View recent news coverage highlighting interviews and quotes from LPPC.
Public Power Daily: NYPA, SRP Cyber Experts Get Window Into How E-ISAC Handles Data
February 21, 2018
By Jeannine Anderson
Two cyber security experts – one from the East, one from the West – came to Washington, D.C., in late January to spend a week at the headquarters of the Electricity Information Sharing and Analysis Center, or E-ISAC. The two took part in a new pilot program to help utilities get to know the E-ISAC better and to give the agency feedback on how to better inform the U.S. electricity industry about cyber and physical attacks.
In interviews, these two utility officials – Jeff Staten, senior cyber security analyst with the New York Power Authority, based in White Plains, New York, and Nick Giaimo, principal security analyst with the Salt River Project near Phoenix, Arizona – talked about what the week at E-ISAC was like and discussed some of the initial lessons learned from the pilot project, called the E-ISAC Industry Augmentation Program.
In separate interviews, others involved with the project talked about how the idea for it came about and explained how participation in the program – which is currently limited to members of the Large Public Power Council (LPPC) – could be expanded later this year to include investor-owned utilities, public power utilities, and rural electric cooperatives. The second round of the pilot project is scheduled for late February into early March, and a third round is scheduled for late April into early May.
Intel from utilities is key
The E-ISAC staff “have connections to threat intelligence that folks in the industry don’t have,” and do a good job of analyzing that information, NYPA’s Staten said in a Jan. 29 interview. But it also is very important for the E-ISAC to receive pertinent information from the electric utility industry, he said.
“The more information they get, the better the analysis,” Staten said.
“If you don’t share information, you don’t get analysis,” he said. “If you don’t get analysis, you don’t get the bigger picture.” And utilities who report information to the E-ISAC can take advantage of the agency’s ability to synthesize and analyze data, he noted.
Both NYPA’s Staten and SRP’s Giaimo said that one of the initial lessons learned from the first week of the pilot program is that working alongside the E-ISAC staff, and getting to know the agency’s work processes, helps build trust between the ISAC and the electricity industry.
The E-ISAC is operated by the North American Electric Reliability Corporation, which sets mandatory reliability standards for the U.S. electric utility industry. Its offices are at NERC’s headquarters in Washington, but are physically separate from the rest of NERC, and E-ISAC staffers sign a code of conduct preventing them from disclosing any confidential information to others at NERC.
‘Firewall’ separates E-ISAC from rest of NERC
Staten said that, among other things, spending the week at the E-ISAC offices showed him and Giaimo that the ISAC is a separate organization, with a separate budget and office space that is walled off from the rest of NERC and is accessible only to E-ISAC staff.
“We observed a great sensitivity” by E-ISAC staff about “where the firewall is between the E-ISAC and NERC,” said Staten. There is “a clear boundary between E-ISAC and NERC.”
The E-ISAC is very careful about how it handles information that it gets from utilities, he added.
As an example, Staten said, “Say a phishing email is sent to a CEO,” and the utility reports this to the E-ISAC. The agency’s staffers “keep that information anonymous,” he said. “They sanitize it to make sure that the source of the information is not going to be revealed.”
The NYPA official noted that before spending the week with E-ISAC, he was aware of its watch floor and analysis team, but did not know about the full extent of the publications, workshops and other educational materials the E-ISAC produces. Those include daily, weekly and monthly reports, as well as special alerts and bulletins. The E-ISAC also takes part in and facilitates public and private sector participation in GridEx, the major NERC exercise held every other year; and its annual grid security conference, GridSecCon.
E-ISAC wants feedback from utilities
Staten emphasized that those who work at the E-ISAC are very eager to get feedback from the electric industry on what they do and want to know how they can improve.
“They were very solicitous of criticism – everybody was very open,” he said.
Asked for any advice he might give to others in the utility industry who are interested in taking part in the Industry Augmentation Program, Staten said that anyone presented with the opportunity to be in this type of exchange program should take advantage of it.
“Do it,” he said. “You’re going to learn so much.”
The Industry Augmentation Program encourages “better communication between the industry and the E-ISAC,” said the SRP’s Giaimo. The E-ISAC “is trying to look at various ways they can raise awareness of their role and increase engagement with industry,” he said in a Jan. 30 interview.
He and Staten “gave feedback as to which [of the E-ISAC’s] products we were aware of or were not aware of,” Giaimo said.
The face-to-face exchange made possible by the week at the E-ISAC’s headquarters was “extremely beneficial,” he said.
Getting to know E-ISAC – and each other
“Getting to know each other, examining their processes and tools, and giving them a glimpse into our processes” meant that he and Staten came away with a more detailed understanding of what goes on at the E-ISAC, said Giaimo. In turn, the E-ISAC staff gained a better understanding of how grid security operations take place at the utilities where the two industry participants work.
It also was a good opportunity for him and Staten to talk shop, he said.
