Even without intentional attacks, power systems are always undergoing damage and recovery. While system owners and operators should do all that they reasonably can to ensure that their systems are able to withstand anticipated assaults from natural and human sources, there are practical limits to how much such systems can be hardened” because of its highly distributed nature. The complete elimination of all possible modes of failure is simply not a feasible objective. Thus, even in the absence of threats from terrorists, an important design objective should be resilience, i.e., the ability to rapidly restore the power system after a problem occurs and the ability to sustain critical social services while the problem persists.
The need to reduce the vulnerability of the U.S. electric power system is well recognized in the government and industry. Although related action has been somewhat slow and limited, many improvements made behind the scenes are rarely reported in detail to the media. Reducing the vulnerability of electric power systems is becoming a top priority of utility management. In addition, the Energy Policy Act of 2005 (EPAct) includes provisions to strengthen the system and make temporary improvements permanent. Under authorization provided by EPAct, the North American Electric Reliability Council (NERC) is now moving to improve U.S. electric power system performance through the creation of the national Electric Reliability Organization (ERO), which has the authority to develop mandatory reliability standards. EPAct also provides incentives for both expanding the transmission system and removing barriers to siting transmission lines, and it addresses the problem of relieving areas of critical congestion on the transmission system. Improving the resilience of the transmission system to relatively routine failures will also reduce vulnerability to deliberately caused failures.
Actions by the utility industry to deal with terrorism focus on prevention, detection, and restoration. Prevention measures that the industry has implemented include:
• Self-determination of the proper alert level for physical and cybersecurity in conjunction with the advice of the DHS,
• Security improvements such as physical barriers and an increased security workforce for protecting physical facilities, and
• More stringent security requirements for facility entry.
In the area of detection, several activities are ongoing, such as:
• Training system operators to consider sabotage and terrorism as a possible explanation for disturbances,
• Implementing a real-time data collection process for reporting indicators of potential physical and cyber-events to DHS (such as the presence of strange vehicles and aircraft near critical facilities),
• Holding conferences sponsored by industry and government, conducting dialogs, holding scheduled conference calls, and exchanging security-related alerts, brochures, and newsletters.
Restoration activities include:
• Preparing contingency plans for restoring service,
• Stocking equipment needed for service restoration,
• Cataloging and agreeing to share spare transformers following an attack.
The most relevant provision of EPAct is establishment of the Electric Reliability Organization to develop and enforce reliability standards for the bulk transmission system. Before it was designated as the ERO in July 2006, NERC could only recommend upgrades as needed to maintain reliability. Now, those standards will be mandatory, but they must also be approved by FERC. NERC will base its standards in part on existing data and experience with past operating incidents. According to Section 236 of the ERO certification order:
NERC states that the purpose of a Reliability Standard, or its reliability objective, should derive from one or more of the following eight general objectives: (1) the Bulk-Power System should be planned and operated to perform reliably under normal and abnormal conditions; (2) the frequency and voltage of the Bulk-Power System should be controlled within defined limits by balancing real and reactive power supply and demand; (3) information necessary for the planning and operation of the Bulk-Power System should be made available to those who need it; (4) emergency operations plans should be developed and implemented; (5) facilities for communication, monitoring, and control should be provided, used and maintained; (6) personnel must be trained, qualified and must have the authority to implement actions; (7) the reliability of the Bulk-Power System should be monitored on a wide-area basis; and (8) the Bulk-Power System must be protected from malicious physical or cyber attacks. (FERC, 2006)
Only the last general objective directly addresses the potential for terrorist attacks. Basing NERC standards on past experience will make it difficult to ensure that they protect against effects of terrorism, as there are no data on the