FERC recently issued an order approving revisions to the North American Electric Reliability Corporation (NERC) Rules of Procedures to modify the rules for developing mandatory reliability standards. These changes, reflected in Section 300 and Appendix 3A to the NERC Rules, will allow NERC to curtail the use of its traditional stakeholder-driven reliability standards development process where NERC leadership concludes that the process would be too cumbersome in addressing the reliability risk.
Power & Pipes
FERC, CFTC, and State Energy Law Developments
In 2022, FERC began issuing directives aimed at ensuring that the reliability of the bulk-power system is protected from potential risks posed by the growing number of inverter-based resources (IBRs) connected to the electric grid. As we previously reported, FERC issued three orders in December 2022 focused on increasing regulations for IBRs through the North American Electric Reliability Corporation (NERC), an independent electric reliability organization that develops and enforces mandatory reliability standards. In continuance of this goal, this fall, FERC took the step of directing NERC to develop or modify reliability standards specifically to address reliability concerns attributable to IBRs (Order No. 901).
FERC has issued its final rule paving the way for incentive-based rate treatment for electric utilities that make certain voluntary cybersecurity investments. As we first noted in 2020 when describing the proposed rule, the final rule provides a new mechanism for promoting cybersecurity of the bulk-power system by rewarding utilities for proactively enhancing their cybersecurity programs beyond the mandatory requirements of the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) reliability standards.
On March 16, FERC approved North American Electric Reliability Corporation (NERC) Reliability Standard CIP-003-9, Cyber Security – Security Management Controls, which introduces two new requirements to the suite of cybersecurity protections for low-impact bulk electric system (BES) cyber systems. The requirements focus on mitigating a supply chain risk that continues to challenge the electric industry: vendor remote access to critical electronic systems. The new rule will ensure these vendor risk mitigation requirements apply across every BES facility in the continental United States.
There are no unimportant North American Electric Reliability Corporation (NERC) reliability standards, but from time to time, NERC and the Regional Entities (Regions) place greater emphasis on certain reliability standards in response to events affecting the grid. With headline-grabbing physical attacks on power substations across the country in recent months, one of NERC’s greatest current priorities is evaluating the effectiveness of its physical security standards, most notably CIP-014.
FERC issued three orders focused on increasing regulations for inverter-based resources (IBRs) in fulfillment of one of its primary goals to protect the reliability of the bulk-power system. FERC ensures this reliability through the North American Electric Reliability Corporation (NERC), an independent Electric Reliability Organization that develops and enforces mandatory reliability standards. The reliability standards are only mandatory for certain entities registered with NERC, but most IBRs are not required to register and therefore are not obligated to follow the reliability standards.
The North American Electric Reliability Corporation (NERC) filed its 2022 NERC Standards Report, Status and Timetable for Addressing Regulatory Directives summarizing the progress made and plans for addressing the reliability standard-related directives issued by applicable governmental authorities. NERC reported that since March 29, 2021, the date of NERC’s last annual report, it filed petitions with the Federal Energy Regulatory Commission (FERC) addressing four reliability standards-related directives.
The US Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corp. (NERC) jointly authored a report regarding the February 2021 power outages in Texas and the US Midwest caused by extreme cold weather. The report identifies the causes of the outages and outlines a series of recommendations focusing on enhanced protection against cold weather for critical generation as well as the natural gas assets supplying gas-fired generation so that this infrastructure remains operational even in extreme cold weather.
FERC approved revisions to three Critical Infrastructure Protection (CIP) North American Electric Reliability Corporation (NERC) Reliability Standards to expand the scope of the assets subject to supply chain cybersecurity requirements and related obligations. Supply chain cybersecurity continues to be a focus of NERC, energy industry stakeholders, and government regulatory and securities agencies.
A LawFlash prepared by our energy team discusses likely results of the Texas power outages and blackouts during the recent winter storm, which include federal and state investigations into the outages, federal investigations into commodity and futures price spikes during the storm, force majeure inquiries, and demands for corrective actions to ensure future reliability of the grid system.