CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson December 1, 2010.

Slides:



Advertisements
Similar presentations
NIST Interoperability Framework for the Smart Grid
Advertisements

Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.
Doc.: IEEE Submission, Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [NIST Framework.
UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.
May 2010 Slide 1 SG Communications Boot Camp Matt Gillmore 03/07/11.
© 2011 EnerNex. All Rights Reserved. The Current State of Smart Grid Interoperability Standards SGIP-NIST Update: Project AMIT Stakeholder.
September 30, 2011 OASIS Open Smart Grid Reference Model: Standards Landscape Analysis.
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Cyber Security Working Group March 17, Smart Grid Cyber Security Strategy Establishment of a Cyber Security Coordination Task Group (CSCTG) Established.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
CATALOG OF STANDARDS Mark Klerer 2 December 2010.
Halifax, 31 Oct – 3 Nov 2011Global Standards Collaboration Smart Grid Standardization Activities David Su, TIA, NIST Document No: GSC16-PLEN-35 Source:
OpenFMB Specification Development Plan
EPRI Smart Grid Demonstration and CIM Standards Development
OpenFMB Specification Development Plan
Security Conformity March 10, 2011 SF Bay Area. Agenda for Thursday, March 10th Discuss Security Testing & Certification Authority Review Security Testing.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All Gale Lightfoot, Senior Staff Program Manager, Office of the CTO, SPB Cisco ATIS and the Smart Grid.
SMART GRID: Privacy Awareness and Training – A Starting Point for Utilities October 2011 SGIP-CSWG Privacy Group 1.
The NIST Smart Grid Interoperability Framework and the Role of CIM Jerry FitzPatrick National Institute of Standards and Technology CIM Users Group Meeting.
1 ISO/RTO Council Wholesale Demand Response Projects & OpenADR David Forfia.
1 Accelerating Standards for the Smart Grid David Wollman National Institute of Standards and Technology
SMART GRID: Privacy Awareness and Training – for PUCs/PSCs A Starting Point December 2011 SGIP-CSWG Privacy Group 1 DRAFT.
TIA/ANSI Presentation on New and Novel Topic (NNT) Agenda Item 7 “Smart Grid” David Su DOCUMENT #:GSC14-PLEN-013 R1 FOR:Presentation SOURCE:TIA/ANSI/NIST.
Cisco Confidential 1 © 2011 Cisco and/or its affiliates. All rights reserved. From Catalog of Standards to Interoperable Deployments A Field Area Network.
Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:
Jerry FitzPatrick, NIST Chair Wednesday, May 26. Introduction - IKB PAP8 PAP14 DEWG Charter What should the T&D DEWG be doing? T&D DEWG or T and D DEWGs?
Smart Grid Standards Bill Moroney President & Chief Executive Utilities Telecom Council.
SMART GRID INTEROPERABILITY PANEL WINTER 2012 FACE-TO-FACE IRVING, TEXAS  DEC. 3-6, 2012 TECHNOLOGY ADOPTION AND THE VALUE OF INDUSTRY COLLABORATION William.
DOCUMENT #:GSC15-PLEN-08 FOR:Presentation SOURCE:ISACC AGENDA ITEM:Opening Plenary (4.5) CONTACT(S):Jim MacFie ISACC Activities Since GSC-14 Jim MacFie.
Smart Grid Interoperability Standards George W. Arnold, Eng.Sc.D. National Coordinator for Smart Grid Interoperability National Institute of Standards.
DOE’s Smart Grid R&D Needs Steve Bossart Energy Analyst U.S. Department of Energy National Energy Technology Laboratory Materials Challenges in Alternative.
SGTCC END TO END TESTING INITIATIVE APEC-ISGAN Smart Grid Test Bed Network Workshop Washington, DC -- January 24, 2012 Rik Drummond, Dean Prochaska, Rudi.
Introduction & Overview April 11, 2011 Barry Haaser Managing Director.
John McDonald 05 November 2013 SGIP Members Meeting.
Al Hefner (NIST Lead) Frances Cleveland (Technical Champion)
FirstEnergy / Jersey Central Power & Light Integrated Distributed Energy Resources (IDER) Joseph Waligorski FirstEnergy Grid-InterOp 2009 Denver, CO November.
Facility Smart Grid Information Model
Update on the NIST Smart Grid Standardization Efforts Nada Golmie National Institute of Standards and Technology November 16, 2009.
Common Information Model and EPRI Smart Grid Research
1 OpenADR Taskforce Chair – Albert Chiu Co-chair – Ed Koch Technical Editors – Bruce Bartell, Gerald Gray.
Doc.: IEEE /0047r1 Submission SGIP Liaison Report to IEEE Following the SGIP (2.0) Inaugural Conference Nov 5-7, 2013 Date:
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Halifax, 31 Oct – 3 Nov 2011ICT Accessibility For All SMART GRID ICT: SECURITY, INTEROPERABILITY & NEXT STEPS John O’Neill, Senior Project Manager CSA.
1 Re-energizing America: Establishing Standards for a Nationwide Smart Grid Dean Prochaska National Coordinator for Smart Grid Conformance National Institute.
OpenSG Status UCAIug Members Meeting Chris Knudsen – Chair Gary Stuebing – Vice-Chair November 9 th, 2009.
Smart Grid Interoperability Panel & ISO / RTO Council Smart Grid Projects David Forfia SGIP Governing Board Member – Stakeholder Category 21 ISO/RTO Sponsor.
1 SGIP PAP 11 PEV V2G DEWG Dec 2-3, 2010 Grid InterOp 2010 Eric Simmon, NIST Jerry Melcher, EnerNex SGIP PAP 11 PEV V2G DEWG Grid InterOp 2010 Meeting.
Interoperability Standards and Next Generation Interconnectivity Pankaj Batra Chief (Engineering) CERC.
The Framework and Roadmap for Smart Grid A Presentation by David Sorensen of WestCAMP at the September 13 th Meeting of PNCECE in Spokane 1.
The Smart Grid: Re-powering America George W. Arnold National Coordinator for Smart Grid Interoperability NIST Gaithersburg, MD April 28, 2010.
IEC TC57 Smart Grid Activities Scott Neumann USNC TA IEC TC57 November 6, 2009.
IEC TC57 Smart Grid Task Force Ed Dobrowolski for Scott Neumann 16 June 2010.
OpenHAN SRS v1.95 Overview June 8, OpenHAN SRS v Introduction  OpenHAN area of focus within the NIST conceptual model.
DOCUMENT #:GSC15-PLEN-52 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN 6.11 CONTACT(S):Maria Estefania ATIS and.
May 2010 Slide 1 SG Communications Boot Camp Matt Gillmore 11/1/2010.
A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.
Results from the Grid 3.0 Interoperability Workshop Discussion with the SGIP Technical Committee 2/16/16.
Jeju, 13 – 16 May 2013Standards for Shared ICT Dr. Farrokh Khatibi Director of Engineering Qualcomm ATIS and the Smart Grid Document No: GSC17-PLEN-63.
© 2011 EnerNex. All Rights Reserved. NERC Update  2011 GridEx – Cybersecurity exercise completed yesterday  Smart Grid Task Force  Cyber.
JU September Stakeholder Engagement Conference Webinar #1
Enabling Standards for Demand Side Management
Smart Grid Interoperability Standards
HIS Smart Grid – Summary (1)
Frances Cleveland Convenor WG15
Karen Bartleson, President, IEEE Standards Association
Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: [Smart Grid Overview] Date Submitted: [13.
IEC TC57 Smart Grid Activities
NIST PAP Assignments to CIM User Group and/or IEC TC57
Group Meeting Ming Hong Tsai Date :
Conformity Assessment
Presentation transcript:

CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson December 1, 2010

Industry Update: FERC Standards Review (Annabelle Lee) CSWG PAP liaisons and their involvement in the PAPs will be discussed CSWG Standards subgroup lead will provide a review of what the standards subgroup has accomplished and the standard template the CSWG uses for the standard review process CSWG 3-year Plan (Marianne Swanson) A GENDA 2 November 30-December 3, 2010

FERC STANDARDS UPDATE Annabelle Lee 3 November 30-December 3, 2010

STANDARDS SUBGROUP & PAP LIAISONS Frances Cleaveland 4 November 30-December 3, 2010

CSWG Standards Subgroup Mission Identify and assess the cyber security contained within standards that are commonly used in smart grid applications to ensure adequate cyber security coverage is included Where adequate coverage is not included, to recommend changes that should be made to the standard or other standards that should be applied Have assessed 5 IEC standards and submitted them to FERC Have just finished assessing 9 standards from the NIST Priority Action Plans (PAPs) 5 November 30-December 3, 2010

General introduction Standards are at different layers in GWAC Stack Cybersecurity must reflect the environment where a standard is implemented, not the standard itself Standards include recommended practices and guidelines (could, should, may), as well as “thou shalt” standards Cybersecurity includes defense-in-depth – not only prevention, but attack detection, notification, coping during an attack, and retaining a audit trail Cybersecurity aspects of the standard: Assumptions Cybersecurity content Should the document contain cybersecurity? Mapping of security requirements to the NISTIR 7628 Catalog Approval/Disapproval Recommendations for next actions on cybersecurity Standards Review Template 6 November 30-December 3, 2010

