Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 115th Congress · H.R. 4120 (Introduced in House) — To provide for a comprehensive interdisciplinary research and development initiative to strengthen the capacity of th... · Sec. 9

Sec. 9. Reports to Congress

549 words·~2 min read·/bill/115/hr/4120/ih/section-9

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

The Secretary, in collaboration with the Secretary of Homeland Security, other appropriate Federal agencies, and energy sector stakeholders, shall conduct a study to analyze cyber attacks on electricity sector industrial control systems and identify cost-effective opportunities to improve cybersecurity. Incident data provided to Federal agencies for the purposes of carrying out this subsection shall be considered critical electric infrastructure information and provided the protections established in section 10.
The study shall— summarize cyber incident data provided to the Secretary by relevant Federal agencies and energy sector stakeholders; analyze processes, operational procedures, and other factors common among cyber attacks; identify the points where human behavior played a critical role in maintaining or compromising the security of the system; recommend— changes to the design of devices, human-machine interfaces, technologies, and tools to optimize security that do not require a change in human behavior; changes to processes or operational procedures that do not require a change in human behavior; and training techniques to increase the capacity of employees to actively identify, prevent, or neutralize the impact of cyber attacks; and evaluate existing engineering and technical design criteria and guidelines that incorporate human factors research findings, and recommend criteria and guidelines for industrial control system cybersecurity tools that can be used to develop procurement guidance, including guidance for alarms, displays, and layouts.
In conducting the study, the Secretary shall consult with electricity sector stakeholders, professionals with expertise in human factors research, private sector industrial control system vendors, and other relevant parties. Not later than 24 months after the date of enactment of this Act, the Secretary shall submit to the Committee on Science, Space, and Technology of the House of Representatives and the Committee on Energy and Natural Resources of the Senate a report on the results of the study, including the findings of the Secretary on each of the items described in paragraph (3).
The Secretary, in collaboration with the National Institute of Standards and Technology, other Federal agencies, and electricity sector stakeholders, shall examine the risks associated with increasing penetration of digital technologies in operational networks. The study shall— evaluate the relative qualitative risks and benefits of various design and architecture options for electricity sector industrial control systems, including consideration of— designs that include both digital and analog control devices and technologies; different communication technologies used to move information and data between control system devices, technologies, and system operators; automated and human-in-the-loop devices and technologies; programmable versus non­pro­gram­ma­ble devices and technologies; and increased redundancy using dissimilar cybersecurity technologies; recommend methods or metrics to document changes in risks associated with system designs and architectures; provide recommendations for research, development, demonstration, and commercial application activities to address issues raised in subparagraphs
(A)and (B); and recommend guidance to minimize overall system risks. In conducting the study, the Secretary shall consult with electricity sector stakeholders, academic and private sector researchers, private sector industrial control system vendors, and other relevant parties. Not later than 24 months after the date of enactment of this Act, the Secretary shall submit to the Committee on Science, Space, and Technology of the House of Representatives and the Committee on Energy and Natural Resources of the Senate a report on the results of the study, including the findings of the Secretary on each of the items described in paragraph (2).
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.