Download:
pdf |
pdfSupporting Statement
for the
Electric Emergency Incident and Disturbance Report
OE-417
OMB NUMBER 1901-0288
November 2011
Office of Electricity Delivery and Energy Reliability
U.S. Department of Energy
Washington, DC 20585
�Contents
A.1 Legal Justification................................................................................................................................................... 2
A.2 Needs and Uses of Data on the Electric Power Industry ........................................................................................ 3
A.2.1 Overview of Data Uses ........................................................................................................................................ 5
A.2.2 Overview of Data Collection ............................................................................................................................... 6
A.3 Use of Technology and Reduction of Burden......................................................................................................... 8
A.4 Efforts to Reduce Duplication ................................................................................................................................ 8
A.5 Provisions for Reducing Burden on Small Businesses .......................................................................................... 9
A.6 Consequences of Less-Frequent Reporting ........................................................................................................... 9
A.7 Compliance with 5 CFR 1320.5 ............................................................................................................................. 9
A.8 Summary of Consultations Outside the Agency ..................................................................................................... 9
A.9 Payments or Gifts to Respondents ....................................................................................................................... 16
A.10 Provisions for Confidentiality of Information ................................................................................................... 16
A.11 Justification for Sensitive Questions................................................................................................................... 17
A.12 Estimate of Respondent Burden Hours and Cost ............................................................................................... 17
A.13 Annual Reporting and Record Keeping - Cost ................................................................................................... 18
A.14 Annual Cost to the Federal Government ........................................................................................................... 18
A.15 Changes in Burden............................................................................................................................................. 18
A.16 Collection, Tabulation, and Publication Plans ................................................................................................... 18
A.17 OMB Number and Expiration Date ................................................................................................................... 19
A.18 Certification Statement ...................................................................................................................................... 19
COLLECTION OF INFORMATION EMPLOYING STATISTICAL METHODS .................................................. 19
B.1 Respondent Universe ........................................................................................................................................... 19
B.2 Statistical Methodology ....................................................................................................................................... 20
B.3 Methods to Maximize Response Rates ................................................................................................................ 20
B.4 Tests of Procedures .............................................................................................................................................. 20
B.5 Additional Information ........................................................................................................................................ 20
Tables
Table 1. Proposed Electric Power Data Collection by Schedule ................................................................................ 18
Table 2. Publication Plans .......................................................................................................................................... 18
ii
�Supporting Statement for Form OE-417,
Electric Emergency Incident and Disturbance Report
OMB Number 1901-0288
The Department of Energy (DOE) is requesting a three-year approval for the Form OE417, “Electric Emergency Incident and Disturbance Report.” The survey is designed to
collect electric power emergency incidents and disturbances information.
Response to this survey is mandatory and the survey is sponsored by the Office of
Electricity Delivery and Energy Reliability of DOE. The proposed form and instructions
are included in this information collection request.
Since the previous approval in 2008, the form has been changed in the following ways:
The wording for criteria #1, 2, 9, & 10 has been updated to capture the type of
physical and cyber events that would need to be reported. The updated language
would be:
o Criterion #1 - Physical attack that causes major interruptions or impacts to critical
infrastructure facilities or to operations
o Criterion #2 - Cyber event that causes interruptions of electrical system
operations
o Criterion #9 - Physical attack that could potentially impact electric power system
adequacy or reliability; or vandalism which targets components of any security
systems
o Criterion #10 - Cyber event that could potentially impact electric power system
adequacy or reliability
The Final Reporting deadline is be extended from 48 hours to 72 hours.
In Lines 5 and 6, “Date/Time Incident Began” and “Date/Time Incident Ended” Time
Zone check boxes have been added.
In the renumbered Lines 10, 11, and 12 (the numbering has changed due to the
deletion of the old Line 10) the “Type of Emergency,” “Causes of Incident,” and
“Actions Taken” a comments box to provide additional information for each of those
lines has been added. This line is entitled “Additional Information/Comments” and is
an open space in which respondents can give further explanation for each of the
categories specified in Lines 10, 11, and 12. \
In Line 11, “Cause of Incident”, the check box labeled “Actual or Suspected Attack”
is changed to “Actual or Potential Attack/Event” and underneath it “Physical” “ is
changed to “Physical Attack” and “Cyber/Computer/Telecom” is changed to “Cyber
Event”.
In Line 12 “Actions Taken,” an additional checkbox entitled “Mitigation(s)
Implemented” is added.
Line 10 “Internal Organizational Tracking Number” as been deleted.
The information collection proposed in this supporting statement has been reviewed in
light of applicable information quality guidelines. It has been determined that the
information will be collected, maintained, and used in a manner consistent with the
1
�Office of Management and Budget (OMB), DOE, and EIA information quality
guidelines.
A.1 Legal Justification
The authority for the information collection is provided in the following provisions:
15 U.S.C. §772(b), of the Federal Energy Administration Act of 1974 (FEA Act), Public
Law 93-275, outlines the types of individuals subject to the information collection
authority delegated to the [Secretary] and the general parameters of the type of data
which can be required. Section 772(b) states:
“All persons owning or operating facilities or business premises who are engaged
in any phase of energy supply or major energy consumption shall make available
to the [Secretary] such information and periodic reports, records, documents, and
other data relating to the purposes of this Act, including full identification of all
data and projections as to source, time, and methodology of development, as the
[Secretary] may prescribe by regulation or order as necessary or appropriate for
the proper exercise of functions under this Act.”
