- (a) Not later than December 1, 2026, the security commission shall prepare and deliver to the legislature a plan for protecting critical infrastructure from all hazards, including a catastrophic loss of power in the state.
(b) The plan must include:
- (1) any weatherization recommendations in addition to requirements established under Section 35.0021 necessary to prevent outages of critical infrastructure from extreme cold weather events, an analysis of whether these recommendations would induce cyber vulnerabilities, and an analysis of the associated costs for these recommendations;
- (2) recommendations for installing, replacing, or upgrading industrial control systems and associated networks, or the use of compensating controls or procedures, in critical facilities to address cyber vulnerabilities;
- (3) recommendations for installing, replacing, or upgrading extra high-voltage power transformers and supervisory control and data acquisition systems to withstand 100 kilovolts/meter E1 electromagnetic pulses and 85 volts/kilometer E3 electromagnetic pulses;
- (4) a timeline for making improvements to critical infrastructure to meet resilience standards recommended by the security commission under Section 44.005;
(5) long-term resilience recommendations for supporting industries, including:
- (A) communications;
- (B) food supply;
- (C) fuel supply;
- (D) health care;
- (E) nuclear reactors, materials, and waste;
- (F) transportation; and
- (G) water and sewer services; and
- (6) any additional recommendations considered necessary by the security commission.
- (c) The security commission may consult with the Private Sector Advisory Council in developing the plan.
Added by Acts 2025, 89th Leg., R.S., Ch. 760 (S.B. 75), Sec. 3, eff. June 20, 2025.