Presentation is loading. Please wait.

Presentation is loading. Please wait.

CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson December 1, 2010.

Similar presentations


Presentation on theme: "CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson December 1, 2010."— Presentation transcript:

1 CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson Marianne.swanson@nist.gov December 1, 2010

2 Industry Update: FERC Standards Review (Annabelle Lee) CSWG PAP liaisons and their involvement in the PAPs will be discussed CSWG Standards subgroup lead will provide a review of what the standards subgroup has accomplished and the standard template the CSWG uses for the standard review process CSWG 3-year Plan (Marianne Swanson) A GENDA 2 November 30-December 3, 2010

3 FERC STANDARDS UPDATE Annabelle Lee annabelle.lee@ferc.gov 3 November 30-December 3, 2010

4 STANDARDS SUBGROUP & PAP LIAISONS Frances Cleaveland 4 November 30-December 3, 2010

5 CSWG Standards Subgroup Mission Identify and assess the cyber security contained within standards that are commonly used in smart grid applications to ensure adequate cyber security coverage is included Where adequate coverage is not included, to recommend changes that should be made to the standard or other standards that should be applied Have assessed 5 IEC standards and submitted them to FERC Have just finished assessing 9 standards from the NIST Priority Action Plans (PAPs) 5 November 30-December 3, 2010

6 General introduction Standards are at different layers in GWAC Stack Cybersecurity must reflect the environment where a standard is implemented, not the standard itself Standards include recommended practices and guidelines (could, should, may), as well as “thou shalt” standards Cybersecurity includes defense-in-depth – not only prevention, but attack detection, notification, coping during an attack, and retaining a audit trail Cybersecurity aspects of the standard: Assumptions Cybersecurity content Should the document contain cybersecurity? Mapping of security requirements to the NISTIR 7628 Catalog Approval/Disapproval Recommendations for next actions on cybersecurity Standards Review Template 6 November 30-December 3, 2010

7 Important Note: Assess Standards at theirAppropriate GWAC Stack Layer 7 November 30-December 3, 2010

8 Liaison twiki: http://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSWGLiaisonInformationhttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSWGLiaisonInformation Responsibilities Does the PAP, in general, cover cyber security? Is there a need for information assurance, protection, confidentiality, integrity, and / or availability within the PAP work? Is there a need for a network stack within the PAP? If yes, then cybersecurity needs to be added and/or reviewed. Is there a need for function definitions within the PAP? If yes, then cybersecurity needs to be added and/or reviewed. Is there a need for service definitions within the PAP? If yes, then cybersecurity needs to be added and/or reviewed Are there existing cyber security requirements within the PAP? If yes, then cybersecurity needs to be reviewed and evaluated CSWG PAP Liaison Responsibilities 8 November 30-December 3, 2010

9 Responsibilities continued Has the NISTIR 7628 been reviewed for applicable sections to the PAP? If no, then should it be reviewed? If yes, was the NISTIR 7628 adequately covered? Have there been any PAP timelines, due dates and deliverables established? If yes, then the CSWG and the Standards subgroup need to be notified and coordination with the Standards subgroup needs to be established If the PAP needs to cover cybersecurity or partially covers cybersecurity and needs more, then the CSWG PAP liaison should: Start actively participating in the PAP meetings and document reviews Report back to the CSWG and the CSWG Standards subgroup Participate in the cyber security review of the documents for the PAP Provide a brief status report on each Monday morning CSWG call CSWG PAP Liaison Responsibilities (con’t) 9 November 30-December 3, 2010

10 Five IEC Interoperability Standards Reviewed by NISTfor Cyber Security Gaps, then Passed to FERC IEC 60870-6 (better known as ICCP) Security provided by IEC 62351-3 (TLS over TCP/IP) and -4 (for MMS) IEC 61970 (Common Information Model (CIM) for transmission wires modeling) Abstract “Semantic Model” so no security needed in the standard IEC 61968 (CIM for distribution, AMI interfaces, asset management) Abstract “Semantic Model” so no security needed in the standard Recognition that security for CIM implementations is still lacking IEC 61850 (for substation automation, distribution automation, and Distributed Energy Resources (DER) Security provided by IEC 62351-3 (TLS over TCP/IP), -4 (for MMS), and -6 (for GOOSE) IEC 62351 Cyber Security Series (1-8) 10 November 30-December 3, 2010

11 Nine “Standards” Released by NIST Priority ActionPlans (PAPs) PAP 0: Meter Upgradeability Guidelines – addressed cyber security appropriately and mostly completely PAP 1: Internet Protocol Suite – IPsec and TLS. Recommended improved network and system management by “combining” SNMP and NetConf PAP 2: Wireless – identified cyber security measures at individual equipment level, but not at wireless system level PAP 4: Scheduling – ws-calendar is an abstract model, so no need to address cyber security in the standard PAP 5: Metering – identified some security issues with ANSI C12.xx 11 November 30-December 3, 2010

12 Nine “Standards” Released by NIST Priority ActionPlans (PAPs) (cont’d) PAP 10: Energy Usage – the NAESB Energy Usage models are abstract, so no need to address cyber security in the standard PAP 11: Plug-In Electric Vehicles – 3 standards Two SAE standards were acceptable from a cyber security perspective with some recommendations (electrical charger connections and PEV Use Cases) Third SAE standard had cyber security and design problems (partially since SEP 2.0 does not exist yet). Corrections will be made. 12 November 30-December 3, 2010