The functions of the FEA Act are set forth in 15 U.S.C. §764(b), of the FEA Act, which
states that the Administrator shall, to the extent he is authorized by Section 764(a) of the
FEA Act,
“(2) assess the adequacy of energy resources to meet demands in the immediate
and longer range future for all sectors of the economy and for the general
public;...
(9) collect, evaluate, assemble, and analyze energy information on reserves,
production, demand, and related economic data;...
(12) perform such other functions as may be prescribed by law.”
As the authority for invoking Section 764(b) above, 15 U.S.C. §764(a), of the FEA Act in
turn states:
“Subject to the provisions and procedures set forth in this Act, the [Secretary]
shall be responsible for such actions as are taken to assure that adequate provision
is made to meet the energy needs of the Nation. To that end, he shall make such
plans and direct and conduct such programs related to the production,
conservation, use, control, distribution, rationing, and allocation of all forms of
energy as are appropriate in connection with only those authorities or functions:
(1) specifically transferred to or vested in him by or pursuant to this Act;...
(3) otherwise specifically vested in the Administrator by the Congress.”
2
�Additional authority for this information collection is provided by 15 U.S.C. §790a of the
FEA Act, which states that the Administrator:
“...[Shall] establish a National Energy Information System...[which] shall contain
such information as is required to provide a description of and facilitate analysis
of energy supply and consumption...
(b) ...the System shall contain such energy information as is necessary to carry out
the Administration's statistical and forecasting activities..., and such energy
information as is required to define and permit analysis of(1) the institutional structure of the energy supply system, including patterns of
ownership and control of mineral fuel and nonmineral energy resources and the
production, distribution, and marketing of mineral fuels and electricity;
(2) the consumption of mineral fuels, nonmineral energy resources, and electricity
by such classes, sectors, and regions as may be appropriate for the purposes of
this Act;
(3) the sensitivity of energy resource reserves, exploration, development,
production, transportation, and consumption to economic factors, environmental
constraints, technological improvements, and substitutability of alternate energy
sources; . . .
(5) industrial, labor, and regional impacts of changes and patterns of energy
supply and consumption...”
An additional authority for invoking Section 790(a) of the FEA Act above for this
information collection is provided by the Public Utility Regulatory Policies Act of 1978
(16 U.S.C. 2601) which states:
The Congress finds that the protection of the public health, safety, and welfare, the
preservation of national security, and the proper exercise of congressional authority under
the Constitution to regulate interstate commerce require - . . .
“(2) a program to improve the wholesale distribution of electric energy, the
reliability of electric service, the procedures concerning consideration of
wholesale rate applications … the participation of the public in matters … and to
provide other measures with respect to the regulation of the wholesale sale of
electric energy, ”
A.2 Needs and Uses of Data on the Electric Power Industry
3
�The electric power industry1 in the United States currently consists of traditionally
regulated entities2 (also known as electric utilities), as well as non-traditional participants
that include unregulated entities3 and electric power marketers. At the end of 2009, there
were 3,276 traditionally regulated and unregulated entities and retail electric power
marketers.4 However, the physical operations of the entire electrical system is handled by
less than 131 balancing authorities that are overseen by 13 Reliability Coordinators
located in the United States.5
The Form OE-417 reports will enable DOE to monitor electric emergency incidents and
disturbances in the United States (including all 50 States, the District of Columbia, Puerto
Rico, U.S. Virgin Islands, and the U.S. Territories). The information will assist the
Government by helping to prevent the physical or virtual disruption of the operation of
the electrical energy critical infrastructure.
Currently, DOE’s Office of Electricity Delivery and Energy Reliability (OE) uses Form
OE-417, “Emergency Incident and Disturbance Report,” to monitor major system
incidents on electric power systems and to conduct after-action investigations on
significant interruptions of electric power. The information is used to meet DOE national
security responsibilities and requirements contained in the National Response
Framework6. The information may also be used in developing legislative
recommendations and reports to Congress; and coordinating Federal efforts regarding
activities such as incidents/disturbances in critical infrastructure protection; continuity of
1
Collectively, the industry owned and operated 1,025 gigawatts of generating capability, produced over 3.9
trillion kilowatthours of electricity, and earned revenues of $353 billion during 2009. In addition, the
industry consumed 934 million tons of coal, 67 million barrels of oil products and 7.1 trillion cubic feet of
natural gas making the industry the single largest consumer of fossil fuels.
2
A regulated entity is a corporation, person, agency, authority, or other legal entity or instrumentality that
is regulated by Federal, State, or local regulatory bodies and owns and/or operates facilities for the
generation, transmission, distribution, or sale of electric energy. Included are entities that provide
electricity within a designated franchised service area and file forms listed in the Code of Federal
Regulations, Title 18, Part 141. Note: Facilities that qualify as cogenerators or small power producers
under the Public Utility Regulatory Policies Act (PURPA) are not considered regulated entities.
3
An unregulated entity is defined as a corporation, person, agency, authority, or other legal entity or
instrumentality that is not regulated by Federal, State, or local regulatory bodies and is involved in the
electric power industry. Unregulated entities include qualifying cogenerators, qualifying small power
producers, and other generators (including independent power producers). Included are entities without a
designated franchised service area and do not file forms listed in the Code of Federal Regulations, Title 18,
Part 141.