“Jeff and I had numerous conversations about things going on in our organizations,” Giaimo said. “There is a lot of value in having that kind of community within the industry.”
The agency’s watch floor resembles a security operations center, with monitors on the walls, said the SRP official.
“It was helpful to see what their process looks like – see how they follow up with industry,” he said.
Asked whether he too would recommend the program to others in the electricity industry, he said, “I certainly would.”
These days, Giaimo observed, attackers “are becoming more highly organized, more well-funded.”
“Essentially anyone who has a presence on the Internet is going to be exposed to these types of threats,” he noted. “Then there are people who are interested in our sector specifically.
When asked why people want to attack utility systems, he said such efforts can be motivated by different factors. There could be a financial reason for trying to extract customers’ data, or for gaining access to a utility’s network and then using it in various ways – for example, for cryptocurrency mining. A nation-state may want to obtain sensitive information about utility or grid operations that could be used later. People sometimes hack systems just to see if they can do it, as well, and sometimes there are “crimes of opportunity,” he said.
Whatever the reasons behind the attempted incursions, the E-ISAC helps utilities guard against them by uniting people within the electric utility sector, Giaimo said: “We’re better together.”
‘Trust is the cornerstone’
The Industry Augmentation Program pilot “is something we’ve been wanting to do for quite some time,” said Steve Herrin, the E-ISAC’s director of operations. It is “vital to get face-to-face feedback from the industry on how the E-ISAC operates,” he said in a Feb. 2 interview.
Asked about the preliminary lessons learned, and the role of trust in the relationship between the E-ISAC and utilities, Herrin said, “Trust is the cornerstone of the information-sharing concept.”
Without trust, he added, “no one wants to share anything.”
When someone from a utility shares its information with the E-ISAC, the E-ISAC is extremely careful what it does with that information, he said.
“We handle the information based on how the participants want us to,” Herrin said. The sharing of information is limited using a system of traffic light protocols, or TLP – a color code for the information. The utility – or whoever is sharing something with the E-ISAC – decides what TLP rating will apply to the information.
In the first week of the Industry Augmentation Program, the participants from NYPA and SRP “were really able to grasp how much the E-ISAC is a trusted source for quality analysis,” and for the rapid sharing of possible threat information, he said.
The E-ISAC “is very interested in getting feedback, to make their processes work better,” said Michael Fish, a Salt River Project official and a member of the Industry Augmentation Program Working Group, in a Feb. 1 interview. The working group is part of the LPPC’s Cyber Security Task Force, which helped create the IAP pilot program.
Fish, who is senior director of Enterprise Cyber Security at SRP, said the first week of the pilot project, held at E-ISAC’s offices Jan. 22-26, went very well.
“I think it was very successful,” Fish said. Some refinements may be made to the program in the coming weeks and months, he said, but so far, so good.
“I think we’re off and running,” he said.
The second round of the pilot project will take place the week of Feb. 25, with LPPC participants from the Nebraska Public Power District and the New York Power Authority. The third and last round of the pilot program is scheduled for the week of April 29, with LPPC participants from the Sacramento Municipal Utility District in California and JEA in Jacksonville, Florida.
E-ISAC had the idea; LPPC made it happen
The goal of the pilot program is “to provide the industry participants with a first-hand appreciation of the E-ISAC’s work processes and practices,” including its relationships with government agencies and other ISACs that have been created to protect critical infrastructure, notes the draft E-ISAC Industry Augmentation Program Manual for Pilot with the Large Public Power Council. Another objective of the pilot is “ultimately making the program available to the entire industry,” says the draft manual, which is being updated based on feedback from the pilot program.
The idea is for the electric utility industry to collaborate more with the E-ISAC and others “to raise our collective cyber security posture,” said Randy Crissman, senior consultant-utility operations with the New York Power Authority, who helped organize the pilot program on behalf of the LPPC and the E-ISAC.
Crissman said the idea for the pilot program came a couple of years ago, when he attended a presentation made by Marcus Sachs, the former NERC chief security officer who left the organization in November. Sachs mentioned the idea of a program that would bring utility people to the E-ISAC’s watch floor. The watch floor handles incoming information from utilities and others about possible incursions or other threats.
The idea was that the utility people, if they came to the E-ISAC, could help provide feedback on how well E-ISAC processes and products – such as bulletins, alerts and daily reports – were working from the point of view of the industry participants. At the same time, the E-ISAC could learn first-hand from the industry participants details about how their utilities’ cybersecurity programs are put together.
When the LPPC’s Cyber Security Task Force became aware of the E-ISAC’s desire for a pilot program that would make such an exchange possible, the task force began pursuing such a program, and formed the Industry Augmentation Program Working Group to work through the details.
Crissman did much of the ground work, setting up conference calls with LPPC and E-ISAC officials.
