Thursday, November 7, 2013

NIST Smart Grid Cybersecurity Guidelines

NIST has released a draft set of guidelines for smart grid cyber security which you can find here.  It's a big, three volume document and I have just started to read it.

Volume 1 concentrates on development, architecture, and high-level requirements.  It first presents a logical architecture of the smart grid, at least for the 1-3 year time frame and its major components; based on that architecture it identifies 22 logical interface categories.  It then specifies security requirements for each of the 22 interface categories.  It then goes onto describe cryptographic and key management issues.

Volume 2 concentrates on privacy.  Privacy is a key issue because the information that the smart grid uses to optimize energy usage can also divulge other properties that a customer or energy provider may not want to provide: how they use their facilities, when they are home, etc.

Volume 3 provides some additional analysies.  It talks about classes of vulnerabilities, provides a bottom-up security analysis of the smart grid, and identifies research and development themes for smart grid cyber security.  It also provides use cases for the power system relevant to security requirements.

No comments:

Post a Comment