HR 5026, the Grid Reliability and Infrastructure Defense (GRID) Act, passed the House by unanimous voice vote on Wednesday, June 9, 2010. The act allows the Federal Energy Regulatory Commission (FERC) to bypass the NERC standards setting process of Section 215 of the Federal Power Act and issue orders directly concerning: 1) Vulnerabilities not addressed by current NERC CIP standards which remain in effect until FERC approves a NERC standards which covers the vulnerability; and 2) Imminent cyber threats as determined by the President. FERC jurisdictional authority is also extended to energy distribution facilities serving the Presidentially-designated top 100 defense facilities in all fifty United States and its territories. FERC is also directed to address mitigation measures for geomagnetic events (including solar flares and EMPs) and physical attacks.
The Act will now be referred to the Senate for consideration. With the clock winding down for this session of Congress and the calendar already full with other items, consideration by the full Senate is uncertain. Majority Leader Reid has made it known that he intends to consider only comprehensive cybersecurity legislation rather than sector-by-sector bills due to the lack of time.
Good move by the House of Representatives in realizing the magnitude of the risk and importance.
In my humble opinion, Smart Grid security is paramount. Waiting is not an option. Waiting is a landmark mistake.