The objective was to help the E-ISAC pilot the program “and work out the kinks,” Crissman said in a Jan. 31 interview. The LPPC would help to create an experimental program at the E-ISAC which, if successful, would become a permanent, self-sustaining program that then would be opened up to the rest of the electricity industry.
Electricity is ‘built into everything’
Electricity “has made its way into the U.S. culture, and is as important as food or water,” said Kenneth Carnes, the New York Power Authority’s vice president and chief information security officer, in a Jan. 31 interview. Electric power is now essential and is “built into everything,” he said.
Carnes, who is a member of the LPPC’s Cyber Security Task Force, was in Washington, D.C. to help launch the program the week of Jan. 22.
He called the Industry Augmentation Program “a big win for both sides of the table” – the utility people who take part, and the E-ISAC staff – and added that the E-ISAC has been very supportive of it.
“I’m hoping we can continue” the program once the pilot stage is over, and possibly “use this as a model for any other ISACs” who might be interested, Carnes said.
He said the pilot program is a credit to the public power sector, which “has a strong history of collaboration.”
Pilot program dovetails with strategic plan
The Industry Augmentation Program “is one of the tools in our toolbox that we’ve been very thankful for, with Randy Crissman’s leadership,” said Bill Lawrence, director of the E-ISAC. The pilot program also fits well with the E-ISAC’s five-year strategic plan, which focuses on continuously improving information sharing, analysis, and engagement, he said, adding that the E-ISAC is currently recruiting for several new job openings, including more cyber and physical security analysts, and a director of engagement.
The industry has a vested interest in the E-ISAC and wants it to be a world class organization. SRP’s Fish is also the public power representative on the E-ISAC member executive committee that provides strategic leadership and direction to help guide the future of the E-ISAC.
For the industry participants coming to Washington, the new program “beefs up trust in the area of information sharing,” he said. “We show them how we go through the information-sharing process.”
The information is shared using the traffic light protocol, or TLP. If a utility tells the E-ISAC something, the utility can designate that information as TLP red, amber, green or white. If it’s TLP red, it must be tightly restricted – not shared even among E-ISAC officials.
If the information is designated as TLP amber, it can’t go outside the E-ISAC’s walls. If it’s TLP green, the E-ISAC can share the information with others who it believes have a reason to have this information. TLP white means the information is public.
The E-ISAC takes this system “extremely seriously,” said Lawrence, adding that the E-ISAC works hard to build trust with information providers while protecting their identities. The E-ISAC, he noted, also readily accepts information that is shared anonymously.
Industry ‘has done a good job of defending itself’
Despite the proliferation of potential threats, “we are not one click away from the whole grid going dark,” Lawrence said.
“Once you start looking at taking down a major utility, then the next one,” and then the one after that, “it rapidly becomes a very challenging problem,” he explained, adding that this is due, in part, to the reliability standards set by NERC.
Asked about the possibility of an electromagnetic pulse attack (EMP), he noted that the Department of Defense is capable of doing something about such a scenario, and said several utilities are stockpiling large transformers in EMP-shielded facilities.
“We consider all threats,’ he said. “As scary as it looks out there, I think the industry has done a very good job of defending itself.”
Asked about the issue of trust, he said, “I’ve seen a shift in the willingness to trust us.”
Lawrence pointed out that the E-ISAC, though housed at NERC’s headquarters, is physically separate from the rest of NERC.
“We also have a code of conduct that prevents us from sharing any of our analysis,’ he said. No identifying information about a utility can be shared with anyone doing work on enforcement of NERC’s reliability standards. The text of the code of conduct can be found at www.nerc.com.
A new portal, a growing staff
Lawrence pointed out that the E-ISAC introduced a new, upgraded portal in December, and said, “we’re trying to build up stakeholder use of the portal.” He also noted that the E-ISAC staff is expanding: it stands at 25 now and is set to grow to 52 in the next five years.
The portal is a secured site that is open to owners and operators of electric utility assets in the U.S., Canada and parts of Mexico. Although the E-ISAC is part of NERC, all utilities can sign up for notifications from E-ISAC – they do not have to be registered with NERC.
Those in the electric industry who have not yet signed up for an account via the E-ISAC portal can do so by going to the E-ISAC’s website or by sending an email to firstname.lastname@example.org. Current users of the portal, as well as those who would like to join, are encouraged to provide feedback and/or seek technical support by contacting the E-ISAC at email@example.com or (404) 446-9780.
The American Public Power Association has encouraged its member utilities to sign up for the E-ISAC's portal to get alerts and resources to monitor and manage cyber threats.
Daily Energy Insider: NERC Electricity Information Sharing and Analysis Center Launches New Industry Engagement Program
February 9, 2018
By Kevin Randolph
The North American Electric Reliability Corporation (NERC) Electricity Information Sharing and Analysis Center (E-ISAC) recently launched a new program to increase engagement within the industry and enhance the exchange of information on potential threats to the bulk power system.
