In the past few years, airports, borders, ports, federal office buildings, and critical infrastructure have all been subjected to heightened security standards, either by legislative mandate or through industry-adopted guidelines. This spring, the rural electric cooperatives (RECs) became the latest segment of our nation's infrastructure to potentially be subject to federally mandated security measures.
Rural electric cooperatives come in all shapes and sizes, but they tend to serve the rural areas with a relatively low population density. Additionally, most electric cooperatives are so-called distribution cooperatives. These entities distribute power generated by others (sometimes other cooperatives) to their customers.
On March 19, the Rural Utilities Service (RUS), a division of the U.S. Department of Agriculture, issued a notice of a proposed rule (7 CFR 1730) to amend its regulations on electric system operations and maintenance by expanding the requirements of the RUS-mandated Emergency Response Plan (ERP). The proposed change would require electric coops who are recipients of RUS loans to detail how they would restore their systems in the event of a system-wide outage resulting from a major natural or man-made disaster.
The proposed rule goes on to require the expanded ERP to include preventative and recovery procedures for physical and cyber attacks as well as to address homeland security concerns. It proposes two requirements of its distribution and power supply borrowers. Specifically, each borrower is to
1. perform a security system vulnerability analysis and risk assessment on its system, and
2. annually exercise its ERP. This exercise can either be a tabletop simulation or actual implementation of the plan.
While the proposed rule leaves a number of questions unanswered regarding actual implementation, the concept of identifying and mitigating security concerns throughout the electric infrastructure is a good one. The distribution cooperatives serve actual consumers; loss of all or part of an REC distribution system means homes, farms, businesses, and in many cases, critical facilities are without power. This affects the local economy, endangers crops and degrades the morale of affected communities.
However, this will be new ground for the RECs. Security has not been a priority topic for them. While their focus has always been inexpensive and reliable power, the threat has generally been natural, not man-made, events. Fortunately, much of the analysis and engineering that makes a system resilient to natural disasters also applies in large part to man-made events.
The first activity an REC will need to perform in response to the proposed rule is the vulnerability analysis and risk assessment. The proposed rule is silent on the specific technique to be used. Many will suggest that one of the existing software or forms-driven assessment tools be modified to fit the RECs. Unfortunately, that approach will stretch the capacity of most RECs, who staff conservatively to remain competitive in difficult markets. An alternative is to turn to some of the traditional techniques that may not seem as rigorous but can yield very useful results nonetheless.
The safety analysis practice has much to contribute in this regard. One of the first techniques encountered in a system safety text is simple brainstorming. This relies on the institutional knowledge of system owners and operators to identify those initiating events that can result in undesired system response, in this case partial to total failure of the system to deliver power to the REC customers. As mentioned above, this effort will be aided by the investment all RECs have made in planning for system disruption from natural disasters.
A slightly more formal technique is a failure modes and effects analysis (FMEA). This provides structure to what may otherwise be brainstorming sessions by first identifying all of the major failure mechanisms present. This technique then follows the chain of events that ultimately result in the undesired event.