Observations on Engineered Resiliency to Mitigate Physical Damage to Grid Assets
- Written by Erich W. Gunther
There has been renewed attention to a substation attack that occurred almost a year ago but remains unsolved. We should not forget that the local grid withstood the attack with nary a blink of the lights, and that power systems are broadly engineered to withstand such incidents. We can make them even more resilient. Distributed generation and microgrids will help.
On February 5, The Wall Street Journal published an article describing an attack that had taken place almost a year before on a Silicon Valley substation. Inspired by disclosures from a former member of the Federal Energy Regulatory Commission, Jon Wellinghoff, and written by the newspaper’s Rebecca Smith, one of the country's most highly regarded energy journalists, the Journal’s report naturally attracted wide attention. A followup article by Smith appeared a month later.
In the attack on the Metcalf substation, the perpetrators first cut a fiberoptic communications cable and then, upon breaching the substation's perimeter, fired more than 100 rounds of ammunition into transformers, completely disabling the facility. The crime remains unsolved to this day, and though Wellinghoff has expressed confidence that it was the work of a terrorist gang, there are other scenarios that could account for it.
In the meantime, there has been a lot of pontificating and political speech about the event, with some even accusing the industry of trying to hide it to avoid embarrassment, others suggesting more charitably that it was downplayed to discourage copycat attacks. It is important to note the attack was reported locally at the time it occurred and that the substation’s owner, PG&E, took immediate actions to bolster the security of its grid assets and keep the Edison Electric Institute informed of its progress. Geisha Williams, PG&E’s executive vice president of electric operations, has provided a clear and frank account of the event, which she called a “game changer” and a “wake-up call” to the industry.
Don’t get me wrong, this is an important event that we need to learn from. It is just frustrating to see politicians and attention seekers co-opting such an event for their own purposes. However, if the renewed attention can help secure the necessary funding to improve the resiliency of our nation's electric power infrastructure, so be it.
My concern is that almost all of the discussion has been on the physical attack and on responding to it by securing the physical assets – guns, guards and gates augmented by cameras, dogs and drones. It is of course important to spend a prudent amount of money on such physical measures, but it is also important to spend money on engineering our electric power infrastructure such that these attacks can be withstood with minimal if any interruption of our energy supply.
Notably, there has been little if any reporting on the fact that even this very sophisticated, violent, destructive attack taking place over an hour’s time did not result in a disruption of energy services to PG&E customers. This is probably one of the main reasons that no one paid much attention to it outside of the local area for very long—the lights stayed on. This is because by and large we have designed a very resilient transmission grid with systems that are capable of automatically reacting to equipment damage no matter what its cause, isolating the damage and almost instantaneously routing power to end consumers from other sources.
This type of performance doesn’t happen by accident. The industry has developed technology, methodologies and standards over more than 100 years to make the electric grid extremely reliable. Standards developed and managed in modern times by the North America Electric Reliability Council (NERC) help ensure that our energy infrastructure can survive at least single and generally multiple element contingencies (cases when more than one system element fails at the same time ). These rules already consider the potential for physical and cyber-attacks and continue to evolve to maintain the reliability and resiliency of our electric power infrastructure.
I had the pleasure over the past six months of participating on the team that worked to guarantee the electrical security of the Superbowl, by ensuring the reliability and resiliency of the energy system serving Met Life Stadium and the overall Meadowlands Sports Complex. All of the actions we took to ensure a successful outcome of that event could be employed on the electric power system nationwide to further improve the reliability, resiliency and event response posture.
Such actions include preparing for multiple element contingencies by verifying that automated systems are correctly configured, that multiple energy sources capable of supplying the load are available and that physical assets are properly maintained and monitored. The engineering methods involved are not new and can be readily deployed elsewhere to improve the resiliency of the system to survive attacks like that experienced at PG&E’s Metcalf substation.
Other technologies that can significantly improve our overall energy security posture are distributed generation and microgrids. The more distributed our energy sources, the more likely we will be able to supply energy to consumers nearby even if we have a catastrophic failure of one or more major transmission, distribution or substation assets. The rapidly decreasing cost of distributed generation technology and an increasing understanding of how to deploy it may significantly reduce the ability of terrorists, storms or other disturbances to significantly interrupt our energy supply. This transition to a more distributed generation will require changes in grid management and controls in order to have the level of stability we enjoy today. Not including it in the plan, as has happened in Germany, can actually cause more harm than good. As noted by David Raskin in the Harvard Business Law Review, “The stability of the German grid is also being put at risk: it has relied more heavily on variable, renewable generation at the same time that grid resources capable of rapidly balancing supply and demand have been shutting down due to anomalous market price signals.” (See also Germany’s Green Energy Destabilizing Electric Grids, published by the Institute for Energy Research.)
Improving the cyber and physical security of our critical infrastructure, deploying distributed generation and microgrids and all of the other more traditional measures necessary to maintain and improve electric infrastructure reliability and resiliency come at a cost. When any given energy consumer is asked, “How much are you willing to spend in electric rates or taxes to reduce the likelihood of a multi-week blackout from one in ten years to one in a hundred?” the response usually is “not much,” and for all practical purposes, zero. It is difficult for individual consumers to comprehend the value of enhanced system reliability or how much major energy system interruptions cost them, which may have subtle but significant economic consequences over years.
It is also difficult for the general energy consumer to recognize that there is a cost for the supporting infrastructure needed to allow them to implement their own distributed generation sources. For this reason our regulators and legislators need to act responsibly on our behalf to ensure our tax dollars are invested wisely to address the larger system of systems. This means prudent investment in physical systems hardening, but also in the engineering and deployment of systems necessary for our electric system infrastructure to be more resilient when physical asset damage does occur.
To this end, I hope our regulators and legislators seek the advice and support of key industry technology organizations such as the IEEE Power & Energy Society, the Electric Power Research Institute (EPRI) and the electric utilities themselves through key supporting organizations such as the Edison Electric Institute (EEI), NERC and others.