The new initiative, called the Industry Augmentation Program, aims to increase awareness of E-ISAC cyber and physical security analysis processes, increase the amount of feedback E-ISAC receives on tools and communications protocols, and strengthen utility programs and staff expertise.
“Face-to-face collaboration by the E-ISAC and the industry on how they view and manage risks to grid security is a great opportunity for all participants,” Bill Lawrence, director of the E-ISAC, said. “The Industry Augmentation Program is designed to enhance member relationships that are vital to ensuring the trust needed to foster a successful approach to grid security across North America.”
NERC a pilot phase of the program under an ongoing partnership with the Large Public Power Council and its member utilities. The program’s first participants were cybersecurity experts from the New York Power Authority (NYPA) and Salt River Project (SRP) in January. During a weeklong exchange, the E-ISAC, NYPA, and SRP shared how each organization collects, analyzes and shares information for possible threat vectors.
The E-ISAC plans to complete the pilot phase of the program by early May and then open the program to all members.
February 7, 2018
By Blake Sobczak
A 20-year-old grid security program is getting a makeover to put murky cyberthreats into focus.
For it to succeed, the Electricity Information Sharing and Analysis Center (E-ISAC) is counting on the trust — and data — of power utilities at the front lines of the grid's cyberdefense.
The goal is to become "a necessary piece of any electric industry security program, both in cyber and physical," said Bill Lawrence, senior director of the E-ISAC at the North American Electric Reliability Corp., an industry-led group that manages electric reliability for the bulk power system in North America.
Kenneth Carnes, vice president and chief information security officer at the New York Power Authority (NYPA), said he's on board and expects an "open dialogue" with the new center.
"The best way for us to be prepared is not looking just within our scope of view with our blinders on; it's looking at what's happening in the threat space as a whole," he said.
The new pilot project with the U.S. public power industry is partly aimed at quelling those fears.
"I personally don't have any trust issues," said Michael Fish, senior director for enterprise cybersecurity at the Salt River Project, one of Arizona's biggest utilities. "But I would say that one of the benefits of having this program is to understand how the E-ISAC was actually set up. The more that people understand the separation [with NERC enforcement], I think they'll be more comfortable with information sharing."
Inside Cybersecurity: Electric Sector Takes On Effort To Bolster Cyber Info-Sharing Across Industries
February 6, 2018
By Joshua Higgins
The Electric Sector Coordinating Council has embarked on a multifaceted effort to promote sharing of cyber threat information, collaborating with the North American Electric Reliability Corporation to bolster info-sharing both across industries and within the electricity sector.
“We’re trying to tie all these things together,” Kenneth Carnes, chief information security officer at the New York Power Authority, said in an interview Monday with Inside Cybersecurity.
The work on cross-sector collaboration on information sharing comes amid efforts to improve info-sharing within the sector as well.
Carnes said that a new “pilot” project by the Electric Information Sharing and Analysis Center -- which is housed at NERC -- and the Large Public Power Council will help improve sharing within the sector as entities are “just not as open as they could be” when it comes to info-sharing on cyber vulnerabilities.
“There’s been a bit of reluctance for people to share what they’re seeing in their environments,” Carnes said, adding that the sector already has a strong base level of sharing and cooperative relationships.
Read the full article to learn how the E-ISAC’s new initiative will help improve the cyber and physical security services for the electric industry.
Inside Cybersecurity: Electric Sector Info-Sharing Initiative Aims To Refine Cyber Threat Analysis
February 2, 2018
By Joshua Higgins
A new partnership and “cyber grid pilot program” between the Large Public Power Council and the electric sector’s Information Sharing and Analysis Center will help refine the quality and use of cyber threat information, according to electric sector representatives.
The LPPC and E-ISAC -- which is managed by the North American Electric Reliability Corporation -- last week launched a pilot program on cyber threat information sharing, “in an effort to build competency and preparedness within the public power sector, and to encourage more engagement and information sharing between government and industry,” according to electric sector sources.
Michael Fish, senior director of enterprise cybersecurity at the Salt River Project, one of the public power entities participating in the program, told Inside Cybersecurity that the pilot will help the E-ISAC collect details on how cyber threat information is used across the electric sector in order to make improvements to info-sharing processes and make data more actionable to grid operators.
Read the full article to learn how this new initiative will help increase public-private trust and collaboration on sharing cyber threats.
January 17, 2018
By John Di Stasio and Jonathan Schneider
With its order on January 8, 2018, the Federal Energy Regulatory Commission quieted the firestorm sparked by the Notice of Proposed Rulemaking initiated by the Department of Energy in Docket No. RM18-1. We believe that FERC got it exactly right. The Commissioners were right in concluding that the NOPR presumed a remedy for a problem that had yet to be fully defined, and right to terminate the NOPR, given the time frame imposed by DOE.
