Organizations at odds over development of smart grid cyber security regulations
SUBNET Solutions Inc | Wednesday, August 17, 2011
As the government works to overhaul its approach to critical infrastructure protections (CIP) and smart grid cyber security, the overlap among various branches of the government, along with the relative confusion surrounding what agency is ultimately responsible for enacting such protocols, has prompted delays in the passage of such laws.
According to a report from Intelligent Utility, U.S. officials are mulling legislation that would effectively help to determine which organizations are responsible for developing smart grid cyber security laws. Like many political issues, this fight is shaping up to be a battle royal between states and the federal government.
The Federal Energy Regulatory Commission (FERC) is tasked with regulating the interstate transmission of electricity, natural gas and oil, but its jurisdiction has been challenged in the past, according to analysts. The agency works with the North American Electric Reliability Corporation (NERC) to develop and implement smart grid cyber security initiatives, but members of both agencies have been at odds in the past over their regulatory powers.
Industry experts assert that ultimately, FERC is responsible for reviewing NERC-recommended reliability standards, and FERC has moved in the past to disregard certain guidelines the latter agency has put forth.
Congress is in recess until September, when officials return from their summer break, and until U.S. elected leaders move to elucidate the organizations' regulatory powers, the task of protecting the country's critical infrastructure will remain in limbo.
However, a growing number of U.S. officials have publicly warned about the dangers that hackers pose to the country's critical infrastructure systems, especially in the wake of the Stuxnet worm. The Stuxnet, according to reports, was deployed against Iran's computer systems tasked with running the country's nuclear power program, destroying roughly 20 percent of the devices.
Though the U.S. and Israel are though to have engineered Stuxnet, no country has claimed responsibility for the virus.
Nonetheless, its design has been available on the internet for a number of months, and industry experts are worried that hackers and foreign governments will manipulate its design, programming it to attack U.S. critical infrastructure.
To defend against such attacks, officials including New York Senator Chuck Schumer have advocated for tougher cyber security laws, along with enhanced background checks for utility workers given access to sensitive data.
Substation Cyber Security
Substation Automation & Remote Access