The electric grid in Texas, which produces and consumes more electricity than any other state, is one of three largely independent grid interconnections that make up the power system in the contiguous United States. The Texas Interconnection, also known as the ERCOT grid, covers about 75 percent of the state and supplies power to about 90 percent of the state’s electric customers. ERCOT stands for Electric Reliability Council of Texas, a nonprofit organization that regulates the state’s electric grid.
The Legislature is likely to consider proposals on grid security during the 86th regular session this year. Two measures filed this year, HB 400 by Tinderholt and SB 76 by Hall, would create a council to evaluate grid security, including strategies to secure the ERCOT grid against certain threats. Other proposals that were considered but not enacted in previous sessions could also re-emerge.
Previous proposals. During previous legislative sessions, lawmakers proposed creating committees to study ERCOT grid security, along with associated computer systems and networks, to assess whether further efforts were needed to secure the state’s grid against a potential electromagnetic pulse and other physical and cybersecurity threats. Electromagnetic pulse is a naturally or artificially generated burst of high-intensity electromagnetic energy that could cause major power outages. Other proposals would have required a cost assessment of measures to protect the transmission and distribution system, urged Congress to provide the Department of Homeland Security with funds for the protection of the state’s electric grid, or provided an appropriation from general revenue to the Texas Public Utility Commission, which regulates ERCOT, to pay for certain expenses and investments for grid security, including a security audit.
Some have called for certain state agencies to develop response plans for incidents affecting critical grid infrastructure. A previous measure would have required the state’s Homeland Security Council, in cooperation with the Department of Information Resources, to study cyber incidents affecting state-owned, operated, or controlled critical infrastructure and to develop a model response plan in the event of a cyber incident.
Earlier proposals also would have created a task force of certain Department of Public Safety employees to evaluate emergency planning and responses related to electromagnetic, physical, and cybersecurity threats. The task force would have been required to develop a comprehensive threat protection and recovery plan for critical energy infrastructure and vital utility facilities. Transmission and distribution utilities, owners of power generation facilities, and electric cooperatives, river authorities, and municipally owned utilities operating in the ERCOT power region would have had to assess and report the vulnerabilities of equipment, facilities, and systems to high-altitude electromagnetic pulse devices, geomagnetic storms, intentional electromagnetic interference, physical attacks, and cyber attacks.
Supporters of previously proposed legislation say states should be proactive about grid security, especially in Texas, where most of the state is on its own grid. They say the Legislature should enhance oversight of the state’s electric industry and determine the best ways to harden the ERCOT grid against potential threats. The U.S. grid is increasingly interconnected, which may increase vulnerability to cyber attacks and other threats. With documented intrusions into the grid’s control systems and concerns about reported threats to critical infrastructure, some experts warn that the U.S. power sector is underprepared. Supporters say current efforts to address grid security lack transparency and that further analysis would help both the electric industry and the Legislature make more informed decisions about long-term investment.
Although legislative action may have a cost for the state, supporters say, an underprepared electric industry may be a bigger cost. A major disruption to electric service could leave millions without power and harm the state economy. If security deficiencies in the ERCOT grid were found, the Legislature could determine whether upgrades would be funded with general revenue, through a ratepayer cost-recovery mechanism, or both. Supporters of legislative action say it would not be intended to prevent a utility from taking independent measures to secure the grid.
Critics of legislative action on grid security say securing the ERCOT grid is an industry-specific and technological issue, not a legislative one. They say technology moves so fast that prescriptive measures in legislation likely would be outdated quickly. The industry already has mandatory, enforceable security standards set by the North American Electric Reliability Corporation (NERC). Critics say electric companies in Texas are performing several security audits a year, participating in a biennial grid security exercise, and collaborating on studies to understand and mitigate the impacts of geomagnetic disturbances and other potential threats.
Critics also say some proposals could be costly to the state and that these costs could be passed down to customers through higher state government spending or personal electricity costs. Any proposals that could increase costs to consumers should ensure that the PUC and study committees justify costs to the Legislature, they say. Still others say such legislative action is unnecessary as the industry is already prepared for threats, and the likelihood of the most disruptive event, an electromagnetic pulse, is low.
By MacKenzie Nunez