4
U.S. Energy Information Administration Form EIA-861, 2008.
http://www.eia.gov/cneaf/electricity/page/eia861.html
5
These Reliability Authorities operate under the oversight of the North American Electric Reliability
Council (NERC) and cover all of the United States and Canada along with a small part of Mexico. The
operational and planning standards for the balancing authorities are also established and overseen by
NERC.
6
National Response Framework (NRF) is now administrated by the Department of Homeland Security and
DOE is responsible for Emergency Support Function – 12 (ESF-12), Energy under the NRF.
4
�electric industry operations; and the continuity of operations of the government. The
information submitted may also be used by the Department’s Office of Policy and
International Affairs and the Energy Information Administration to analyze significant
interruptions of electric power.
A.2.1 Overview of Data Uses
The Form OE-417 alerts DOE to electrical emergency incidents and disruptions. The
ability of the Department to quickly respond to energy emergencies that may impact the
nation’s infrastructure and to help alleviate or prevent further disruptions is dependent on
the prompt response to this data requirement. As such, the timely initial filing of
Schedule 1 of this form is of paramount importance.
Emergency electric incidents and disturbances leading to interruptions of power, such as
rotating blackouts, could lead to disruptions of critical infrastructures such as natural gas
or petroleum product pipelines, petroleum refineries, water supplies, and
telecommunications systems. The national security, economic prosperity, and social wellbeing of the nation depends on the continuing reliability of our increasingly complex and
interdependent infrastructures, the key one of which is electric power.
A unique characteristic of electric power is that it cannot be stored for future use.
Electric energy suppliers, therefore, must build and maintain generating and transmission
facilities capable of meeting the demand levels for electric power at all times. Tracking
disturbances that impact the integrated generating and transmission facilities is an
important Federal task along with examining issues associated with insufficient capacity
reserves. (This form does not track or monitor planned generating powerplant units
outages.)
The rapid evolution of information technology in the electric power industry has national
security implications due to the interdependent networks of physical and information
infrastructures. Information technology has changed the way the Nation’s business is
transacted, the way government operates, and the way government addresses national
security. The Form OE-417 is the critical alert mechanism for informing DOE of
electrical emergency incidents or disturbances so the physical and virtual disruption of
the operation of any critical infrastructure can be prevented.
Form OE-417 and Projected Impacts from Changing Industry
The Form OE-417 was revised in 2011 to many changes that have occurred in the electric
power industry. The industry is still undergoing changes and DOE will watch for any
systemic alteration in electrical system control and oversight The industry has established
a training and certification process which has switched the industry from the historical
control area concept of physical system oversight to one in which various authorities
(operation, balancing, scheduling, etc.) handle the former responsibilities The North
American Electric Reliability Corporation (NERC) released version 5 of its Reliability
Functional Model in May of 2010. The NERC Reliability Functional Model provides a
5
�framework for how the NERC Reliability Standards are developed, administered and
enforced.
Currently, the Form OE-417 is designed to identify and track emergency incidents from:
Entities that have Balancing Authorities (BA) and/or regional Reliability
Coordinator (RC) functions. They are responsible for the physical operations and
reliability coordination.
All electric utilities’ physical and electronic security, suspected, malicious, or
intentional threats.
The Form OE-417 reports will enable DOE to monitor electric emergency incidents and
disturbances so the Government may help prevent the physical or virtual disruption of the
operation of any critical infrastructure.
A.2.2 Overview of Data Collection
The Form OE-417 cannot follow a scheduled reporting date, since the reporting
requirement is driven by actual or projected disturbance incidents that do not happen on a
regular recurring basis.
Reporting coverage for the Form OE-417 includes all 50 States, the District of Columbia,
Puerto Rico, the U.S. Virgin Islands, and the U.S. Territories. DOE is maintaining the
reporting functions for electric utilities, BA, and RCs. Incident events reporting, such as
suspected or actual threats, vandalism, and/or cyber attacks or total loss of power, would
be required for all respondents. However, it is the expectation that very few, if any,
reports would be filed in any given year from most respondents. In addition, there are
144 entities - NERC established BA7 and RC8 that are responsible for the physical
operations and reliability coordination of these business entities that will file the form.
All of these functions are located within existing electric utilities or in those business
entities that were established by the Federal Energy Regulatory Commission (FERC).
The entities that have BA responsibilities are considered the primary filer of this form.
However, they do need information on individual load and counts of customers lost that
come from the electric utilities found within their area. (Many of these electric utilities
are full requirement or partial requirement customers of other electric utilities - that is,
7
There are 131 Balancing Authorities (BA) in the contiguous United States. BAs are one of the
regional functions contributing to the reliable planning and operation of the bulk power system. The
Balancing Authority integrates resource plans ahead of time, and maintains in real time the balance of
electricity resources and electricity demand.
8
Of the 16 Reliability Coordinators, there are 13 spread across the United States. The Reliability
Coordinator is responsible for the real-time operating reliability of its Reliability Coordinator Area, and
coordinates closely with neighboring areas. Many of the physical facility sites that operate or will run the
operations of the electric power industry, will handle one or more of the NERC established operational
activities; so the total count of respondents will be lower since only one response is required from these
entities.