Important Note: Assess Standards at theirAppropriate GWAC Stack Layer 7 November 30-December 3, 2010

Liaison twiki: sggrid/bin/view/SmartGrid/CSWGLiaisonInformationhttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSWGLiaisonInformation Responsibilities Does the PAP, in general, cover cyber security? Is there a need for information assurance, protection, confidentiality, integrity, and / or availability within the PAP work? Is there a need for a network stack within the PAP? If yes, then cybersecurity needs to be added and/or reviewed. Is there a need for function definitions within the PAP? If yes, then cybersecurity needs to be added and/or reviewed. Is there a need for service definitions within the PAP? If yes, then cybersecurity needs to be added and/or reviewed Are there existing cyber security requirements within the PAP? If yes, then cybersecurity needs to be reviewed and evaluated CSWG PAP Liaison Responsibilities 8 November 30-December 3, 2010

Responsibilities continued Has the NISTIR 7628 been reviewed for applicable sections to the PAP? If no, then should it be reviewed? If yes, was the NISTIR 7628 adequately covered? Have there been any PAP timelines, due dates and deliverables established? If yes, then the CSWG and the Standards subgroup need to be notified and coordination with the Standards subgroup needs to be established If the PAP needs to cover cybersecurity or partially covers cybersecurity and needs more, then the CSWG PAP liaison should: Start actively participating in the PAP meetings and document reviews Report back to the CSWG and the CSWG Standards subgroup Participate in the cyber security review of the documents for the PAP Provide a brief status report on each Monday morning CSWG call CSWG PAP Liaison Responsibilities (con’t) 9 November 30-December 3, 2010

Five IEC Interoperability Standards Reviewed by NISTfor Cyber Security Gaps, then Passed to FERC IEC (better known as ICCP) Security provided by IEC (TLS over TCP/IP) and -4 (for MMS) IEC (Common Information Model (CIM) for transmission wires modeling) Abstract “Semantic Model” so no security needed in the standard IEC (CIM for distribution, AMI interfaces, asset management) Abstract “Semantic Model” so no security needed in the standard Recognition that security for CIM implementations is still lacking IEC (for substation automation, distribution automation, and Distributed Energy Resources (DER) Security provided by IEC (TLS over TCP/IP), -4 (for MMS), and -6 (for GOOSE) IEC Cyber Security Series (1-8) 10 November 30-December 3, 2010

Nine “Standards” Released by NIST Priority ActionPlans (PAPs) PAP 0: Meter Upgradeability Guidelines – addressed cyber security appropriately and mostly completely PAP 1: Internet Protocol Suite – IPsec and TLS. Recommended improved network and system management by “combining” SNMP and NetConf PAP 2: Wireless – identified cyber security measures at individual equipment level, but not at wireless system level PAP 4: Scheduling – ws-calendar is an abstract model, so no need to address cyber security in the standard PAP 5: Metering – identified some security issues with ANSI C12.xx 11 November 30-December 3, 2010

Nine “Standards” Released by NIST Priority ActionPlans (PAPs) (cont’d) PAP 10: Energy Usage – the NAESB Energy Usage models are abstract, so no need to address cyber security in the standard PAP 11: Plug-In Electric Vehicles – 3 standards Two SAE standards were acceptable from a cyber security perspective with some recommendations (electrical charger connections and PEV Use Cases) Third SAE standard had cyber security and design problems (partially since SEP 2.0 does not exist yet). Corrections will be made. 12 November 30-December 3, 2010

Next Standards Assessment Efforts Next standards to be assessed will be the “AMI” Standards, including the ANSI C12.xx series In the works --- PAP 3: Common Price Communication Model PAP 7: Energy Storage and Distributed Energy Resources (ES-DER) – defined in IEC and being mapped to both SEP 2.0 and DNP3 PAP 8: Distribution Management – Use Cases being defined in IEC (interactions with field devices) and in CIM (application-to-application interactions) PAP 9: Standard Demand Response Signals PAP 12: Mapping between IEC and DNP3 13 November 30-December 3, 2010

Twiki: sggrid/bin/view/SmartGrid/CSCTGStandardshttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGStandards Meetings: Fridays 13:00 Eastern Dial-in Information: X # Mailing list: To join the mailing list contact Chair contact information Frances Cleveland Contact Information for Standards Subgroup 14 November 30-December 3, 2010

