On January 29, 2016, the Federal Energy Regulatory Commission (“FERC” or the “Commission”) and the North American Electric Reliability Corporation (“NERC”) issued a Report on the FERC-NERC-Regional Entity Joint Review of Restoration and Recovery Plans (the “Report”). The Report was the result of a joint review initiated by FERC in September, 2014 and conducted in coordination with NERC and the NERC Regional Entities. The joint review examined a representative sample of nine registered entities with significant bulk power system responsibilities, with the stated objective of: (i) assessing and verifying the electric utility industry’s bulk power system recovery and restoration planning; and (ii) testing the efficacy of related NERC Reliability Standards in maintaining and advancing reliability.
The Report concluded that, overall, the nine registered entities examined had system restoration plans that were “thorough and highly-detailed.” According to the Report, these plans required identification and testing of blackstart resources, identification of primary and alternate cranking paths, and periodic training and drilling on the restoration process under a variety of outage scenarios. In addition, the Report stated that the registered entities examined had extensive cyber security incident response and recovery plans for critical cyber assets, including full-time personnel dedicated to the responsibilities defined in those plans.
Beyond this overall assessment, the Report stated that clarifying certain Reliability Standard requirements would improve system restoration and cyber incident response and recovery planning and readiness. Additionally, the Report encouraged further studies in areas like SCADA system loss, blackstart resource availability, and the use of direct current facilities for restoration, among others.
Finally, the Report listed several beneficial practices that had been observed during the course of the joint review, and recommended that other registered entities consider adopting these practices as appropriate. Among these practices are:
1. Have recovery plans for critical cyber assets and cyber security incident response plans reviewed by an independent authority or third party;
2. Participate in exercise scenarios and simulations structured to gain insight into the viability of cyber response and recovery plans (beyond “paper drills and tabletop exercises”), including testing for interdependencies and other vulnerabilities;
3. Include illustrations and accompanying steps in restoration plans to assist operators in system restoration;
4. Have extra personnel in place to augment operators and other support staff during system restoration; and
5. Perform exercises or drills that involve the actual transfer of control center operations to an alternate site for a period of time, in order to test the functionality of the recovery resources.
A copy of the Report may be found here.