View all text of Part B [§ 18721 - § 18726]
§ 18724. Enhanced grid security
(a) DefinitionsIn this section:
(1) Electric utility
(2) E-ISAC
(b) Cybersecurity for the energy sector research, development, and demonstration program
(1) In generalThe Secretary, in coordination with the Secretary of Homeland Security and in consultation with, as determined appropriate, other Federal agencies, the energy sector, the States, Indian Tribes, Tribal organizations, territories or freely associated states, and other stakeholders, shall develop and carry out a program—
(A) to develop advanced cybersecurity applications and technologies for the energy sector—
(i) to identify and mitigate vulnerabilities, including—(I) dependencies on other critical infrastructure;(II) impacts from weather and fuel supply;(III) increased dependence on inverter-based technologies; and(IV) vulnerabilities from unpatched hardware and software systems; and
(ii) to advance the security of field devices and third-party control systems, including—(I) systems for generation, transmission, distribution, end use, and market functions;(II) specific electric grid elements including advanced metering, demand response, distribution, generation, and electricity storage;(III) forensic analysis of infected systems;(IV) secure communications; and(V) application of in-line edge security solutions;
(B) to leverage electric grid architecture as a means to assess risks to the energy sector, including by implementing an all-hazards approach to communications infrastructure, control systems architecture, and power systems architecture;
(C) to perform pilot demonstration projects with the energy sector to gain experience with new technologies;
(D) to develop workforce development curricula for energy sector-related cybersecurity; and
(E) to develop improved supply chain concepts for secure design of emerging digital components and power electronics.
(2) Authorization of appropriations
(c) Energy sector operational support for cyberresilience program
(1) In generalThe Secretary may develop and carry out a program—
(A) to enhance and periodically test—
(i) the emergency response capabilities of the Department; and
(ii) the coordination of the Department with other agencies, the National Laboratories, and private industry;
(B) to expand cooperation of the Department with the intelligence community for energy sector-related threat collection and analysis;
(C) to enhance the tools of the Department and E-ISAC for monitoring the status of the energy sector;
(D) to expand industry participation in E-ISAC; and
(E) to provide technical assistance to small electric utilities for purposes of assessing and improving cybermaturity levels and addressing gaps identified in the assessment.
(2) Authorization of appropriations
(d) Modeling and assessing energy infrastructure risk
(1) In generalThe Secretary, in coordination with the Secretary of Homeland Security, shall develop and carry out an advanced energy security program to secure energy networks, including—
(A) electric networks;
(B) natural gas networks; and
(C) oil exploration, transmission, and delivery networks.
(2) Security and resiliency objective
(3) Eligible activitiesIn carrying out the program developed under paragraph (1), the Secretary may—
(A) develop capabilities to identify vulnerabilities and critical components that pose major risks to grid security if destroyed or impaired;
(B) provide modeling at the national level to predict impacts from natural or human-made events;
(C) add physical security to the cybersecurity maturity model;
(D) conduct exercises and assessments to identify and mitigate vulnerabilities to the electric grid, including providing mitigation recommendations;
(E) conduct research on hardening solutions for critical components of the electric grid;
(F) conduct research on mitigation and recovery solutions for critical components of the electric grid; and
(G) provide technical assistance to States and other entities for standards and risk analysis.
(4) Savings provision
(5) Authorization of appropriations
(Pub. L. 117–58, div. D, title I, § 40125, Nov. 15, 2021, 135 Stat. 954.)