latest-news-headlines Market Intelligence /marketintelligence/en/news-insights/latest-news-headlines/ferc-rejects-complaint-seeking-revamp-of-grid-physical-security-measures-59032398 content
Log in to other products

Login to Market Intelligence Platform


Looking for more?

Contact Us

Request a Demo

You're one step closer to unlocking our suite of comprehensive and robust tools.

Fill out the form so we can connect you to the right person.

If your company has a current subscription with S&P Global Market Intelligence, you can register as a new user for access to the platform(s) covered by your license at Market Intelligence platform or S&P Capital IQ.

  • First Name*
  • Last Name*
  • Business Email *
  • Phone *
  • Company Name *
  • City *
  • We generated a verification code for you

  • Enter verification Code here*

* Required

Thank you for your interest in S&P Global Market Intelligence! We noticed you've identified yourself as a student. Through existing partnerships with academic institutions around the globe, it's likely you already have access to our resources. Please contact your professors, library, or administrative staff to receive your student login.

At this time we are unable to offer free trials or product demonstrations directly to students. If you discover that our solutions are not available to you, we encourage you to advocate at your university for a best-in-class learning experience that will help you long after you've completed your degree. We apologize for any inconvenience this may cause.

In This List

FERC rejects complaint seeking revamp of grid physical security measures

Essential Energy Insights - June 11, 2020

Webinar Replay

Deep Dive on Oil & Gas for Financial Institutions

Essential Energy Insights - May 28, 2020

Essential Energy Insights - May 14, 2020

FERC rejects complaint seeking revamp of grid physical security measures

The Federal Energy Regulatory Commission has denied a complaint filed by a cybersecurity activist alleging that security measures designed to protect the grid from physical attacks are inadequate and unenforced.

Grid security blogger Michael Mabee had asked the commission to direct the North American Electric Reliability Corp. to correct perceived deficiencies with the physical security reliability standard. NERC developed the standard after gunfire damaged 17 transformers at Pacific Gas and Electric Co.’s Metcalf substation in San Jose, Calif., in April 2013.

The standard requires transmission owners to create physical security plans for their transmission stations, substations and primary control centers, conduct evaluations of the potential threats and vulnerabilities of a physical attack on those facilities, and have unaffiliated third party reviews of those plans and evaluations, among other things.

But Mabee asserted that "nobody with regulatory authority even has to even approve [the security plan] — all you need is somebody to ‘review’ it ... That unapproved three-ring binder of papers is what is standing between the United States and a catastrophic widespread power outage caused by a terrorist attack.”

In rejecting the complaint, FERC concluded that Mabee’s complaint "contains assertions that the commission addressed and rejected in [its order approving the standard] and in the order denying rehearing, or it makes new assertions that are either unsupported or misapprehend the requirements" of the reliability standard.

In addition, the commission assailed Mabee's contention that enforcement of the physical security standard “seems nonexistent.” While 578 physical attacks to the grid have been publicly disclosed in the seven years since the Metcalf attack, “utilities have been cited for violations of the standard only four times,” Mabee said in the complaint.

But FERC said “relying solely on the small number of filed violations is not a sufficient basis for us to conclude that [the standard] is not being enforced when it is equally plausible that the small number of violations could be attributed to industry compliance.”

Further, the standard at issue "does not purport to eliminate all physical attacks; instead, it is designed to protect critical facilities from physical attack,” the commission said.

While standing by FERC’s decision to deny the complaint and requested relief, Commissioner Bernard McNamee encouraged “NERC, regulated entities and the commission to continually reassess the security of all assets used for the generation, transmission and distribution of electricity.”

“Though the complaint at issue in this proceeding is denied, the work to secure the grid is ongoing,” McNamee said in a concurring statement. “In addition to these baseline standards, FERC and NERC must also work collaboratively with industry to establish best practices in addressing these threats.”

Mabee said in a June 11 interview that he was “very disappointed” with FERC’s decision not to do more to protect against physical threats. “Right now, the electric grid is highly vulnerable to physical attacks and the CIP standard presently only covers a very, very small portion of that,” the blogger said. (FERC docket EL20-21)

Jasmin Melvin is a reporter with S&P Global Platts. S&P Global Market Intelligence and S&P Global Platts are owned by S&P Global Inc.