Continuing to enhance routine and emergency operations coordination between the electricity industry and natural gas providers and boosting operational coordination between the electricity industry and communications providers are recommendations flowing from a November 2021 grid security exercise that included a significant number of public power participants.
Over two days, more than 700 planners led their organizations’ efforts to exercise their response and recovery plans in the face of simulated, coordinated cyber and physical attacks on the North American bulk power system and other critical infrastructure during the exercise, GridEx VI.
Hosted every two years by the North American Electric Reliability Corporation’s Electric Information Sharing and Analysis Center (E-ISAC), GridEx is the largest grid security exercise in North America.
In 2021, GridEx participants expanded to include more representation from public power, co-op and municipal entities, Canadian partners and other critical infrastructure sectors, such as natural gas, original equipment manufacturers, financial services, and telecommunications, NERC said. Approximately 60 public power utilities participated.
The E-ISAC divided play into two portions. Distributed Play, held on November 16–17, 2021, provided the opportunity for operational participants across North America to exercise the resilience of the electricity system. The Executive Tabletop, held on November 18, 2021, convened industry executives and government leadership from the United States and Canada to explore the challenges presented by a severe cyber and physical attack against the grid.
On April 7, 2022, NERC released a lessons learned report related to GridEx VI.
Executive Tabletop Overview
The GridEx VI Executive Tabletop saw executives and leaders from 88 organizations, and almost 200 individuals in total, join the Tabletop.
Participants included senior representation from U.S. and Canadian government entities and executive leaders representing U.S. and Canadian cooperatives, investor- and publicly-owned utilities, and independent system operators.
The lessons learned report said that the E-ISAC took steps to diversify participation in GridEx VI to account for a wider range of perspectives when exploring the Tabletop scenario.
This resulted in greater participation from interdependent industries, such as natural gas and telecommunications, an active role for Canadian Government partners, and wider U.S. Government representation, including representatives from state government. The active participation of representatives from the Canadian government and interdependent industries in particular added significant value to the Tabletop as reflected in the report’s recommendations, the report noted.
Details on Tabletop Scenario
The Tabletop scenario prompted participants to assess the impact of serious cyber and physical security attacks and take the actions needed to respond; communicate effectively; restore power; and address serious public health, safety, and grid security challenges.
The Tabletop exercise was designed in four phases to simulate how industry and government would respond to a sophisticated, well-coordinated cyber and physical attack.
These phases were as follows:
Phase 1—The First Hour after the Attacks: Challenging operating conditions further degrade reliability when the Western Interconnection splits into two islands after a transmission disturbance initially assumed to be caused by wildfires.
Phase 2—The Next Morning: Attacks on electricity and natural gas infrastructure cause widespread power outages affecting many high-priority customers, including defense-critical facilities.
Phase 3—Later that Day: Telecommunications disruptions impair power system restoration activities and complicate coordination with government. Wind generation resources are disrupted by widespread control and response issues.
Two Weeks and Beyond: The Western Interconnection is restored and customer load is eventually reconnected, but energy and capacity margins are tight for the foreseeable future. Active cyberattacks have ceased.
During plenary and breakout sessions, facilitators led participants through discussions designed to simulate the communication and coordination that would occur during a real event.
Executive Tabletop Recommendations
Among the recommendations included in the lessons learned report related to the executive tabletop is that industry and government should continue to build effective communications procedures and systems to share operational information.
“The electricity industry has robust grid monitoring and control capabilities that have withstood the test of emergency situations over decades of operation. However, the Tabletop scenario presented conditions that severely strained the industry’s ability to communicate operational status to their many external stakeholders, including state/provincial and local government,” the report said. “In addition, the scenario’s involvement of a nation-state adversary added a layer of complexity regarding how and with whom to share highly sensitive information.”
The report also recommends that there be continued enhancements to routine and emergency operations coordination between the electricity industry and natural gas providers.
The scenario included disruptions of natural gas to generating stations, the report noted. “Compared with the previous Tabletop two years ago, the discussion benefitted from the more robust participation of natural gas operators, the Oil and Natural Gas Subsector Coordinating Council, and natural gas trade associations in the United States and Canada.”
Strengthening operational coordination between the electricity industry and communications providers is another recommendation.
“The critical interdependencies between the electricity and communications sectors are well-understood and have often been a prominent component of the GridEx series of exercises,” the report said. “This time, the Tabletop scenario featured a widespread loss of landline and cellular communications while electricity utilities were recovering from the cyber and physical attacks and restoring the grid. Participants agreed that the loss of communications would essentially halt the grid restoration process.”
Other recommendations related to the tabletop exercise are:
- Continue to reinforce relationships between governments in the United States and Canada to support industry response to grid emergencies
- Clarify the differing crisis communications roles of the Electricity Subsector Coordinating Council (ESCC) and Reliability Coordinators (RC) with government and their members, including Canadian members.
- Continue to build effective communications procedures and systems to share security information
- Continue to build on understanding of grid security emergency order development and consultation processes.
Distributed Play Scenario
The GridEx VI Distributed Play scenario saw a nation-state target the North American grid with cyber and physical attacks that spanned two days.
Incidents ranged from disinformation on social media to cyberattacks that targeted industrial control systems.
The E-ISAC divided the two-day exercise into four moves. The E-ISAC also developed “Move 0,” which included optional material in the week preceding the exercise to prepare players for the incidents that would follow.
The E-ISAC developed a series of physical, cyber, and operational injects in partnership with subject matter experts, expert planners, and partners from the SANS Institute, Idaho National Laboratory, and the National Renewable Energy Laboratory to ensure that the exercise reflected the complex threat the grid faces today, the report noted.
The E-ISAC developed a scenario and a Master Scenario Event List, but the planners were encouraged to customize the scenario to meet their needs. Consequently, the timing, content, and substance of exercise play varied between participating organizations.
The Distributed Play Scenario drove observations and recommendations, captured in the GridEx VI lessons learned report, identifying specific actions the E-ISAC could pursue to improve future GridEx exercises, including ways to increase participation and effectiveness of future GridEx exercises.