Energy Policy Update: FERC inquiry re virtualization cloud computing

Tuesday, February 25, 2020

U.S. utility regulators have asked for public comment on the potential benefits and risks associated with the use of virtualization and cloud computing services in the operation of the nation’s bulk electric system.

On February 20, 2020, the Federal Energy Regulatory Commission issued a Notice of Inquiry asking whether the Commission’s Critical Infrastructure Protection (CIP) Reliability Standards allow for deployment of virtualization and cloud computing services and balance the innovations with security requirements.

As described by the Commission, "Virtualization is the process of creating virtual versions of computer hardware to minimize the amount of physical computer hardware resources needed to perform various functions. It is considered necessary if the functions of grid cyber systems are to be moved to a cloud computing environment. While some entities might use the cloud simply for data storage, others may rely on virtualization and cloud storage in tandem to operate systems that control one or more core functions of the power grid."

In the Notice of Inquiry, the Commission asked questions regarding four broad topics: where virtualization or cloud computing could be used in connection with the bulk electric system; benefits and risks associated with virtualization or cloud computing; barriers within the CIP reliability standards that block their implementation; and potential new and emerging technologies that regulated entities might adopt.

The Commission docketed the inquiry proceeding as RM20-8-000. Comments are due 60 days after publication of the NOI in the Federal Register.

In a related proceeding, the Commission issued an order directing electric reliability organization NERC to make an informational filing describing work on two draft CIP standards addressing virtualization and cloud computing, labeled by NERC as Project 2016-02 (Modifications to CIP Standards) and Project 2019-02 (BES Cyber System Information Access Management). NERC's initial filing in Docket RD20-2-000 is due within 30 days, to be followed by quarterly updates.

About this blog

A blog about energy resources, energy policy, and their effects on society and the environment. From fossil fuels to renewable energy, electricity to natural gas and oil, traditional technologies to innovations, this blog presents a look at the past, present, and future of energy.

This blog site is published by and reflects the personal views of Todd Griset, in his individual capacity. It does not necessarily represent the views of his law firm or clients, and is not sponsored or endorsed by them. The purpose of this blog site is to assist in dissemination of information about energy policy and related issues, but no representation is made about the accuracy of the information. The information contained in this blog site is provided only as general information for education purposes, and blog topics may or may not be updated subsequent to their initial posting.

By using this blog site you understand that this information is not provided in the course of an attorney-client relationship and is not intended to constitute legal advice. This blog site should not be used as a substitute for competent legal advice from a licensed attorney in your state. This blog site is not intended to be advertising and Todd Griset does not wish to represent anyone desiring representation based upon viewing this blog site in a state where this blog site fails to comply with all laws and ethical rules of that state.

FERC inquiry re virtualization cloud computing

Tuesday, February 25, 2020

No comments:

Post a Comment