The DOE NOPR attempted to address a complex and only vaguely-defined challenge by promoting a narrow set of resources. There is, we believe, a legitimate concern regarding grid resilience in the face of the nation’s changing generation resource mix. But there are many potential measures that would enhance resilience, and FERC was right to focus first on defining the issue on a regional basis, and only then to move toward solutions.
FERC’s approach reflects the position taken by the Large Public Power Council (LPPC) in comments we filed with FERC on the NOPR. We were heartened by the Commission’s consensus in the matter.
LPPC comprises twenty-six of the nation’s largest municipal electric utilities committed to achieving the optimal balance of reliability, affordability and environmental stewardship. LPPC members operate in thirteen states and all regions of the country other than the upper-Midwest. They focus on regional or local solutions with a full appreciation of fuel and resource availability, and local governance preferences regarding economic development and the environment, and strongly support the regional approach taken in FERC’s approach.
What’s Next at FERC?
Without presuming a remedy, FERC directed RTOs/ISOs within sixty days to address a series of questions, with these aims: (1) to develop a common understanding among the Commission, industry, and others of what resilience of the bulk power system means and requires; (2) to understand how each RTO and ISO assesses resilience in its geographic footprint; and (3) to use this information to evaluate whether additional Commission action regarding resilience is appropriate at this time. This is all for the good.
Helping focus the coming discussion, FERC appropriately took the further step of offering a broad definition of resilience, following the lead of the National Infrastructure Advisory Council: “The ability to withstand and reduce the magnitude and/or duration of disruptive events, which includes the capability to anticipate, absorb, adapt to, and/or rapidly recover from such an event.” FERC invites initial comments on this proposal from the RTOs/ISOs, and responsive comments from interested parties.
This broad definition makes sense. But it also leaves room for debate on a variety of important topics, including the nature and magnitude of the risks against which the grid can reasonably guard and from which plans can be made to recover; the criteria against which resilience of the grid can be measured; and the list of system and resource attributes useful in contributing to a more resilient grid.
From a national perspective, it’s fair to say that the nation’s changing generation mix poses a challenge with respect to the provision of essential reliability services. And while FERC was right in concluding the problem is not imminent, the statistics show that it’s not insignificant either. This was pretty clearly established by NERC’s May 2017 Reliability Assessment and the DOE Staff Report of August 2017, upon which the DOE NOPR relied, making the point that the retirements of large centrally-located facilities pose a challenge to the grid.
But the NERC and DOE studies also make it clear that the situation is very different in different parts of the nation. These substantially different circumstances reflect, among other things: varied generation portfolios around the nation, including substantial difference in the prevalence of intermittent resources; differences in the availability of transmission, firm natural gas transportation and fuel resource options; and varied projections of the availability of fuel-secure generating stations.
For all of these reasons, FERC’s regional focus is appropriate. The focus is also consistent with the experience of LPPC’s varied membership, operating in some states with an abundance of hydro-electric or renewable resources, and some with an abundance of coal or natural gas. These fuel and resource realities drive investment, portfolio designs and ultimately, the aforementioned balance. Likewise, resilience is a regional matter, since the risks from varied weather conditions, infrastructure, supply flexibility and geography all contribute to very different options to address resilience.
The upcoming discussion will no doubt include a debate over the appropriate roles exercised by FERC, state and municipal authorities, and NERC. As to FERC, while there may be an academic question regarding the scope of its authority, it seems pretty clear as a practical matter that the Commission must consider the implications for grid resilience of its rate and regulatory decisions. The Federal Power Act calls for FERC to ensure that transmission and wholesale sales rates are just and reasonable, and while the scope of FERC’s authority to regulate practices affecting such rates is not unlimited, the direct effect that economic regulation has on the reliability and resilience of the grid seems pretty well within FERC’s wheelhouse.
That said, state and municipal authorities also have an important role to play. FERC does not have authority over generation siting, and states that have not unbundled generation, or moved to retail access, maintain authority over generation resource adequacy. Even where FERC’s authority is clearest (unbundled states), it is appropriate and wise for FERC to defer to state and locally-based resource choices, as we discuss below. State-based Renewable Portfolio Standards, and other incentives offered to certain generating resources, though under attack in certain quarters, also reflect legitimate state and local choices to which FERC should defer as it reviews individual RTO/ISO responses to the inquiries framed in the new docket.
The Commission has a history of working hand-in-hand with state and municipal authorities when the jurisdictional line cannot be so clearly drawn, and we believe its decision-making is most durable when it does so. The approach taken in Order No. 1000 is very much on point. There, the Commission recognized that transmission planning subject to its oversight must reflect state and local policy choices regarding the nature and location of generating resources.
What role NERC should play in all of this is a little less clear. The Commission notes that most commenters on the NOPR distinguished between reliability and resilience. Under section 215 of the Federal Power Act, NERC’s authority extends only to the former. NERC may have a role here, but we urge both NERC and FERC to proceed carefully. Mandatory standards in this area can become quite expensive very quickly, especially without a consensus regarding resilience metrics.