6
�they do not generate, but receive their power under one or more contracts; which are
usually long-term agreements). DOE would welcome any joint filing activity where the
BA and these electric utilities file a combined report or all information passed to the BA
who then files a single report. An example of this activity would be cooperative power
suppliers (generating and transmission) filing for their member distribution cooperatives.
Another would be joint filings by BA and the controlling RC. DOE requests that it be
notified of those that plan to file jointly and of those electric utilities that want to file
separately. (Notification can be done at the time of the filing.)
DOE will continue to have the option to conduct special investigations of incidents
affecting the electric power industry. Such investigations could involve one or more
electric utilities or BA or other entities participating in the electric power industry. Any
utility or business entity that participates in the electric power industry could be notified
by DOE that they would need to provide technical information concerning a particular
incident.9 These special investigations are infrequent and reports are released to the
public.10
The following information to be collected on emergency events includes important
variables covering each major part of an electric power disturbance incident:
1) Types of major emergency (i.e., physical attack, cyber attack, transmission
system interruption, generation inadequacy, distribution system interruption,
and other),
2) Cause(s) of incident (i.e., complete electrical system failure, electrical system
separation – islanding, inadequate electric resources to serve load, actual or
suspected attack : physical, cyber/computer/telecom, or vandalism,
transmission equipment, loss of high voltage transmission
substation/switchyard, weather or natural disaster, operator action, fuel supply
deficiency, , unknown causes, and other), and
3) Actions taken (i.e., shed firm load, reduced voltage, made public appeals,
implemented a warning, alert, or contingency plan, shed interruptible load,
repaired/restored, other).
Uses of Data:
The information is used by the Department of Energy:
(a) To track, on a timely basis, electrical emergency incidents and disturbances;
9
The Federal Energy Administration Act of 1974 (Pub. L. No. 93-275) and the DOE Organization
Act (Pub. L. No. 95-91) provide other authorities.
10
The Department of Energy has initiated four special studies about incidents that happened in the
1990s. The three studies are: The Cold Weather Snap of 1992, The Electric Power Outages in the Western
United States, July 2-3, 1996 (DOE/PO-0050), and the Report of the U.S. Department of Energy=s Power
Outage Study Team (DOE/PO - March 2000 Final Report); and the Final Report on August 14, 2003
Blackout in the United States and Canada: Causes and Recommendations, April 2004.
7
�(b) To answer queries from the Congress, other Federal and State agencies, the electric
power industry, and the general public;
(c) To monitor the electric power industry’s health;
(d) As input to Office of Electricity Delivery and Energy Reliability’s Electric
Disturbance Events (OE-417) Annual Summaries;
(e) As input to the Energy Information Administration’s Electric Power Monthly’s
Appendix B Major Disturbances and Unusual Occurrences; and
(f) To identify incidents that may require a technical examination of the underlying
problems that lead to the event.
Publication data users include electricity-related trade associations; independent system
operators; electric utility companies; unregulated power companies; energy service
providers; wholesale electricity traders; electrical equipment companies; numerous local,
State, and Federal government agencies; environmental associations; consumer groups;
financial analysts; and the news media.
A.3 Use of Technology and Reduction of Burden
DOE introduced an online version of the OE-417 form in January 2011 to give
respondents an electronic reporting option. The online version is a single use form where
respondents type in their information, submit the form, and are able to download the form
but they cannot go into the system later to retrieve or update submissions. DOE is in the
process of creating a second version of the online OE-417 which will be a a secure signon system where respondents can review, update, and print past submissions.
DOE has posted the Form and Instructions on the web sites of the Office of Electricity
Delivery and Energy Reliability (OE) and the Energy Information Administration (EIA).
Respondents can submit information online, through e-mail or fax or by a phone call to
DOE’s Emergency Operations Center which is staffed 24/7.
A.4 Efforts to Reduce Duplication
Analysis of Similar Existing Information
DOE has determined that other sources cannot replace or approximate the information’s
timeliness or coverage. The one electric power sector organization dedicated to reliability
operations of the electric power industry has cited the existing Form OE-417 as part of
the emergency operational reporting in the NERC Standard EOP-004-1.11
Also, news media often provide some information on electric power problems. However,
the lack of detailed information on causes and effects, the lack of assurance of coverage
of all problems, and the necessity for the Federal government to be involved early in
problem situations require timely reporting to the Federal government.
11
This document can be acquired at:
http://www.nerc.com/fileUploads/File/Disturbance%20Reports/NERC_Std_EOP-004-1_01-2007.pdf
8
�A.5 Provisions for Reducing Burden on Small Businesses
The DOE is mindful of the need to minimize burden on small business and, to that end,
designs its information collections so that small operations are not unduly affected. The
reporting entities for the OE-417 are expected to include no small businesses.
A.6 Consequences of Less-Frequent Reporting
DOE needs to be informed of all electric power disturbances and incidents meeting the
threshold levels identified earlier so that it can take appropriate actions. Less frequent
reporting will not provide the Federal government with the information it needs to fulfill
its mandates.
The rapid evolution of information technology in the electric power industry has national
security implications due to the interdependent networks of physical and information
infrastructures.12 Information technology has changed the way the Nation’s business is
transacted, the way government operates and the way government addresses national
security. The Form OE-417 is the critical alert mechanism for informing DOE about
electrical emergency incidents or disturbances so the physical and virtual disruption of
the operation of any critical infrastructure can be prevented. DOE officials address the
information reported on a real-time basis. They inform policymakers and others about the
significance, as appropriate.
The OE-417 provides important real-time alert information to DOE, trend information,
and is used in historical publications.
A.7 Compliance with 5 CFR 1320.5
The data are being collected consistent with the guidelines in 5 CFR 1320.5, except for
requiring respondents to initially report information soon after an incident or disturbance.
See items A.2 and A.6 for justification for timing of reporting. A final report is due up to
48-hours afterwards.
A.8 Summary of Consultations Outside the Agency
List of Respondents and Comments to Federal Register Consultation Notice
Received in Response to
Federal Register Notice (76 FR 35867)
Published June 20, 2011
List of Respondents That Filed Comments
12
Emergency electric incidents and disturbances leading to interruptions of power, such as rotating
blackouts, could lead to disruptions of critical infrastructures such as natural gas or petroleum product
pipelines, water supplies, and telecommunications systems. The national security, economic prosperity and
social well-being of the nation depends on the continuing reliability of our increasingly complex and
interdependent infrastructures, a key one of which is electric power.
9
�Table B2. List of Commenters by Affiliation Responding to the June 20, 2011, Federal Register
Notice
Number
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
Commenter
American Electric Power
American Public Power Association
American Transmission Company LLC
Central Lincoln
Constellation Energy
Dominion
Duke Energy
Fort Pierce Utilities Authority
Georgia System Operations Corp.
Kansas City Power & Light
MidAmerican Energy
Midwest Independent Transmission System
Operation, Inc.
Midwest Reliability Organization
PJM
Southwest Power Pool
Utility Services, Inc.
Wisconsin Electric Power Company
Affiliation
Industry Consultant Company
Federal Register Consultation Notice
Categories of Comments
I.
II.
III.
III.
IV.
V.
Schedule Requirements and Timelines
Changes to Reporting Criteria
Burden
Optional Data Reporting
Confidentiality
Online Form
Form OE-417
Specific Issues of Concern
I. Schedule Requirements and Timelines
Additional Information/Comments Box
Comment: The addition of “Additional Information/Comments” fields in section 10, 11,
and 12 (Type of Emergency, Cause of Incident, and Actions Taken) will give respondents
better ability to explain the incident and will enhance the situational awareness for all
parties that receive the OE-417 form.
Response: These proposed fields will be kept in the form.
10
�One-Hour Reporting Timeline
Comment: The one-hour reporting requirement for an event meeting criteria 1-8 is an
insufficient amount of time and should be extended to 2 hours or extended to NERC’s
timeline of 24 hours. Respondents must concentrate on restoring system stability and
maintaining reliability and resources should not be diverted from these efforts to fill out
this form. Additionally, this filing can be burdensome for entities with minimal staffing
in place.
Response: A prompt filing of the OE-417 alerts DOE policymakers that a potentially
significant incident has occurred. In the OE-417 Instructions DOE states “If the incident
or disturbance is having a critical impact on operational events, respondents must balance
their operational requirements during the incident with this mandatory reporting
requirement.” Therefore a telephone call to DOE’s 24/7 Emergency Operations Center is
an acceptable way to submit a form. The North American Electric Reliability Corporation
(NERC) disturbance report is collected for reliability and enforcement reasons and so it is
not due until 24 hours after a disturbance. The suggested time frame will not meet DOE’s
emergency responsibilities.
Timeline of Reporting
Comment: The timeline for reporting should be changed to state that forms are to be
submitted 1, 6, or 72 hours after an organization becomes aware that one of more of the
criteria has been met.
Response: The Form and Instructions will better reflect this definition
Type of Emergency
Comment: Line 10 is redundant with the twelve criteria for filing and should be
eliminated or the definitions in both sections should match
Response: The definitions for “Type of Emergency” and the criteria will be updated so
that they match.
Actual or Suspected Attack/Event
Comment: Remove the heading “Actual or Suspected Attack/Event” from line 11
“Cause of Incident” to be consistent with the criteria. “Physical” should be changed to
“Physical Attack” and “Cyber” to “Cyber Event.” “Complete Electrical System Failure”
and “Electrical System Separation – Islanding” are consequences, not causes, and should
be taken off line 11. “Transmission Equipment” should be replaced by “Transmission
Equipment Failure” and “Loss of Part or All of a High Voltage Substation or Switchyard”
should be taken out as it is transmission equipment. The definition for Major Attack (“A
major attack on any part of your system whether physical or electronic suspected of being
a deliberate attack or sabotage that disrupts system operations and had the intent to harm
the national security of the United States.”) should have the and changed to an or.
11
�Response: The Form will be updated to change to “Physical Attack” and “Cyber Event”
with the updated heading of “Actual or Potential Attack/Event.” The “Loss of Part or All
of a High Voltage Substation” gives DOE greater detail into what was affected in the
event. The box “Transmission Equipment” will stay to allow respondents to check this
box if transmission equipment has failed or has been damaged. The definition will be
changed from “and” to “or” so that respondents don’t have to know if the attack had an
intent to harm the national security of the U.S.
System Frequency
Comment: The reporting of the change in system frequency during an event should not
cause new burdens on NERC registered entities. This is presently a requirement in NERC
reporting processes.
Response: The OE-417 will be updated and the change in system frequency will be an
additional voluntary piece of information which DOE will ask respondents to report in
the Narrative in Schedule 2.
Grammatical Changes
Comment: Changes to the Form and Instructions to ensure that it is grammatically
correct, all lines numbers match, formats are consistent, line and page references are
correct,
Response: Changes have been made based on grammatical changes suggested as well as
through a review of the Form and Instructions.
II. Changes to Reporting Criteria
Vandalism
Comment: Respondents need more guidance on what degree of security breaching
vandalism are reportable. The most common security systems in use at electric utilities
are meter seals. Surely DOE does not want to hear from utilities within 6 hours every
time a missing seal is replaced. Additionally, clarity should be added on expectations of a
normal vandalism report.
Response: DOE does not want all vandalisms to be reported, only those which affect
electric power system adequacy and reliability. A secondary requirement which would
have lower thresholds for vandalism reporting would be only if DOE feels it is warranted.
If activation is required, DOE will notify the respondents that the reporting threshold has
to be met and the the duration of this additional reporting level The notification will be
done by Federal Register notice, e-mail message to the respondents, website postings,
and by an alert to the energy critical infrastructure protection centers.
Vague Criteria
Comment: Some of the criteria are vague and require interpretation of the respondent to
determine whether a particular set of circumstances is a reportable event. It is
12
�recommended that DOE consider further definitions for the terms “major interruptions or
impact, ““complete operational failure,” and “cyber event”
Response: The magnitude of an event may differ by size or type of respondent,
geographic location, and other mitigating factors. Therefore DOE depends on the
individual respondents to determine whether a physical attack is to their critical
infrastructure or causes major damage. There is a definition for “complete operational
failure” in the Instructions and these Instructions have been updated to include a
definition for a cyber event.
Criteria #9 and #10
Comment: The use of “potentially impact” in criteria #9 and #10 is vague and should be
better defined.
Response: DOE updated criteria #9 and #10 so that they were both worded in a similar
fashion. DOE considers potential damage, access, or entry which, if successful, would
have resulted in impacted the power system adequacy or reliability to be national security
concerns. As above, DOE depends on each respondent to determine what physical attacks
or cyber events are relevant to their systems and operations.
Voltage Reduction
Comment: The requirement to file when there is a 3% voltage reduction should be
revised to a 10% voltage reduction. In order to shave peak loads, some utilities
implement short-term voltage reductions. As these voltage reductions are done purely for
economics these events should not be reported to DOE.
Response: DOE does not want respondents to file if voltage reductions are done for
economic reasons only. In the Instructions a voltage reduction is one where there is an
“internal reduction of system voltage for reasons of maintaining the continuity of service
of the the bulk electric system.” DOE will update the Instructions so that this is better
reflected throughout.
III. Burden
Initial Filing Burden Estimate
Comment: The ten minute burden estimate for filling out an initial filing (Emergency or
Normal Alert) is the time it actually takes to fill the information into the form. However,
the actual time frame for determining if an event has met one of the twelve criteria, the
event cause, or for reporting accurate data/information in Schedule 1 of the form takes
longer than ten minutes.
Response: The Form and Instructions will be updated to better explain what fields are
required when an initial filing (Emergency or Normal Alert) is submitted to DOE. These
reports are intended to inform DOE that an event has occurred: therefore an estimate of
the load lost or customers impacted is sufficient.
Training Burden
13
�Comment: Training for personnel on how to fill out the form and submit it properly and
determining when a form must be filed can amount to a substantial cost for the
respondents. The training could require as much as 2 hours annually.
Response: DOE includes annual training in its burden hours estimate and will increase
the training burden from 1 hour to 2 hours annually.
Final Filing Burden Estimate
Comment: The two hour burden estimate for filling out a final filing can be too low for
those events that are more complex. For more significant or complex events, respondents
take efforts to assemble the facts, pull together mitigating actions, determine the root
cause, and process lessons learned.
Response: DOE feels that the two hour burden estimate is an accurate reflection on the
average amount of time a Schedule 2 submission will take. Occasionally a filing may
take longer than 2 hours to complete but other filings may take much less than 2 hours to
complete. Additionally, respondents are only required to report the facts of how the event
occurred and what mitigation actions were taken. Respondents are not required to report
lessons learned from the events.
Follow-Up Burden
Comment: The burden estimate does not handle the internal handling of documentation
necessary should an investigation be initiated.
Response: Occasionally DOE may contact respondents to follow-up on data/information
on the form and this burden is included in the total annual burden estimate. As stated in
section A.2.2, DOE has the option to conduct follow-up investigations on events. There
have been no investigations conducted since 2003 and so DOE is not estimating a yearly
burden for these investigations.
III. Optional Data Reporting
Redundant Reporting Requirements
Comment: NERC has a separate reporting process for incidents (EOP-004 and CIP-0083). The different processes have differences in rules, terminology, definitions, and
timelines which can add to the burden of respondents. DOE is encouraged to work with
NERC and consider ways to streamline reporting or to create a one central form that
could be submitted to both DOE and NERC when an event occurs.
Response: The OE-417 is different than the NERC reports in that DOE is looking at
situational awareness whereas NERC is looking at the overall reliability of the electric
grid. DOE has held discussions with NERC about how reporting can be streamlined.
These discussions include DOE working with the NERC Standard Drafting Team
working on the EOP-004-2 reliability standard. This team is including instructions for the
EOP-004-2 detailing how companies can use the OE-417 form and still meet NERC
requirements. DOE also is updating the Instructions to better match NERC definition.
14
�With the proposed second version of the online OE-417 submission, respondents will
have the option of emailing their OE-417 reports to NERC and any other entity at the
same time they are submitted to DOE.
RTOs and BAs Access to Forms
Comment: It would be helpful for RTOs and BAs to have read-only access to the forms
submitted by member utilities.
Response: The e-mail option included in the proposed second version of the online OE417 submission will allow utilities to directly email their submitted OE-417s to RTOs
and BAs.
IV. Confidentiality
POC Information
Comment: It is recommended that the contact information should be moved into
Schedule 1 of the form.
Response: DOE prefers to keep all protected information located in the same area of the
form. This will allow respondents to know exactly what information will not be
distributed by DOE without their approval.
Identification of Public Information
Comment: Schedule 1 should add a label indicating that the information supplied is not
protected.
Response: This information is contained in the Instructions under “Provisions Regarding
Confidentiality of Information.”
Summaries
Comment: Information should be distributed publically so that entities can gleen lessons
learned. But DOE should wait to disseminate information until all the facts of the event
are established and the event is thoroughly investigated by the respondent.
Response: DOE posts summary information as stated in section A2.2. These summaries
contain only information in Schedule 1 and no information contained in Schedule 2. DOE
does perform follow-up with respondents to ensure accuracy of these summaries.
V. On-Line Form
Pre-Populating
Comment: It is requested that the new version of the on-line form draw upon
information from previously submitted reports as well as be able to pre-populate
information such as company name, address, phone number. Additionally, the ability to
review and correct/update previously submitted reports would be useful.
15
�Response: In the next version of the online system respondents will be able to prepopulate information as well as update past submissions so as to reduce their burden
when filling out forms.
Technical Support
Comment: Will there be 24/7 technical support for this on-line form available?
Response: There is no 24/7 support for the next version, which will have usernames and
passwords for respondent. But there will be an automated system in which passwords can
be sent automatically.
Region
Comment: On Page 1 in box 4 (geographic area affected) it would be helpful to have a
box include an option for REGION.
Response: DOE will look at the option to include NERC Regions along with States in
the Geographic area.
Emailing Submitted Forms
Comment: The ability in the proposed online form to add additional email addresses so
that other people/entities can receive submitted forms would allow respondents to notify
all persons and organizations through a single means. What kind of assurances can DOE
give respondents that the submitted forms actually go to these e-mail addresses?
It would be helpful to have certain addresses such as NERC’s or the ES-ISAC hardcoded
so they are always available.
Response: DOE will not hardcode any e-mail addresses into the system. Instead it will
leave it up to each respondent to fill in the correct e-mail address of each entity which
requires the form. DOE will have a disclaimer on the new version of the form which will
inform respondents that it cannot be held responsible if e-mails are not sent out properly
or in a timely fashion. This is only to protect DOE as entities can receive monetary fines
if reports aren’t submitted to NERC in a timely manner. DOE will time-stamp the
submitted forms so that respondents can log-in to the system and download a form
containing the submission time and the e-mail addresses it was sent to.
A.9 Payments or Gifts to Respondents
No payments or gifts are made to the respondents.
A.10 Provisions for Confidentiality of Information
All the information reported in Schedule 1 on the form will be considered “public
information” and may be publicly released in company or individually identifiable form,
and will not be protected from disclosure in identifiable form.
16
�All information in Schedule 2 will be protected and not disclosed to the public to the
extent that it satisfies the criteria for exemption under the Freedom of Information Act
(FOIA), 5 U.S.C. §552, the Department of Energy (DOE) regulations, 10 C.F.R.
§1004.11, implementing the FOIA, and the Trade Secrets Act, 18 U.S.C. §1905.
Per language in the instructions, the Federal Energy Administration Act requires the EIA
to provide company-specific data to other Federal agencies when requested for official
use. The information reported on this form may also be made available, upon request, to
another DOE component; to any Committee of Congress, the Government Accountability
Office, or other Federal agencies authorized by law to receive such information. A court
of competent jurisdiction may obtain this information in response to an order. The
information may be used for any nonstatistical purposes such as administrative,
regulatory, law enforcement, or adjudicatory purposes.
A.11 Justification for Sensitive Questions
There are no questions of a sensitive nature.
A.12 Estimate of Respondent Burden Hours and Cost
Training Assumptions:
3,276 Respondents – 13 U.S. reliability coordinators, 131 balancing authorities,
and 3,276 regulated utilities.
Year 1 to 3 – 2 hour refresher training (to include training on the on-line form) per
BA/RC and utility respondent; 6,552 hours over each year.
Total training time per year – 6,552 hours
Reporting Assumptions:
300 Reports per year –The burden assumed in 2008 OMB submission was 300
reports annually. Based on the level of actual reporting (236 in 2008, 220 in 2009,
and 217 in 2010, 260 through October 2011) the burden estimate has been
calculated at 300 reports annually.
Schedule 1 - 300 reports x 10 minutes = 3,000 minutes or 50 hrs
Schedule 2 - 300 reports x 2 hours = 600 hours
Schedule 2 Follow-up (additional follow-up for significant reports) – 25
respondents; 25 reports x 1 hour = 25 hours
Annual total for actual responses = 675 hours per year
Notifications to DOE about suspected or actual criminal actions (cyber attacks,
threats, vandalism) are not considered accountable burden events. DOE has
general and specific obligations for national security and law enforcement
actions/support under various Presidential Directives, memorandum of
agreements and inter-agency understandings.
