This summer, under the leadership of Senators Lisa Murkowski (R-AK) and Maria Cantwell (D-WA), the bipartisan Energy Policy Modernization Act of 2015 passed out of the Senate Energy and Natural Resources Committee. The bill reflects months of discussions and negotiations within the committee. It covers an array of areas, including energy efficiency, cybersecurity, infrastructure protection and modernization, a range of issues pertaining to various energy supply resources, and accountability. This post explores some of the key provisions of the bill related to the electric grid and how they relate to policy priorities and challenges identified in two Bipartisan Policy Center (BPC) reports addressing the electric grid: the 2014 report from our Electric Grid Cybersecurity Initiative, Cybersecurity and the North American Electric Grid: New Policy Approaches to Address and Evolving Threat, and the 2013 report from our Electric Grid Initiative, Capitalizing on the Evolving Power Sector: Policies for Modern and Reliable U.S. Electric Grid.
As our cybersecurity report noted, the Department of Energy (DOE) already undertakes a number of important activities to advance power sector cybersecurity, including research and development, technical support, and incident management. In general, the cybersecurity title provides clarity on DOE’s emergency authority, and requires a number of new programs (and authorizes appropriations) for developing technologies, furthering analytical capabilities, providing technical support, and addressing supply chain risks. It also codifies DOE’s current role as the sector-specific agency for cybersecurity for energy, a function that DOE has been serving in response to Presidential Policy Directive 21 on Critical Infrastructure Security and Resilience.
Clarifying emergency authority and authorizing cost-recovery for emergency actions. The bill grants specific authority to the Secretary of Energy to issue emergency orders to owners and operators of bulk power system infrastructure in response to a cybersecurity threat. This authority is similar to the authority provided to the secretary in section 202(c) of the Federal Power Act, but specific to cyber threats. In utilizing this emergency authority, the secretary is encouraged to coordinate with Canada and Mexico, as well as consult with industry, the North American Energy Reliability Corporation (NERC), and other federal agencies and departments as appropriate.
As our report discussed, a key policy challenge in electric grid cybersecurity is that it involves private sector entities taking actions, at some cost, that have broader public benefits. It is notable that the bill requires the Federal Energy Regulatory Commission (FERC) to develop regulations to allow for cost recovery for prudently-incurred expenses in response to an emergency order.
Expanding DOE programs to develop new technologies. As noted above, DOE has played an important role in advancing cybersecurity awareness and technologies throughout the sector. Our report encouraged expansion of this essential role for DOE. The bill requires DOE to develop and advance cybersecurity technologies for the energy sector and perform pilot demonstration projects.
Conducting risk assessment and providing technical support to states and utilities. The complexity and rapidly changing nature of cyber threats, the interconnectedness of the electric grid, and the economic and security implications of a cyber attack on the energy sector, all justify a strong role for DOE in the development of analytical capabilities to assess cyber risks and tools to help utilities assess and mitigate their own risks. As part of an energy security program under the bill, DOE is required to conduct modeling and analysis to develop capabilities to identify vulnerabilities to grid infrastructure, assess potential impacts of events, research hardening and mitigation solutions, and provide technical assistance to states and other entities for standards and risk analysis. The bill also provides for a program that allows DOE to assist small utilities in assessing cybermaturity.
Addressing supply chain risk. Our report noted the challenges of securing electric utilities’ supply chains. Vulnerabilities may arise when utilities procure hardware and software from third-party vendors. New products and software may not be sufficiently secure in their design, or could be intentionally compromised. The global nature of supply chains imply multiple entry points for cyber attacks. The bill requires that DOE develop a program to test for cyberresilience of supply chain components, oversee third-party testing, and develop procurement guidelines for supply chain components.
Creating a stronger Electricity Sector Information Sharing and Analysis Center (ES-ISAC). The ES-ISAC serves as the primary security communications channel for the electricity sector and enhances the ability of the sector to prepare for and respond to cyber and physical threats, vulnerabilities and incidents. Our report recognized the role of the ES-ISAC as the primary vehicle for utilities and other electric sector participants to share threat information with, or receive information from, the federal government, and emphasized the value of a strong and independent ES-ISAC. The bill contains provisions to enable DOE to enhance the analytical tools of DOE and the ES-ISAC and expand participation in the ES-ISAC. It also requires DOE, in consultation with FERC and NERC, to prepare and submit to Congress a study exploring alternative management and funding structures to expand industry membership in the ES-ISAC.
