The Electric Reliability Council of Texas (ERCOT) formed in 1970, as the successor to the Texas Interconected System (TIS). TIS originally formed in 1941 when several power companies banded together to provide their excess generation capacity to serve industrial loads on the Gulf Coast supporting the US war effort for World War II. ERCOT is one of nine regional electric reliability councils under North American Electric Reliability Corporation (NERC) authority. NERC and the regional reliability councils were formed following the Northeast Blackout of 1965. ERCOT's offices are located in Austin, Texas.
The ERCOT region occupies the entire Texas Interconnection, which occupies nearly all of the State of Texas. Unlike the other major NERC interconnections, the high voltage transmission and energy market within the Texas Interconnection is operated by ERCOT as essentially a single power system instead of as a network of cooperating utility companies.
The ERCOT hired DYONYX to provide internal security services and project work. The contract’s work plan includes an initial discovery phase to review the overall network architecture and applications systems architecture, examine security operations and policies, and review SAS 70 audit findings.
Phase II includes implementing project management processes, responding to audit findings, resolving security issues, defining and developing needed projects, and providing outsourced security services prior to initiating a recruitment process for a permanent ERCOT security staff.
The final phase includes execution of agreed upon project work plans. “Because the security function in a business enterprise such as ours is so critical to our mission and to the market participants, we felt it was important to bring in a firm to supply highly skilled security resources to meet our immediate staff needs,” said Steve Grendel, director of technology services. “They will be supporting our current security operations, in addition to proposing ways to improve and streamline our functions.”
The contract includes eight general areas of concentration including designing a security organization structure and maintaining compliance with security standards.
The DYONYX Project Manager, Jim Fortune served on NERC’s Critical Infrastructure Protection Advisory Committee and on Electric Power Research Institute Committees and is familiar with compliance provisions of NERC CIP, SAS 70, ISO 17799 and other security standards. DYONYX was selected for their experience working with other utilities and ISO’s.
“We were impressed with the extent of the DYONYX team members’ experience in working with electric utilities and critical infrastructures and their knowledge of risks assessment methods,” Steve said. “This gives us assurance that needed projects will be identified, defined and managed in an accurate and timely manner.”