CSWG 3-YEAR PLAN Marianne Swanson 15 November 30-December 3, 2010

Goal 1: Review identified standards against the requirements in the NIST Interagency Report (IR) 7628, Guidelines to Smart Grid Cyber Security National Electrical Manufacturers Association (NEMA) Upgradeability Standard (Q1 FY11) Smart Meter/ Advanced Metering Infrastructure (AMI) – related standards (Q2 FY 11) Institute of Electrical and Electronics Engineers (IEEE) 1547 and other standards related to renewable energy sources (Q3 FY 11) Electric vehicle-related standards (Q4 FY11) Demand Response (DR) and Home Area Network (HAN)-related standards (Q2 FY12) Cyber Security-related standards (Q1 FY12) New standards developed (Q1 FY11 – Q4 FY13) CSWG 3-Y EAR P LAN 16 November 30-December 3, 2010

Goal 2 – Design and build a conformity testing framework Establish a Testing & Certification subgroup in the Cyber Security Working Group (CSWG) (Q1 FY 11) Build a conformance test method for security to test AMI Upgradeability Standards (Q3 FY 12) Design a virtual test environment for use and posting of test tools, stubs, and drivers (Q4 FY12) Work with industry on the usability of the virtual test environment and improve the capability based on industry needs (Q4 FY13) Develop derived test requirements (DTR) and test reference material for security conformance activities of Federal Energy Regulatory Commission (FERC)-accepted standards (Q1FY12 – Q4 FY13) CSWG 3-Y EAR P LAN 17 November 30-December 3, 2010

Goal 2 – Design and build a conformity testing framework Scope and charter for the Testing & Certification subgroup (Q1 FY11) Documented test conformance methodology (Q3 FY 12) DTR (Q4 FY 12) Successful test demonstration (Q1 FY 13) Test report showing results (Q1 FY 13) DTR and test reference reports for security conformance (Q4 FY13) CSWG 3-Y EAR P LAN 18 November 30-December 3, 2010

Goal 3 – Conduct outreach, coordination, and collaboration Continued coordination and chairing of the CSWG (Ongoing) Conduct outreach and education meetings to stakeholders across the United States (Ongoing) Develop an introduction to the NISTIR 7628 (Q1 FY11) Coordinate and collaborate with the Smart Grid Interoperability Panel (SGIP) Priority Action Plans (PAPs) (Ongoing) Coordinate and collaborate with OpenSG (Ongoing) Begin initial discussion, collaboration with NERC, and ICS related organizations/activities (Q2 FY11) Provide guidance on implementing cyber security (Q2 FY 12 – Q2 FY13) CSWG 3-Y EAR P LAN 19 November 30-December 3, 2010

Goal 4 – Further development and refinement of specific Smart Grid areas Further identification of research and development (R&D) areas (Ongoing) Explore SCAP implementation for Smart Grid applications; develop SCAP Smart Grid protocols (Q3 FY11 – Q4 FY 13) Develop complementary smart grid security architecture to the SGIP-AC conceptual architecture (Q4 FY 11) Expanding research and discussion potential privacy issues in commercialized and industrial settings, and with electric vehicles (Q2 FY12) Accelerate the standardization of a set of AMI security requirements (Q4 FY11) CSWG 3-Y EAR P LAN 20 November 30-December 3, 2010

Goal 4 – Further development and refinement of specific Smart Grid areas Pilot Smart Grid and industrial control systems (ICS) security requirements (Q4 FY13) Research data management and the possible relationship to cloud computing (Q4 FY13) Research the unique supply chain issues around electric sector- specific products (Q4 FY12) CSWG 3-Y EAR P LAN ( CONT ’ D.) 21 November 30-December 3, 2010

T ESTING & C ERTIFICATION Twiki: sggrid/bin/view/SmartGrid/CSCTGTestinghttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGTesting Meetings: Tuesdays at 11:00 Eastern Dial-in Information: X # Mailing list: To join the mailing list contact Co-Chair contact information – Nelson Hastings: – Sandy Bacik: – Robert Former: 22 November 30-December 3, 2010

T ESTING & C ERTIFICATION Completed SGIP Testing & Certification Committee Contributions Interoperability Process Reference Manual contributions of a basic security test definition and security testing best practices WIP Compile list of security testing frameworks that provide repeatable testing structures Compile list of security testing questions for utilities to use in request for proposals (RFPs) Compile list of security test case topics Compile list of general security test requirements based on the NISTIR 7628 volume 1 Compile list of general security test requirements based on the CSWG AMI-SEC subgroup requirements 23 November 30-December 3, 2010

Thank you to everyone for your contributions and support Teleconference Day & Time: Mondays, 11am Eastern Time (-5:00 GMT) Call-in number: Participant passcode: Twiki: sggrid/bin/view/SmartGrid/CyberSecurityCTGhttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CyberSecurityCTG W RAP - UP 24 November 30-December 3, 2010

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.