Like the cybersecurity subtitle, the electricity and energy storage subtitle contains provisions addressing a number of the key findings in BPC’s work, in particular our 2013 Electric Grid Initiative report. Through a number of new programs and appropriations authorizations, this subtitle enhances DOE’s authority to advance energy storage, improve analysis of advanced grid investments and provide technical assistance to states. The subtitle also emphasizes the importance of cybersecurity and interoperability of communications and information technology.
Advancing energy storage. Our report emphasized the transformative potential of energy storage for the grid. Grid-scale storage can enable fast-response ancillary services, help to integrate intermittent generation, and allow for efficient shifting of load. The report recognized storage as a particularly high-value area for DOE’s R&D portfolio. The senate bill prioritizes storage—it calls for DOE to implement a research, development, and demonstration program that addresses the challenges identified in the 2013 Strategic Plan for Grid Energy Storage.
Demonstrating advanced technologies on the distribution system. Our report noted that beneficial integration of advanced technologies on the distribution system may be delayed due to uncertainties about how the technologies will perform and the challenges associated with quantifying the range of benefits of many of these technologies. The bill authorizes DOE to establish a program partnering with a range of potential entities to conduct demonstration projects on the distribution system, with a focus on advanced technologies that improve the efficiency and performance of the future grid. Projects are required to secure integration and management of two or more energy resources, and secure integration and interoperability of communications and IT. Each project must also include a cybersecurity plan.
Informing cost-recovery decisions through analytical and technical assistance. As our report noted, DOE can help to advance cost-effective grid modernization by helping state public utility commissions (PUCs) and utilities evaluate the costs and benefits, including the economic and reliability benefits, of advanced grid technology investments. The scenario development and modeling requirements in the bill are likely to provide state PUCs and utilities useful information to that end. The bill requires DOE to establish and facilitate a collaborative process to develop model grid architecture and a range of scenarios representing different combinations of resources on the grid. The modeling is intended to assist states, utilities, and other stakeholders in enhancing strategic planning, avoiding stranded costs, and maximizing the cost-effectiveness of grid-related investment. The bill also requires DOE, upon request of a state or regional organization, to partner with them to facilitate the development of electricity distribution plans, including evaluation of physical and cybersecurity needs.
Identifying model policy pathways. Our report recommended that DOE fund a review of state PUC and utility best practices for encouraging investments in distribution system modernization. The bill picks up on this idea by requiring DOE to conduct a collaborative process to identify illustrative policy pathways for grid modernization that can be adapted for state and regional applications by regulators and policymakers.
Developing metrics to assess performance. In both the cybersecurity and electric grid reports, we noted the potential value of metrics in evaluating utility performance and proposed investments, and suggested that DOE could fund efforts to develop performance metrics and encourage state PUCs to use them in incentive-based regulatory approaches to encourage innovation and improved performance. The bill seeks to advance the development of metrics by requiring DOE to issue a report evaluating the performance of the grid, developing metrics in the process to assess characteristics such as reliability, efficiency, sustainability, customer satisfaction, and value to ratepayers, as well as how various ownership and operating roles for utilities—and the role of grid operators—might affect performance and investment decisions. Ideally, this metrics development process will inform efforts at the state level to incorporate metrics into PUC regulatory approaches.
Improving transmission siting on federal lands. Our report recognized that valuable long-distance transmission projects are often burdened with delays and additional costs due to inefficient siting processes. This is particularly the case for projects that cross state boundaries or federal lands. The bill attempts to address delays on the federal side by codifying the existence of the Interagency Rapid Response Team for Transmission, and establishes a Transmission Ombudsperson within the Council of Environmental Quality to resolve interagency conflicts or stakeholder complaints that arise during the review process.
At BPC, were pleased to see that the Senate bill contains provisions to address some of the key policy priorities and challenges identified in our work on the electric grid. We look forward to working with the Senate to help move bipartisan energy legislation forward.