Applied Knowledge

Lessons Learned from Power Grid Preparedness Drill

March 13th, 2014 · 9:42 am @   -  No Comments

An after-actions report from GridEx II was released on March 12, 2014.  The North American Electric Reliability Corporation (NERC)  held its second grid security exercise, GridEx II on November 13th and 14th.  That exercise brought together over 2,000 participants from over 234 organizations from groups all across the United States, Canada, and Mexico and was the largest exercise to date for the electricity industry.

The purpose of the event was to help utility companies understand who they needed to communicate with during an attack, and where vulnerabilities lay with regard to physical and cyber security.

The simulated event focused on cyber attacks on the utility network combined with physical attacks, which caused degraded control networks, decreased reliability, and increased public safety risks.  Participants received sequenced email messages with detailed scenarios throughout the exercise.

Highlights and recommendations from report included:

  • Increase information sharing and establish formal and multiple communication pathways for rapid assessment and response both within the organization as well with relevant stakeholders.
  • Enhance NERC coordination using the Electricity Sector Information Sharing Analysis Center (ES-ISAC) conference call capabilities to be able to accommodate all appropriate staff members.  This was highlighted as the existing system didn’t have the capacity to accommodate all participants.
  • Simultaneous attacks (physical and cyber) provide challenges in areas of communication, resource requirements, and recovery.  A specific finding is the need for additional transformers as they require long procurement lead times.
  • Incident response improvement to ensure critical functions continue to operate as well as establish procedures to collect forensic data (both physical and cyber) following an event.

The exercise was found to be very helpful to all participants with learning opportunities for both cyber and physical incident response systems.

GridEx III is scheduled to occur in November, 2015.


New York Times


GridEx II report



Leave a Reply