. “

A number of Canadian add-ons individuals, after Merlin's presentation, stated they have been going to ask what they have been making use of for. 19659011] Drones

The second day of the convention introduced shows of threats from unmanned aircraft, extra generally recognized drones, and those utilized by maintenance providers, and used by public or hostile overseas actors [19659002]Harris, of his warnings to use foreign-made drones last month's NERC Trust Management Summit. (See Late's delay to Drone Menace, DHS Official Says.) Lawrence of E-ISAC urged the public to look over producers banned from federal authorities purchase beneath the 2019 Nationwide Protection Act. 19659042] Brian Harrell | © RTO Insider

There have also been instances of attempts to remove drones, together with one last yr when Greenpeace flew a superman-like gadget to a French nuclear energy plant.

But, in response to Xcel, Cox, "distracting drones," driven by careless or curious fanatics, is the most typical menace to utilities.

"Many of them are like a child who throws the Frisbe on the roof and just wants Frisbee back." [19659002] do a variety of them, besides notifying them. However that doesn't mean that the utilities shouldn't comply with them.

“There are numerous physical security leaders who don't concentrate because they say,“ Properly, we will't shoot them down, so why should we care? “” Cox stated in response to a public question about what was allowed. "There is not much detention for your security, and yet we still take pictures of people who steal copper."

Travis Moran | © RTO Insider

He urged utilities to exit only drones: Blades can simply break fingers and all sim cards is perhaps compromised by malware.

Travis Moran, Welund North America, invited members of the public to remark on the FAA Advance Assertion on Proposed Rules for Drones, April 15th. Proposed earlier this month underneath part 2209 of the FAA Extension, Security and Safety Act 2016, the principles would offer utilities to retrieve airspace constraints throughout their premises.

”2209 is your greatest advantage proper now, and you must get your lobbies out of their scams,” stated Moran, a strategic associate for SRC / Gryphon Sensors and a member of the Power Drone Coalition Advisory Board. "I've all the time stated that you are getting it since you're already accustomed to CIP and CIP standards-making course of, in order that electrical energy ought to be a pacesetter on this. … Get individuals there … or else you understand how the government is going to do it. They do it with out your comment, and also you don't like what you get.