What Should FERC Do?
Based on DOE Staff’s and NERC’s 2017 Assessments reflecting medium to long-term resource issues that should be addressed, it’s safe to assume that FERC’s inquiry will not soon be at an end. In the coming discussion, we hope FERC will be open to suggestions for restructuring capacity markets (remuneration for fixed cost investment in generation) with an eye to ensuring: (1) that they elicit needed investment; and (2) that they provide room for state and local governments to accomplish legitimate policy objectives.
Over the past several years, FERC has been criticized (and as recently as the December 2017 General Accounting Office Report on Electricity Markets), for sending money to the generation sector without being sure that it elicited needed investment. In regions where states have had utilities divest generation and moved to a retail access environment, we don’t doubt that finding a way to assure fixed cost recovery and secure new investment in generation is important.
But the efficacy of existing capacity markets is not clear. Shorter-term (one to three-year) capacity markets may provide an additional revenue source for existing generators, but they appear not to drive new investment decisions, nor investment in infrastructure (long-term firm pipeline transportation capacity for natural gas supplies comes to mind). And to the extent these markets exclude capacity that is self-supplied and funded, a valuable source of long-term investment is discouraged.
Where regional analyses show legitimate concern regarding the adequacy of resources needed to support grid resilience, it will benefit FERC and the industry to be specific regarding the resilience attributes that are in short supply, and to develop pricing mechanisms (markets or sub-markets) geared to eliciting the generation-related resilience attributes. In comments on the DOE NOPR, EPRI provided a useful, if broadly framed, template for how this might work. EPRI identified these broad components of resilience: resilience – adequacy, resilience – operating reliability, and resilience – recovery.
As to each of these components, EPRI suggests the development of supply resilience metrics reflecting desired performance characteristics. Where it is determined that specific resilience attributes are not being met or adequately incentivized, new market or cost-based mechanisms may be considered.
As the Commission sifts through these available tools, we strongly urge it to provide room for state-supported resource choices and incentives that it can build upon, rather than curtail, as some have advocated. In an environment in which the federal government has substantially backed away from environmental regulation, and certainly any form of carbon control, the importance of state-supported resources looms particularly large for many states. There is no good reason to shut these programs down.
The authority over generating resources is clearly a shared responsibility. While FERC’s authority over wholesale markets is clear, it lacks any authority over generation siting, and it has no role in the development of legitimate state-based policy choices that drive many investment decisions.
DOE reports that twenty-nine states have adopted Renewable Portfolio Standards, and a number of regions have adopted carbon control and trading measures, as part of which the provision of renewable energy credits and zero emission credits, such as those adopted in New York and Illinois.
In adopting these policies, state policymakers are responding to the interests of their electorate and, in many cases, furthering other state objectives regarding economic development or the environment. LPPC has supported local and regional autonomy on resource decisions on the basis that resource mandates and incentives often create economic distortion and undermine the benefits of a well-constructed resource portfolio. There is nonetheless clearly a role for the federal government to support emerging technologies though research and development work helping to commercialize new and promising technologies.
To date, state-based programs have withstood legal challenges, rested on the arguments that federal law – the Federal Power Act – and the United States Constitution call for preemption and invalidation.
See, for example, Allco Finance Ltd. v. Klee, 861 F.3d 82, 2nd Cir. 2017, upholding Connecticut’s RPS; Coalition for Competitive Electricity, et al. v. Zibelman, 2017 WL 3172866, S.D.N.Y. 2017, upholding New York’s ZEC; and Coalition for Competitive Electricity, et al. v. Zibelman, 2017 WL 3172866, S.D.N.Y. 2017, upholding Illinois’ ZEC program.
Nonetheless, challenges are being advanced at FERC asking the Commission to act affirmatively to offset the impact of any state-based support for specific generating resources. We urge FERC to reject these challenges, except in cases where state-based programs are expressly designed to alter wholesale market prices.
This distinction is supported by the Supreme Court’s recent decision in Hughes v. Talen Energy Marketing, 136 S.Ct. 1288 (2016). There, the Court invalidated a state-based program “tethered” to generation participation in the FERC regulated wholesale market, and designed to drive prices down. But the Court specifically stated that it was not acting to invalidate other measures states “might employ to encourage development of new or clean generation, including tax incentives, land grants, direct subsidies and construction of state-owned generation facilities.” This approach is consistent with cooperative federalism and need not conflict with FERC’s oversight of wholesale markets.
FERC’s unanimous approach to the DOE NOPR builds upon a history of bipartisan decision-making. This is an excellent precedent for the newly-formed Commission. There are clearly challenges ahead, but we believe the Commission will be well-guided by shouldering its responsibility to ensure that markets support a resilient and reliable grid, while accommodating state-based policy and regional differences and other markets that exist outside of their full authority.
