RE: NERC Statements on Impact of Security Threats on RTOs

Christi ,

I completely agree with Dave .In addition to the levels of redundancy he =
states it is important to note that the Central Control Centers are more o=
f a communication and dispatch hub but the actual control of the circuit b=
reakers , transformers, phase angle regulators and voltage control devices=
(the reliability backbone) resides within the "sub control centers " of the=
Transmission Operators like Con Edison, Florida Power &Light etc etc..The=
destruction of one of the major RTO control centers will not shut down tra=
nsmission lines or trip generators off line .There would be loss of communi=
cation to the region or local control centers and there may be some out of =
merit generation moves but it would not be a disaster . With the redundanc=
y of control centers, computers ,communications and data acquisition along =
with the proper protocols and procedures the loss should not severely effe=
ct the security or reliability of the transmission grid .This redundancy wi=
ll be an important part of the RTO development but there is no valid reason=
to slow up the present pace of progress because of this issue.

I believe there are much more vulnerable areas within the Transmission grid=
that NERC should be concerned about and address . I am open to continue th=
is discussion off line . Dan =20

=20
-----Original Message-----
From: =09Perrino, Dave =20
Sent:=09Wednesday, September 26, 2001 12:53 PM
To:=09Nicolay, Christi L.; Shapiro, Richard; Steffes, James D.; Robertson, =
Linda; Shelk, John; Yeung, Charles; Ingersoll, Richard; Rodriquez, Andy; No=
vosel, Sarah; Fulton, Donna; Alvarez, Ray; Roan, Michael; Maurer, Luiz; Con=
nor, Joe; Walton, Steve; Comnes, Alan; Staines, Dan; Fromer, Howard; Allegr=
etti, Daniel; Hoatson, Tom; Twiggs, Thane; Shortridge, Pat
Subject:=09RE: NERC Statements on Impact of Security Threats on RTOs

Christi,

The NERC statements clearly seem to indicate they feel threatened by the RT=
O formation process and EISB.

Frankly, nothing stated anywhere in the attachments hasn't already been tho=
ught out and handled by the three ISOs in the East and the CAISO as well. =
All four of these entities have fully functional back-up facilities in othe=
r parts of their regions and NERC is fully aware of them. I would assume E=
RCOT also has a fully functional, redundant control scheme in place as well=
.

In the case of NY there is another site physically apart from the main cont=
rol center which has a fully redundant computer and communications system. =
They have (or used to have) plans which in the event neither center is ava=
ilable, can revert control back to the TOs (heaven forbid) until ISO perso=
nnel can resume control of the grid. So they have 3 sets of redundancy, in=
addition to radio and satellite communications if necessary.

Earlier RTO West discussions all contained similar concerns and plans for r=
edundancy and the DSTAR preliminary design documents also plan on redundanc=
y. NERCs assertion that they would "slow-down" the RTO formation process i=
s absurd (geez, it's going too slow now!!!).=20

Running distributed, synchronized computer networks is not rocket science..=
.how do the folks at NERC explain the NYSE quick recovery from a ground zer=
o attack? There was no report of crippling loss of financial information..=
.at least that I am aware of. Even a small operation like APX operates the=
ir systems using distributed computing and synchronized data.

For NERC to use the NIMDA virus as a specific attack on the electrical grid=
operation and the compromising of reliability is preposterous and the resu=
lting "service denials" cited are probably refusal(s) of tags, which from w=
hat I understand, the utilities probably cause much more self-inflicted hav=
oc than this virus!

The press release you refer to just confirms NERC's position of maintaining=
status quo. Should we "call" NERC on these statements? The remarks made =
in these public statements seem irresponsible.

Kind Regards,

Dave=20

-----Original Message-----
From: Nicolay, Christi L.=20
Sent: Wednesday, September 26, 2001 9:11 AM
To: Shapiro, Richard; Steffes, James D.; Robertson, Linda; Shelk, John;
Yeung, Charles; Ingersoll, Richard; Rodriquez, Andy; Novosel, Sarah;
Fulton, Donna; Alvarez, Ray; Roan, Michael; Maurer, Luiz; Connor, Joe;
Walton, Steve; Comnes, Alan; Perrino, Dave; Staines, Dan; Fromer,
Howard; Allegretti, Daniel; Hoatson, Tom; Twiggs, Thane; Shortridge, Pat
Subject: FW: NERC Statements on Impact of Security Threats on RTOs

Our NERC folks should be able to shed more light on why NERC is making stat=
ements that on their face look anti-large RTO (the other emails and comment=
s in these document look more like "this should be reviewed".)
Do we (and other market participants) need to have a computer systems group=
perform a study that includes redunancy issues, etc. to counter this? Cer=
tainly, Pat Wood and Nora Brownell's testimony to Congress indicate that th=
ey believe that large RTOs will bring more security and reliability (we hav=
e included this in our SE RTO mediation comments.)

-----Original Message-----
From: Michael Reddy [mailto:Mreddy@epsa.org]
Sent: Tuesday, September 25, 2001 4:09 PM
To: acomnes@enron.com; Hawkins, Bernadette; Nersesian, Carin; Yeung,
Charles; Nicolay, Christi L.; Fulton, Donna; Scheuer, Janelle; Hartsoe,
Joe; Shelk, John; Jsteffe@enron.com; Noske, Linda J.; Robertson, Linda;
Alvarez, Ray; Shapiro, Richard; Novosel, Sarah; Mara, Susan; Lindberg,
Susan; Hoatson, Tom
Subject: NERC Statements on Impact of Security Threats on RTOs

MEMORANDUM

TO: Legislative Affairs Committee
Regulatory Affairs Committee
NAERO Working Group

FROM: Scott Weiner, Legislative Affairs Committee Chair
Jim Steffes, Regulatory Affairs Committee Chair
Mark Bennett, Senior Manager of Policy
Donn Salvosa, Manager of Government Affairs

DATE: September 25, 2001

RE: NERC Statements on Impact of Security Threats on RTOs

The attached e-mail in Microsoft Word form contains statements that NERC ma=
de during a recent meeting with members of the national press. The stateme=
nts concern NERC's view of the implications of terrorist threats for FERC's=
" Four RTO policy" set forth in its July 12th Order. The statements also =
may bear upon the effort to establish a new standards setting organization,=
particularly the possibility that NERC's responsibilities could be shifted=
to EISB. Also attached is an article containing the views of R.J. Rudden =
Associates, Inc. that discusses the risks associated with centralizing cont=
rol center operations.

Specifically, NERC representatives informed the press that on September 11 =
"the grid was the target of an insidious cyber attack that shut down some f=
acilities...from an information administration standpoint." They noted tha=
t this resulted in service denials, although it is not clear whether they i=
ndicated where or how much. This event was attributed to the so-called "NI=
MBA virus".

NERC's statements suggest a new strategy to preserve the role they've playe=
d not only in security matters, but possibly other aspects pertaining to "r=
eliability standards." They warn against any immediate transition to fewer=
RTOs as envisioned in FERC's July 12th Order. Moreover, it is likely that=
NERC will argue that, given its expertise and experience, recent events ma=
ke transitioning to a new standards organization (EISB?) ill advised. =20

It is unclear what, if any, impact all this may have on RTO development, th=
e legislative effort to establish a new reliability standards body or the N=
ERC Board's consideration of pending reform proposals at its October meetin=
g. However, we can expect security related issues to be included in future=
discussions of these matters.=20

Please provide your reactions to the NERC statements to Mark Bennett at 202=
-628-8200 or mbennett@epsa.org