August 13, 2018
UTC, Utilities Reiterate Support for Access to 4.9 GHz Band
UTC and three influential Washington organizations reiterated their support for expanded access in the 4.9 GHz spectrum band to utilities and other critical infrastructure industries (CII).
In reply comments filed last week with the Federal Communications Commission (FCC, the Commission), UTC, the Edison Electric Institute, the National Rural Electric Cooperative Association, and the GridWise Alliance noted that the record in the proceeding “overwhelmingly support[s]” granting access to the 4.9 GHz band to utilities and other CII.
In fact, the utility groups highlighted, most opposition to expanding access to the band was directed at commercial entities, not utilities. The concept is supported by most public-safety organizations who filed in the proceeding, the groups said, as the proposal falls in line with a plan submitted several years ago by the National Public Safety Telecommunications Council (NPSTC).
At issue is the FCC’s long-running proceeding into making more efficient use of the 4.9 GHz band. Currently the band is reserved for public-safety entities, though government studies show that the band is not widely used. The FCC initiated a sixth further notice of proposed rulemaking into expanding access to the band in late March, and UTC and the utility groups filed initial comments in early July (Industry Intelligence, July 16, 2018).
While some public safety entities depart the details of the recommendations for CII access to the band in the NPSTC Band Plan, no public safety entities oppose expanding eligibility to include CII,” the utility groups wrote. “By contrast, all public safety entities oppose expanding eligibility to include commercial entities and/or leasing the band for commercial services.”
Importantly, “utilities and public safety often work side-by-side during emergency situations and, in some cases, utilities must turn off power or gas before public safety can work near downed power lines or enter a burning building,” the groups said.
Although access to the 4.9 GHz band is important, the groups reiterated that such access should not be considered a trade-off or replacement for the 6 GHz band, where utilities already house mission-critical communications systems.
“The risk of interference to these mission critical communications systems is simply too great, and the interference mitigation approaches that have been proposed on the record do not adequately support expanding the use of the 6 GHz band for unlicensed operations,” the groups said. “As such, UTC, EEI, NRECA, and GridWise continue to urge the Commission to refrain from expanding the 6 GHz band for unlicensed operations, notwithstanding the outcome of the Commission’s decision in this proceeding to provide utilities and other CII with access to the 4.9 GHz band.”
UTC will continue its advocacy on this issue. Please contact the UTC Public Policy Team with any questions.
UTC’s Lockhart Keynotes Burns & McDonnell Cybersecurity Symposium
UTC Vice President of Cybersecurity, Technology, and Research Bob Lockhart presented the keynote address at the recent Burns & McDonnell Critical Infrastructure Security Compliance Symposium in Toronto.
Titled “Lessons Learned in Deploying Compliance and Evolving Security Solutions,” Mr. Lockhart discussed a compilation of lessons learned by UTC member utilities, mainly in complying with the North American Electric Reliability Corporation’s (NERC) Critical Infrastructure Protection (CIP) reliability standards. Some of the highlights, based upon UTC members’ experiences were:
- CIP Compliance requires a converged IT and OT approach – cross-organization collaboration is critical.
- Top-down commitment to compliance activities – starting a C-Levels – is key.
- NERC CIP compliance activities should be unified: one change management committee, one set of compliance evidence for an entire utility.
- Technical challenges remain: Access control lists (ACLs) for machine-to-machine communication are critical and unforgiving.
- Communications through demilitarized zones (DMZs) must be carefully managed, to enable all required communications, but nothing else
- Patching cyber assets remains a challenge and approaches that work in IT may not work in OT.
- Staffing compliance teams can be difficult, especially with high-demand SMEs such as licensed engineers, who may not view compliance work as desirable.
- The foundation of a successful compliance program is lots of advanced planning and including security in the enterprise architecture.
Audit issues are always top-of-mind during compliance projects, Mr. Lockhart said. Utilities reported success in testing ideas and approaches with auditors long before an audit, even if the regional entities (REs) might be slow in rendering a verdict on any particular approach. Utilities continue to experience inconsistent audit approaches from one RE to another, he added
Several auditors had produced rather surprising comments, he said, perhaps none more so that the ruling on a physical break-in to a control room. One auditor ruled that a break-in constitutes two NERC CIP violations because the utility has allowed an unauthorized access (violates CIP-004-6) and because the utility has failed to escort its “visitor” through the duration of the visit (CIP-006-6).
Other topics covered at the event included effective organizational approaches to cybersecurity, integration of renewable generation, compliance management, physical security, transactive energy, and a survey of current threats. The sessions included much wisdom on preparing for and surviving a CIP audit.
For more information contact Bob Lockhart.
Industry Intelligence Gets a Facelift
Coming next month—a refreshed look for Industry Intelligence!
Starting on Sept. 10, Industry Intelligence will have a new look and feel. It will also be available and accessible online, with an archive to past issues.
[Editor’s Note: Due to the Labor Day Holiday, Industry Intelligence will not publish the week of Sept. 3. We will resume publishing on Sept. 10.]
The new look and feel will make Industry Intelligence easier to read and navigate. This will improve its mission of informing UTC members of the latest policy developments in Washington and elsewhere that impact your mission-critical work.
Please let us know what you think! When we rollout our refreshed look, we will want your feedback.
Thank you for your hard work for our association.
Please contact us if you have any questions.
New to UTC? Long-time member and want to get more involved? Consider joining one of UTC’s interactive and engaging committees!
In the coming weeks, Industry Intelligence will highlight one committee a month as a part of the refresh of this publication (see story this issue). We will also publish a list each week of all the UTC committees along with contact information if you are interested in joining.
Participation in one or more of UTC’s committees will give you situational awareness on activities in Washington and elsewhere that impact your job. You will also learn from your colleagues and other experts on the top issues and challenges utilities face as they build upon and expand their Information and Communications Technology (ICT) networks.
All UTC core members are eligible to join any committee! The list below includes just the names and contact info for each committee; visit the UTC Website for more information!
IT/OT Committee–Staff Liaison, Bob Lockhart
Knowledge and Learning Division–Staff Liaison, Bobbi Harris
Membership Division– Staff Liaison, Tiffany Bennett
Public Policy Division–Staff Liaison, Sharla Artz
Regional Committee–Staff Liaison, Karnel Thomas
Security, Risk and Compliance Committee–Staff Liaison, Sharla Artz
Technical Committee–Staff Liaison, Bob Lockhart
Telecom Committee–Staff Liaison, Brett Kilbourne
UtiliSite Committee–Staff Liaison, Bobbi Harris
Utilities Broadband Committee–Staff Liaison, Brett Kilbourne
A snapshot of upcoming UTC webinars, events, and conference calls
- Aug. 16: UTC Public Power Division; Contact Sharla Artz for more information
- Aug. 17: Joint Security, Risk & Compliance Committee, IT/OT Committee Webinar; Contact Sharla Artz for more information
- Aug. 21: UTC Webinar—How Utilities Can Enable Rural Broadband; Register here!
- Sept. 26-28: EUTC Annual Conference, Malmo, Sweden; Registration Open Now!
- Regional Meetings! Click here for a list of the fall regional meetings!