ERO Enterprise releases roadmap for integrating cyber security into transmission planning
A white paper titled Cyber-Infomed Transmission Planning was published this week by ERO Enterprise – an entity consisting of the North American Electric Reliability Corporation (NERC) and six regional entities – detailing a path to integrate cybersecurity into transmission planning.
This was deemed necessary by the team behind the paper because of a rapidly evolving threat landscape rife with increasingly sophisticated cyber attacks from both nation-states and individuals and an associated need to strengthen grid resilience against attacks that could prove catastrophic. By incorporating cyber-informed planning approaches where traditionally not considered, the team concluded – and NERC called for in its Security Integration Strategy – the industry could be better positioned to reduce risks to reliability and security within the bulk power system.
“The ERO Enterprise team worked closely together to develop this critical framework,” said Mark Lauby, NERC’s senior vice president and chief engineer. “The framework sets the stage to plan for a more resilient and secure system, addressing the risk in the long-term planning horizon rather than attempting to bolt on security later in the future. It also seeks to reduce the number of critical stations on the bulk power system through integrated transmission and cyber security enhancements.”
The framework presented was meant to promote investments into cyber security where warranted for use by NERC, regional entities, stakeholders, regulators, and policymakers alike in any reliability studies of risks or efforts to mitigate. It called for unified terminology and definitions across security and engineering disciplines, mapping out the known security threats, vulnerabilities, and impacts to conventional transmission planning, as well as analyses of the current state of cybersecurity consideration and recommendations to improve existing standards.
At its core, the paper was built around the long term: providing steps for these various groups to take to secure the grid down the line, including piloting projects to inform possible enhancements to NERC reliability standards, as necessary.
