USA cyber security under scrutiny at ISA symposium

Where’s the DOE on cyber security, who’s shaping US energy policy, and how much is at stake? All covered by ISA POWID Symposium keynotes

Cyber security progress at the US Department of Energy (DOE), the forces that will shape US energy policy development, and the dollars and jobs at stake were the hot topics covered by three keynote speakers at the 53rd ISA POWID Symposium, underway in Las Vegas, Nevada, 6-11 June 2010.  Though not strictly of immediate interest to other countries, they will perhaps learn from the advances made in this area in this North American country and learn for the experiences. Indeed many US companies operate outside of North America and will be applying these principals and standards in their plants.


Henry (Hank) Kenchington, (right) deputy assistant secretary for research and development for the DOE’s Office of Electricity Delivery and Energy Reliability, announced that the department, working closely with power-generation end users and vendors, has completed the first milestones in its cyber security testing and pre-qualification plan for automated power technologies such as Smart Grid and supervisory control and data acquisition (SCADA) systems. Kenchington shared with the 160 conference attendees some lessons the DOE learned as its team developed the plan. Foremost is that public-private collaboration, critical to building effective grid operational security, must be done within a strategically planned framework. Aligning activities to a common goal not only enhances success, he said, but also helps stimulate investments in control systems security. He added that the DOE’s $4.5 billion from the 2009 Recovery Act that will be used for Smart Grid will be matched by $4.5 billion in private-sector investments.

Another lesson, Kenchington said, is that even with testing and pre-qualifying systems prior to deployment, 100% security is not possible. He pointed out that the electric grid in the US consists of over 200,000 miles of high-voltage transmission lines, thousands of generation plants, millions of digital controls, and over 1,800 entities that own and operate portions of the system. These factors make securing the electric grid a formidable task. To aid the mission, he urged performance-based standards that can provide agility to address rapidly evolving technologies and threats, and that are graded security.

Kenchington leads research and development activities to enhance the reliability, security, and efficiency of the US electricity delivery system. He also directs the $3.4 billion Smart Grid Investment Grant program to upgrade the nation’s power grid with advanced digital communications. In 2003, he lead the development of the national SCADA Test Bed program to enhance the cyber security of control systems. The program has conducted more than 30 vulnerability assessments of SCADA systems, leading to the development of 12 next-generation, hardened systems which are now being deployed to better secure the nation’s power grid against cyber attacks.

Tim Roxey, manager of Critical Infrastructure Protection for the North American Electric Reliability Corporation (NERC), spoke on the increased importance of automation in power generation. He highlighted four key themes that will drive modern energy policy in the US. They include the need for a mix of resources for energy generation, technology developments, policy measures, and the public’s growing awareness of energy issues. He outlined NERC’s cyber security risk preparedness assessment, as well as the company’s ongoing risk assessment efforts.

Roxey is responsible for development and execution of NERC’s key critical infrastructure protection initiatives, such cyber security risk preparedness assessment and other continuous risk assessment efforts. He also acts as a key coordination point for North American government officials and is a member of the Electricity Sector Information Sharing and Analysis Center (ES-ISAC). Roxey has more than 30 years of computer-related experience, was a lead author on the nuclear sector’s cyber security standards, and is former chairman of the Nuclear Information Technology Strategic Leadership’s (NITSL) standing committee on cyber security.

Christopher Guith, vice president for policy at the wonderfully named Institute for 21st Century Energy for the US Chamber of Commerce, continued the theme of US energy security at the Power Industry Division’s Honors and Awards luncheon. He said the Chamber plays a key role in addressing the issue of developing energy policies with members of the US Congress. He explained that the urgency of needing sound energy policies is underscored by the fact that 380-plus energy projects have been delayed or cancelled, more than 130 renewable-energy projects are already under development, $560 billion in investments could be affected, and 250,000 direct jobs could be involved.

Guith is responsible for developing and implementing the Institute’s policies and initiatives as they apply to the legislative, executive, and regulatory bodies of the federal and state governments. Previously, he served as the deputy assistant secretary for nuclear energy at the DOE, where he worked to develop the administration’s nuclear energy policy and coordinated the DOE’s interactions with the US Congress, stakeholders, and the media. He also served as the deputy assistant secretary for Congressional Affairs at the DOE, focusing on energy policy. While at the DOE, he was a chief representative of the administration during the drafting and debate of the Energy Policy Act of 2005.

Symposium attendee, Dr. Peter Fuhr, CEO, Wi-Fi Sensors, Inc., commented, “The keynote speakers’ complimentary perspectives on issues that directly matter to the power industry reinforced POWID’s needs and goals. Dr. Kenchington’s view on what needs to be accomplished regarding the all-important cyber security matters for power were delivered in a clear and concise manner. To have his comments followed up with Tim Roxey on how the combined government-private sector is to work to achieve goals made for an excellent presentation.”

John Plenge of GE Energy commented, “I thought the keynote speakers were outstanding. They were really a hit to kick off the symposium.”

The speaker engagements were arranged by the Automation Federation.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: