FERC wades into battle over China-made grid equipment

Source: By Christian Vasquez, E&E News reporter • Posted: Sunday, September 20, 2020

Top U.S. energy regulators want to know just how dangerous Chinese-manufactured equipment is to the power grid.

The Federal Energy Regulatory Commission issued a notice of inquiry yesterday aimed at gathering information on use of equipment and services by foreign companies deemed a national security risk.

FERC noted that China-based telecommunications giants Huawei Technologies Co. Ltd. and ZTE Corp. have been flagged as potential threats due to their “communication systems and other equipment and services that are critical to bulk electric system reliability.”

“Recent Executive Orders, legislation and federal agency decisions have identified Huawei and ZTE, as well as other entities identified as risks to national security, as potential risks to national security,” FERC wrote in its request for comments on the extent of the danger.

Huawei and several other Chinese companies have been barred from selling into some U.S. markets due to concerns they may be pressured by the Chinese government to spy or damage critical infrastructure by installing backdoors in their products. Huawei and ZTE have denied claims of wrongdoing.

A May 1 executive order from President Trump called for barring utilities from purchasing equipment deemed a national security risk. The Energy Department later named China as one of the “near-peer foreign adversaries” that could cause disruptions to the grid (Energywire, July 9).

The battle over Chinese equipment has raised serious questions over the difficulty of decoupling foreign-made gear from U.S. critical infrastructure.

In July, the North American Electric Reliability Corp. and FERC released a white paper on how to find Huawei and ZTE equipment in the grid. Noting the wide reach of both companies, the regulators warned that some vendors may be unaware they are using products deemed a national security threat. NERC also released an alert asking utilities to provide more information on any installed electrical generators and transformers from adversarial countries like Iran.

In yesterday’s request, FERC noted that the need to maintain operational awareness of the grid — combined with the vast market share commanded by the technology firms — means it’s likely that many utilities have Huawei or ZTE equipment installed on the grid, whether they know it or not.

“The probability that electric utilities now use a significant amount of telecommunications equipment with embedded components from Huawei or ZTE is greater in consideration of these facts, especially when factoring in components that are branded under a different vendor’s label,” FERC said.

Just how prevalent Huawei is on the grid is an open question. Last year, NERC CEO Jim Robb said the nonprofit is unsure how many power inverters — devices that are frequently used in solar panels — are in the grid (Energywire, June 27, 2019).

In its latest notice, FERC is also seeking input on whether current cybersecurity standards are enough to protect the grid from security risks and what other steps can be taken. The comments will be public and are due in mid-December.

FERC has previously noted the limits of critical infrastructure protection standards in previous requests for comment on market incentives for cybersecurity investments (Energywire, Aug. 27). Critics claimed incentives could drive up prices for cyberdefenses, while others, including DOE, lauded the idea.