The diversity of the national electric sector is a source of strength, since it provides competitive benchmarks that would be lost in a one-size-fits-all market structure. It also reduces reliability risks as a result of regional infrastructure, fuel and connectivity differences.
We look forward to participating in this important conversation going forward and commend FERC for creating a forum for careful consideration of the input to be provided by market operators and the industry as a whole. Any resulting actions can only benefit from a thorough investigation and understanding of the problem.
November 9, 2017
By Timothy J. Burke, Paul McElroy, Arlen Orchard, Phil Wilson
There is a reason it has been over 30 years since Congress last reformed the federal tax code; tax reform is complicated and its outcome touches every American. Congress is currently undertaking this monumental task to reduce tax rates, simplify the tax code, and create a fairer system.
We applaud House Ways and Means Committee Chairman Kevin Brady (R-Texas) for introducing legislation that would preserve the current law treatment of tax-exempt municipal bonds – a provision that has stood the test of time for over 100 years and has significant ramifications for public power.
However, more work needs to be done. We are very disappointed about the decision to eliminate advance refunding for tax-exempt bonds for the public power sector and other state and local governments. Doing so would increase costs for customers and disrupt the industry’s flexibility regarding long-term financing.
The tax-exempt bond market has financed trillions of dollars of investment in vital public infrastructure like schools, hospitals, roads, and energy infrastructure, and has saved taxpayers hundreds of billions of dollars in interest costs. Efforts to reduce tax exemption on municipal bonds would adversely impact public power and the millions of customers we serve nationwide. This is particularly significant for members of the Large Public Power Council (LPPC), which represents the 26 largest not-for-profit, consumer-owned utilities in the United States.
Public power systems have limited means to raise funds for our communities’ capital needs. Our primary means to raise capital is the issuance of tax-exempt bonds, which carry lower interest rates that reduce the cost of building our country’s public power infrastructure. They are our single most important financing tool. Each year, on average, public power utilities make $15 billion in new investments financed with municipal bonds. LPPC’s 26 members alone expect to issue $14 billion in tax-exempt municipal bonds over the next five years to ensure reliability and modernize the electric grid.
Municipal bonds are used to finance investments in power generation (including through natural gas, renewable and alternative fuels), transmission, distribution, reliability, demand control, efficiency, and emissions controls. While the typical power-related bond issue is relatively small, electric generation and transmission projects often cost hundreds of millions or even billions of dollars and can have up to a 50-year operational life. For example, in Nebraska, the R-Project (a $365 million, 225-mile-long 345kV transmission line) will improve the reliability of the transmission grid in the central United States.
Because of the length of these bonds, the industry relies on advance refunding as an important tool to enable communities to lower their borrowing costs when market conditions warrant and keep electric rates low as a result. Restricting advance refunding would significantly limit the flexibility of municipal bond issuers. As a result, issuers would be required to pay a higher interest rate on their debt and would be unable to take advantage of lower interest rates. Higher interest rates would lead to higher costs for our customers.
We urge Chairman Brady to reconsider his decision to repeal advance refunding of municipal bonds. Just like homeowners who refinance their 30-year mortgages, public power utilities use advance refunding to secure better interest rates to keep costs in check.
Another point worth clarifying about tax-exempt bonds is that the burden of taxing municipal bonds is borne by states, local governments and public power systems – not high-income investors. Limiting the exclusion of state and local bonds would not address the fairness issue despite arguments that doing so would limit the tax benefit for rich Americans. Instead it would mean a reduction in infrastructure investments and a price increase for public power customers – such as small business owners and low- and fixed-income households.
According to the American Public Power Association, a $250 million power plant would cost $80 million more to finance if tax-exempt bonds were repealed; $40 million more if the tax exemption were “capped”; and $30 million more if municipal bonds were replaced with direct payment bonds.
In the coming decades, public power will require significant capital to meet customer and load growth needs. Replacing retiring generation, meeting cyber security needs, integrating new renewables, and modernizing the electric grid to meet changing demands will require new infrastructure investment to ensure service reliability. We know from experience that lower borrowing costs for bond-financed projects allow for greater investments, reduce rates for residents, help create jobs, and spur innovation and economic growth. Tax-exempt financing works, and advance refunding is a necessary provision to improve long-term financing while keeping costs down. We hope Congress will take note.
Timothy J. Burke is the CEO of Omaha Public Power District (OPPD); Paul McElroy is the CEO and Managing Director of JEA; Arlen Orchard is the CEO and General Manager of SMUD; and Phil Wilson is the General Manager of Lower Colorado River Authority (LCRA). These utilities are significant public power utilities who rely upon municipal bonds to finance public purpose energy infrastructure. They also represent the geographic diversity of LPPC’s membership.
