Full Report
In an era defined by rapid digitization, the electric power sector is increasingly looking to its analog past to secure its future. During the latest episode of the Cyber Focus podcast, Scott Aaronson, senior vice president at the Edison Electric Institute (EEI), discussed the industry’s development of “Supplemental Operating Strategies” (SOS) – informally known as…
Analysis Summary
# Best Practices: Analog Resilience and Supplemental Operating Strategies (SOS) for Critical Infrastructure
## Overview
These practices address the need for the electric power sector to enhance cyber resilience by preserving and maintaining the capability to operate critical systems using physical, analog methods—informally known as the "MacGyver Project." This strategy acts as a foundational defense layer, ensuring operational continuity when digital systems are compromised, untrustworthy, or unavailable, mitigating cascading failures across interconnected critical infrastructure sectors.
## Key Recommendations
### Immediate Actions
1. **Inventory Manual Operation Capabilities:** Immediately catalogue all existing physical, mechanical assets and procedures (like "pistol grip handles") that allow operators to open or close circuits without relying on the digital control overlay.
2. **Establish Data Integrity Assessment Protocols:** Develop rapid procedures for operators to verify sensor and control system data against independent, non-networked observations (where possible) to counter adversary data obfuscation tactics.
3. **Conduct Initial Analog System Walkthroughs:** Schedule immediate, mandatory walkthroughs where senior operational staff physically demonstrate critical manual failover procedures to ensure muscle memory and familiarity with mechanical controls.
### Short-term Improvements (1-3 months)
1. **Develop and Document Supplemental Operating Strategies (SOS):** Formally document the operational sequences required to run critical grid elements using only manual or analog mechanisms, referencing established industry resilience plans.
2. **Procure and Stock Critical Analog Spares (SKUs):** Identify the most essential physical components required for manual operations (e.g., specific mechanical switches, parts for physical controls) and initiate procurement to mitigate supply chain risks for these legacy/manual items.
3. **Conduct Cross-Sector Dependence Mapping (Tier 1):** Map immediate dependencies between the power sector (energy) and essential downstream services (water, transportation, communications) to understand high-risk cascading failure points if analog modes are required.
### Long-term Strategy (3+ months)
1. **Establish Dedicated Analog Maintenance Programs:** Create recurring, budgeted programs specifically dedicated to the maintenance, calibration, and physical inspection of manual control systems, ensuring they remain functional despite digitization efforts.
2. **Integrate Analog Readiness into Training Curriculum:** Formally incorporate SOS and manual operations into standard operator training and certification processes, treating analog capability as an essential, non-negotiable skill set for all operators.
3. **Drive Physical Supply Chain Modernization:** Advocate for and invest in the robust physical supply chain necessary to support long-term grid infrastructure, balancing increased digital demand (AI, manufacturing repatriation) with the need for resilient physical assets (e.g., transformers).
4. **Develop National Mutual Assistance Coordination for Physical Recovery:** Formalize and regularly exercise regional or national mutual assistance agreements focused specifically on physical restoration (e.g., moving heavy equipment, specialized manual repair crews) following large-scale physical or cyber incidents requiring extensive manual intervention.
## Implementation Guidance
### For Small Organizations
- **Focus on Documentation and Cross-Training:** Prioritize documenting the few manual failover points specific to local infrastructure. Ensure all operators are cross-trained on these procedures, as specialized maintenance staff may be scarce.
- **Leverage Group Purchasing:** Participate actively in industry groups (like EEI) to share the logistical burden of stocking necessary analog spares ("80,000 SKUs") through coordinated purchasing pools.
### For Medium Organizations
- **Formalize Local SOS Drills:** Begin semi-annual tabletop exercises specifically focused on a scenario where the digital monitoring system is completely untrustworthy, forcing reliance on local analog tools.
- **Dedicated Physical Asset Liaison:** Assign a specific engineer or technician responsible for tracking the lifecycle and maintenance schedule of manual controls, preventing them from being overlooked during SCADA modernization projects.
### For Large Enterprises
- **Establish a Dedicated Resilience Working Group:** Form a cross-functional team (IT, OT, Engineering, Supply Chain) chartered specifically to manage and execute the Supplemental Operating Strategies ("MacGyver Project").
- **Institutionalize National Coordination:** Actively participate in and lead national efforts (e.g., coordinating with other utilities for mutual assistance) to ensure rapid mobilization of physical restoration resources during an "all-hazards" event.
- **Strategic Stockpiling:** Develop a dynamic inventory management system that forecasts obsolescence for critical manual components while ensuring buffer stock readiness for required long-lead-time physical replacements.
## Configuration Examples
*The provided context emphasizes procedural and physical readiness rather than specific digital configuration settings. The core "configuration" is procedural:*
* **Mechanical Control Standard:** Ensure all designated manual circuit control points (e.g., **pistol grip handles**) are physically accessible, clearly labeled, and tested to confirm they engage/disengage the intended physical circuit connection without digital interference.
## Compliance Alignment
While the article emphasizes resilience beyond standard compliance, these practices strongly align with:
* **NERC CIP Standards:** Particularly R1 (Reliability Authority Responsibilities) and R3 (System Security Management), by defending operational reliability against sophisticated threats that target digital controls.
* **NIST Cybersecurity Framework (CSF):** Enhances the **Protect** function (e.g., Physical Protections) and the **Resilience** aspect of the **Recover** function.
* **All-Hazards Preparedness Frameworks:** Aligning operational continuity planning with requirements for surviving large-scale physical outages that necessitate manual intervention.
## Common Pitfalls to Avoid
1. **Treating Manual Systems as Legacy Debt:** Do not view analog capabilities as outdated technology to be decommissioned; view them as the **essential Sovereign Layer** of operational defense.
2. **Ignoring Skills Degradation:** Failing to regularly train personnel on manual operations, leading to lost institutional knowledge when it is critically needed.
3. **Focusing Only on Cyber Offense:** Over-investing in digital defense while neglecting the physical means of response required when digital intelligence is compromised or unavailable.
4. **Supply Chain Complacency:** Assuming that physical spare parts for manual controls will be readily available, especially given current shortages and high demand for new energy infrastructure components.
## Resources
1. **Edison Electric Institute (EEI) Cyber Focus Podcast Episodes:** Reference recent discussions (specifically those featuring Scott Aaronson) for insight into industry-wide resilience strategy development.
2. **McCrary Institute Publications/Podcasts:** Utilize associated materials for deeper dives into critical infrastructure protection and offensive cyber implications.
3. **Internal/Sector-Specific Mutual Assistance Agreements:** Review existing national and regional pacts regarding the sharing of physical restoration resources following widespread disruption.