NERC’s new cyber security rules may minimize cost of compliance, but they leave utilities guessing on how to identify risks.
Bruce W. Radford
Liam Baker, vice president for regulatory affairs at US Power Generating, questions whether his company’s power plants and control systems in New York and Massachusetts must comply with the electric industry’s new mandatory standards for cyber security. Baker voiced his doubts in written comments he filed in October with FERC.
Financial-risk coverage is falling short in utility returns
Donald Murry, Ph.D. Zhen Zhu., Ph.D. and Michael Knapp, Ph. D.
When setting the allowed returns on common equity of jurisdictional utilities, state regulatory authorities apply the virtually universal standard that the allowed returns should be similar to returns on common equity investments in companies of equivalent risk. Such returns generally are accepted as fair if they are no higher than necessary and still sufficient to attract investment. Despite the universality of this regulatory standard, our investigation of recent allowed returns by state commissions shows that a key risk—financial risk—as measured by accepted, measurable metrics, has not been a factor affecting the level of allowed returns in the United States in recent years.
Duke Energy named Lynn J. Good group executive and president – commercial businesses. AGL Resources announced John W. Somerhalder II, the company’s president and CEO, has been named chairman of the board. Energy West announced several changes in its management team. And others...
Credit-quality concerns join fuel and market factors to affect power-plant valuation
Devrim Albuz and Gary L. Hunt
Lenders know there are billions of dollars of weak financial assets in the market, such as securities backed by bad mortgages. The problem is no one knows who is exposed at what level to those weak financial assets. This causes a lack of confidence in the lending industry, and a credit crunch that — if unabated — could cause a recession.
Special Report on Cyber Security and CIP Compliance
Michael T. Burr, Lori A. Burkhart and Scott M. Gawlicki
Utilities are gearing up for compliance with the new CIP standards. NERC, however, has taken a flexible approach to implementation that leaves some companies confused. Can utilities comply by 2009, and will their measures be effective in securing the grid?
Utilities are gearing up for cyber security compliance. Will the standards prove worthy?
Michael T. Burr
The NERC CIP standards represent an historic achievement. They include the first mandatory cyber security requirements of their kind to be imposed on a U.S. private-sector industry. Considering the scope and sensitivity of the grid-security issue, developing a set of enforceable standards inevitably would entail a complex and contentious process. From that perspective, NERC, FERC and the industry have made remarkable progress, and their efforts deserve accolades.
ERCOT utilities approach CIP compliance from varying perspectives
Scott M. Gawlicki
As proposed by the North American Electric Reliability Corp., the new critical infrastructure protection (CIP) standards charge utilities with identifying their own critical assets and related cyber systems. This approach allows great flexibility for utilities to apply the CIP standards to their particular situations. This will help ensure that their efforts focus on securing critical assets, rather than on complying with an overly prescriptive set of mandates that might or might not yield a secure grid.
Test gets major media hype, but SCADA vulnerabilities remain
Lori A. Burkhart
A simulated attack, named the Aurora Generator Test, took place in March 2007 by researchers investigating supervisory control and data acquisition (SCADA) system vulnerabilities at utility companies. The experiment involved hackers invading the plant’s control system to change the operating cycle of the generator.
Intelligent power grids present vexing cyber security problems
Michael T. Burr
In a world where streetlights can be used as a weapon, controlling local utility networks becomes more than just a matter of public convenience and necessity. It becomes a matter of public safety and even national security. And in that world, the idea of an inter-networked, automated distribution grid poses troubling questions about cybersecurity vulnerabilities.
Public Utilities Reports 11410 Isaac Newton Sq., Suite 220, Reston, VA 20190 Voice: (703) 847-7720 | Toll Free: (800) 368-5001 FAX: (703) 847-0683
Dear Reader: Welcome to our new website! We’ve spent the past several months rebuilding Fortnightly.com from the ground up, and we’re now in the process of putting it through its paces. We’ll announce our Grand Opening shortly, but in the meantime we hope you’ll excuse our mess, while we bring Public Utilities Fortnightly magazine to an all-new online platform. Your feedback is welcome!