# # #
October 31, 2017
By Andrew Cohen
John Di Stasio, president of the Large Public Power Council, discusses some of the major issues impacting publicly run electrical utilities including renewable energy, protecting grids against security threats and challenges financing infrastructure improvements. Hosted by Andrew Coen.
October 22, 2017
By Rich Heidorn Jr.
WASHINGTON — Panelists at the Energy Bar Association’s Mid-Year Energy Forum last week heard two very different views of the health of wholesale markets.
Pacific Power CEO Stefan Bird was effusive in his praise of the Western Energy Imbalance Market (EIM), which saved parent company PacifiCorp almost $9 million in the second quarter of 2017. But Dynegy CEO Robert Flexon complained that CAISO and NYISO had become increasingly inhospitable to merchant generators because of state policies favoring renewables and nuclear generation, respectively.
“For us, the markets are [in an] incredibly fragile situation. California is a disaster. There isn’t any competitive power company out there who wants to put a nickel into California,” he said.
Flexon also bemoaned MISO Zone 4 in Southern Illinois, where he said competitive units face unfair competition from rate-based generation. The state also has approved zero-emission credits for nuclear plants, leading to fears in PJM — whose footprint includes Northern Illinois — that such subsidies will be contagious.
“PJM is doing everything they can to try to keep their market together. They’re very proactive,” Flexon said. “They’re trying to fix price formation and the like. [Having] half our megawatts in PJM, I feel good about that.” (See related story, PJM: Energy Price Formation Addresses DOE NOPR.)
Bird said his company’s experience with the EIM has been an unquestioned success.
Moderator Christopher R. Jones, a partner with Troutman Sanders, had set off the discussion by asking Bird if the markets are “healthy.”
“Are they enabling what our customers want? Are they enabling [a] low-cost, affordable, reliable future? I think the answer is resoundingly ‘yes,’” said Bird, whose company has 740,000 customers in Oregon, Washington and California.
“We’ve really had unprecedented opportunities to move that dial on a very accelerated pace and lower costs as well as reduce emissions.”
He said the EIM’s economic dispatch and its ability to move renewable power to load centers enabled PacifiCorp to announce in June a $3.5 billion investment in renewables and transmission in Wyoming, Utah and Idaho “at very little to no costs for our customers and savings over the long term.” (See PacifiCorp IRP Sees More Renewables, Less Coal.)
John DiStasio, president of the Large Public Power Council, said his members don’t have a single view of the market. His organization, which represents the 26 largest members of American Public Power Association, has members in NYISO, SPP and ERCOT.
“Those members that view that there’s economic benefits for them are participating in markets, and those who don’t see that don’t [participate],” DiStasio said.
He said RTOs have gone through “identity crises.”
“When we started up with CAISO, it was really a traditional RTO. And at some point, state policy started to drive how they looked at supporting environmental policy as well. There’s been hit and miss on how that’s been priced. There’s been hit and miss on how you get the right incentives for capacity in some of the markets.” DiStasio said California’s dominance of CAISO has been a barrier to greater market expansion in the West.
“Having said that … moving energy over wider regions I think is going to have a certain inevitability to it where we’ll have more and more people operating in markets — even if it’s just at the EIM level.
“From a Western perspective, I was appreciative that FERC didn’t try to push the Energy Imbalance Market. Actually, it would have fallen apart had that happened given the history of the [2000-2001] energy crisis, the [1980 Pacific Northwest Electric Power Planning and Conservation Act], given what happened in the Northwest during the energy crisis. I think FERC trying to assert more control at that time actually would have had a negative effect. Now, the market dynamics seem to have emerged organically enough that you have people that are voluntarily creating critical mass.
“I think this is really going to be a delicate balance going forward with how much does FERC push on state policy, and I think they may have to rethink the whole paradigm at some point. Because it is a clearly a hybrid and we’re kind of stuck … in no man’s land.”
When the discussion turned to Energy Secretary Rick Perry’s call for price supports for coal and nuclear plants, Flexon also called for FERC action.
“FERC has been missing while all the mischief has been happening,” he said, referring to the agency’s six months without a quorum. “They need to get back in the game and protect the markets they created.”
Energy Company CEOs Criticize Grid Resiliency Proposal
October 16, 2017
By Rebecca Kern
The Energy Department's proposal aimed at propping up coal and nuclear plants in certain wholesale energy markets is “an answer is search of a question,” John Di Stasio, president of the Large Public Power Council, said, joining a broad array of opposition.
“I have concerns about it,” Di Stasio, who oversees an organization that represents 26 of the country's largest public power producers, said at the Oct. 16 Energy Bar Association's Mid-Year Energy Forum in Washington. He was one of a panel of three CEOs at the meeting, all of whom criticized the rule. It already has drawn criticism from renewables, oil and natural gas groups, as well as conservative free-market think tanks, consumer advocacy groups and environmental organizations.
[Subscription based publication]
# # #