With growing risks to the nation’s electrical grid from natural disasters and as a potential target for malicious attacks, the U.S. Department of Energy (DOE) and the U.S. Department of Homeland Security (DHS) should work closely with utility operators and other stakeholders to improve cyber and physical security and resilience, says a new congressionally mandated $78 report from the National Academies of Sciences, Engineering, and Medicine.
The grid remains vulnerable to diverse threats that can potentially cause extensive damage and result in large-area, prolonged outages that could cost billions of dollars and cause loss of life, the report found. The committee that conducted the study and wrote the report recommended ways to make the grid more resilient through the development and demonstration of technologies and organizational strategies that minimize the likelihood that outages will happen, reduce the impacts and speed recovery if they do, all the while developing mechanisms for continual improvements based on changing threats.
The grid is a complex, cyber-physical system that transmits electricity generated from power plants and distributes it to homes and businesses. In this report, the committee focused on reducing the nation’s vulnerability to large blackouts that extend over several service areas or states and last three days or longer. Events that can lead to such outages include hurricanes, earthquakes, solar storms, cyber and physical attacks, and major operational errors. Although the possibility of such long-duration outages cannot be totally eliminated, the report identifies many steps that can be taken to make the power system more resilient.
“Outages of this scale leave millions of customers without power, resulting in economic damages estimated in the billions of dollars, posing serious threats to health and public safety, and also potentially compromising national security,” said M. Granger Morgan, professor of engineering at Carnegie Mellon University and chair of the committee. “Outages caused by natural disasters are more common than one might think. While the U.S. has not been subject to a large physical assault or cyber attack, both pose serious and growing risks.”
No single entity is responsible for planning, operating, or regulating the grid, and increasing its resilience will require coordinated actions by state, federal, private, and public groups, the report states. The committee provides several overarching recommendations to adopt a more integrated perspective across the numerous, diverse institutions responsible for the resilience of electricity system.
The committee called for improvements in the process of systematically envisioning and assessing plausible large-area, long-duration grid disruptions that could have major economic, social, and other adverse consequences. This process should also focus on how such events could impact the U.S. dependence on vital public infrastructures and services provided by the grid.
To best prepare for the impact of disruptive events, the electricity industry — in coordination with regional and state agencies, the Federal Energy Regulatory Commission, and the North American Electric Reliability Corp. — should expand its efforts to convene regional emergency preparedness exercises. These exercises should include simulations of accidental failures, outages caused by natural disasters, cyber and physical attacks, and other damage that results in large-scale loss of power, the report says.
The committee also called for increased investment through public and private funds in physical resources to ensure that critical electric infrastructure is robust and that society is able to cope when the grid fails. For example, DOE, DHS, and other agencies should oversee the development of more reliable inventories of backup power needs and capabilities, like the U.S. Army Corps of Engineers’ mobile generator fleet. Investments should also go toward expanding efforts to improve the ability to maintain and restore critical services like power for hospitals, first responders, water supplies, and communications systems.
The report includes specific recommendations for federal, state, and regulatory agencies detailing actions that different groups can undertake to improve grid resilience. For example, DOE should support a number of research, development, demonstration, and convening activities to improve the resilience of grid operations and recovery steps. The owners and operators of electrical infrastructure should work closely with DOE in systematically reviewing previous outages and demonstrating technologies, operational arrangements, and exercises that increase the resilience of the grid.
Although more customers are investing in their own equipment for electric supply, like solar panels or even microgrids – a network of electricity users with a local source of supply and the capability to operate as an island during outages – the report says most U.S. customers will continue to depend on obtaining their power from the large-scale, interconnected electrical grid at least for the next two decades.
Filed Under: Cybersecurity, Policy