17
�Using the above estimates, the average estimated annual burden with training estimates,
per year, is estimated to be 7,227 hours annually((6,552 + 675) =7,227).
The estimated annual cost to all combined respondents of the reporting burden is
estimated to be $448,074. An average cost per hour of $62 is used because that is the
average loaded (salary plus benefits) cost for a DOE employee. DOE assumes that the
survey respondent workforce completing Form OE-417 is comparable with the DOE
workforce.
A.13 Annual Reporting and Record Keeping - Cost
There are no capital and start-up cost components or operations and maintenance
associated with this data collection. The information is maintained in the normal course
of business. Therefore, other than the cost of burden hours, there are no additional costs
for generating, maintaining, and providing the information.
A.14 Annual Cost to the Federal Government
The annual costs, including personnel, for development/maintenance, collection,
processing, analysis, and publication are estimated to be approximately $48,000 annually.
A.15 Changes in Burden
The total burden has increased by 3,308 hours since the 2008 submission. This is due to
DOE estimated that entities will increase training from 1 hour a year to 2 hours a year.
The estimated number of reports has stayed the same at 300 annually but DOE increased
the estimate for the amount of time to fill in Schedule 1 from 5 minutes to 10 minutes to
account for additional data some respondents report in the first filing of the report.
A.16 Collection, Tabulation, and Publication Plans
Table 1. Proposed Electric Power Data Collection by Schedule
Form
OE-417,
Schedule 1
OE-417
Schedule 1
OE-417
Schedule 1
OE-417,
Schedule 1
and 2
Mailing
Date
Per critical
incident
Per other types of
incidents
As changes to
critical
information
become available
Per incident
Form Due Date
1 hour after incident
Elements Collected
Emergency alert check-off
6 hour after incident
Normal alert check-off
After initial
submission of
Schedule 1 as
necessary
48 hours after
incident
Update check-off
Final report check off and
Narrative details - more
detailed estimates of impact
and any attachments
Table 2. Publication Plans
18
�Form
OE-417,
Schedule 1
OE-417,
Schedule 1
Elements Published
The elements to be published on the Office of Electricity Delivery and
Energy Reliability’s Electric Disturbance Events (OE-417) Annual
Summaries are: geographical location by State, company name, amount of
demand (load) lost, count of customers affected, time and date of incident,
length of incident until restoration (amount of time), and type of
emergency
The elements to be published in the Electric Power Monthly are:
geographical location by State, company name, amount of demand (load)
lost, count of customers affected, time and date of incident, length of
incident until restoration (amount of time), and type of emergency.
A.17 OMB Number and Expiration Date
The OMB number and expiration date will be displayed on the form.
A.18 Certification Statement
OE-417 meets all certification requirements of the "Certification for Paperwork
Reduction Act Submissions," of OMB Form 831.
COLLECTION OF INFORMATION EMPLOYING STATISTICAL METHODS
B.1 Respondent Universe
This survey covers the entire universe of entities responsible for electrical operations and
security oversight. The respondent universe is all electric utilities with those that are
certified (by NERC) as Balancing Authorities and Reliability Coordinators designated as
the primary filer.
Respondents submit their information to the DOE Watch Office. There are 131
balancing authorities, plus 13 U.S. reliability coordinators centers in the contiguous
United States. There are 3,276 utilities in the 50 States, and the U.S. Virgin Islands,
Puerto Rico, American Samoa, and Guam that could report. Most will not have any need
during the calendar year to file a report covering normal electrical outage events. Cyber
attacks and other physical threat actions or attempts could happen at a rate higher than
electrical operational problems. These events represent law enforcement and national
security issues. Getting a notification represents an achievement of an important policy
objective for the Federal Government.
For those electric utilities located in the United States, but for whom control area
oversight responsibilities are handled by electrical systems located across an international
border, those U.S.-based utilities will be required to file the Form OE-417. A foreign
utility handling U.S. control area responsibilities, may wish to file this information
voluntarily to the DOE. Any U.S. based utility in this international situation needs to
inform DOE that these filings will come from a foreign-based electric system.
19
�B.2 Statistical Methodology
There is no methodology applied. All incidents meeting the threshold requirements must
be reported.
B.3 Methods to Maximize Response Rates
All potential reporting entities will be sent letters notifying them of their reporting
responsibilities. In addition, DOE will send e-mails or make telephone calls to the entities
if it learns of an incident or disturbance that an entity has not yet reported. If no response
occurs, correspondence is sent from the DOE to high level management officials in the
respondent entity requesting submission of the appropriate information.
B.4 Tests of Procedures
DOE has talked with NERC and other respondents about the redevelopment of the OE417. Their comments have been considered in the design of the form submitted for
approval.
B.5 Additional Information
For additional information concerning OE-417, please contact Brian Copeland at (202)
586-1178 or at [email protected]. For information concerning this request for
OMB approval, please contact the DOE Paperwork Reduction Act Officer, Christina
Rouleau, at 301-903-6227 or at [email protected].
20
�
| File Type | application/pdf |
| File Title | Microsoft Word - Supporting Statement-OE-417_Nov11.docx |
| Author | JWO |
| File Modified | 2011-12-14 |
| File Created | 2011-12-14 |