Sociotechnical Approaches to Electric Grid Risk Management
THE CHALLENGE
The US bulk electric system is arguably the largest and most complex machine on the planet: spanning the country and interconnected with the electric grids of Canada and Mexico, it is comprised of dozens of governmental bodies, over 3,000 small and large public and private utilities, 5,800 major power plants, and 450,000 miles of high voltage transmission lines, and numerous standards and regulations. As with any large and complex machine, catastrophic potential is imbedded within this system; systemic risks can arise, they can be difficult to detect, and when they are realized cascade across systems and sectors at tremendous speed.
Approaches to electric grid risk management tend to focus on the technical dimensions of this system, seeking to control risks with strong engineering and other logics. However, the social dynamics of this system — people, organizations, institutions, and norms — are entangled with these technical dimensions. We set out to uderstand the risks and resilience options for electric grid security through a sociotechnical analysis that combined social and technical components.
THE APPROACH
- Interviews with 60 electric grid owners, operators, and regulators on electric grid cybersecurity risks
- Case studies of cascading failure in partnership with industry
- Analysis of how the Department of Defense could deter power grid attacks
- Documentation of electric grid resilience strategies for polycrisis (Covid-19 pandemic and hurricanes)
THE OUTCOME
A framework for assessing electric grid cybersecurity regulatory impact, understanding of expertise required for managing sociotechnical risks, guidance for Department of Defense for energy resilience, and deeper understanding of sociotechnical cascading impacts and resilience strategies.
Further reading
Disaster risk creation and cascading disasters within large technological systems: COVID‐19 and the 2021 Texas blackouts. Journal of Contingencies and Crisis Management
Deterring Attacks Against the Power Grid: Two Approaches for the U.S. Department of Defense. RAND Corporation
Maintaining critical infrastructure resilience to natural hazards during the COVID-19 pandemic: hurricane preparations by US energy companies. Journal of Infrastructure Preservation and Resilience
The downside of a lean electric grid. The Hill
Regulating risks within complex sociotechnical systems: Evidence from critical infrastructure cybersecurity standards. Science and Public Policy
Beyond regulatory capture: Coproducing expertise for critical infrastructure protection. Regulation & Governance