13 Next Standards Assessment Efforts Next standards to be assessed will be the “AMI” Standards, including the ANSI C12.xx series In the works --- PAP 3: Common Price Communication Model PAP 7: Energy Storage and Distributed Energy Resources (ES-DER) – defined in IEC 61850-7-420 and being mapped to both SEP 2.0 and DNP3 PAP 8: Distribution Management – Use Cases being defined in IEC 61850 (interactions with field devices) and in CIM (application-to-application interactions) PAP 9: Standard Demand Response Signals PAP 12: Mapping between IEC 61850 and DNP3 13 November 30-December 3, 2010

14 Twiki: http://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGStandardshttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGStandards Meetings: Fridays 13:00 Eastern Dial-in Information: 866-802-3515 X2817109# Mailing list: csctgstds@nist.govcsctgstds@nist.gov To join the mailing list contact tanya.brewer@nist.govtanya.brewer@nist.gov Chair contact information Frances Cleveland (fcleve@xanthus-consulting.com)fcleve@xanthus-consulting.com Contact Information for Standards Subgroup 14 November 30-December 3, 2010

15 CSWG 3-YEAR PLAN Marianne Swanson Marianne.swanson@nist.gov 15 November 30-December 3, 2010

16 Goal 1: Review identified standards against the requirements in the NIST Interagency Report (IR) 7628, Guidelines to Smart Grid Cyber Security National Electrical Manufacturers Association (NEMA) Upgradeability Standard (Q1 FY11) Smart Meter/ Advanced Metering Infrastructure (AMI) – related standards (Q2 FY 11) Institute of Electrical and Electronics Engineers (IEEE) 1547 and other standards related to renewable energy sources (Q3 FY 11) Electric vehicle-related standards (Q4 FY11) Demand Response (DR) and Home Area Network (HAN)-related standards (Q2 FY12) Cyber Security-related standards (Q1 FY12) New standards developed (Q1 FY11 – Q4 FY13) CSWG 3-Y EAR P LAN 16 November 30-December 3, 2010

17 Goal 2 – Design and build a conformity testing framework Establish a Testing & Certification subgroup in the Cyber Security Working Group (CSWG) (Q1 FY 11) Build a conformance test method for security to test AMI Upgradeability Standards (Q3 FY 12) Design a virtual test environment for use and posting of test tools, stubs, and drivers (Q4 FY12) Work with industry on the usability of the virtual test environment and improve the capability based on industry needs (Q4 FY13) Develop derived test requirements (DTR) and test reference material for security conformance activities of Federal Energy Regulatory Commission (FERC)-accepted standards (Q1FY12 – Q4 FY13) CSWG 3-Y EAR P LAN 17 November 30-December 3, 2010

18 Goal 2 – Design and build a conformity testing framework Scope and charter for the Testing & Certification subgroup (Q1 FY11) Documented test conformance methodology (Q3 FY 12) DTR (Q4 FY 12) Successful test demonstration (Q1 FY 13) Test report showing results (Q1 FY 13) DTR and test reference reports for security conformance (Q4 FY13) CSWG 3-Y EAR P LAN 18 November 30-December 3, 2010

19 Goal 3 – Conduct outreach, coordination, and collaboration Continued coordination and chairing of the CSWG (Ongoing) Conduct outreach and education meetings to stakeholders across the United States (Ongoing) Develop an introduction to the NISTIR 7628 (Q1 FY11) Coordinate and collaborate with the Smart Grid Interoperability Panel (SGIP) Priority Action Plans (PAPs) (Ongoing) Coordinate and collaborate with OpenSG (Ongoing) Begin initial discussion, collaboration with NERC, and ICS related organizations/activities (Q2 FY11) Provide guidance on implementing cyber security (Q2 FY 12 – Q2 FY13) CSWG 3-Y EAR P LAN 19 November 30-December 3, 2010

20 Goal 4 – Further development and refinement of specific Smart Grid areas Further identification of research and development (R&D) areas (Ongoing) Explore SCAP implementation for Smart Grid applications; develop SCAP Smart Grid protocols (Q3 FY11 – Q4 FY 13) Develop complementary smart grid security architecture to the SGIP-AC conceptual architecture (Q4 FY 11) Expanding research and discussion potential privacy issues in commercialized and industrial settings, and with electric vehicles (Q2 FY12) Accelerate the standardization of a set of AMI security requirements (Q4 FY11) CSWG 3-Y EAR P LAN 20 November 30-December 3, 2010

21 Goal 4 – Further development and refinement of specific Smart Grid areas Pilot Smart Grid and industrial control systems (ICS) security requirements (Q4 FY13) Research data management and the possible relationship to cloud computing (Q4 FY13) Research the unique supply chain issues around electric sector- specific products (Q4 FY12) CSWG 3-Y EAR P LAN ( CONT ’ D.) 21 November 30-December 3, 2010

22 T ESTING & C ERTIFICATION Twiki: http://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGTestinghttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CSCTGTesting Meetings: Tuesdays at 11:00 Eastern Dial-in Information: 866-793-6322 X3836162# Mailing list: csctgtest@nist.govcsctgtest@nist.gov To join the mailing list contact tanya.brewer@nist.govtanya.brewer@nist.gov Co-Chair contact information – Nelson Hastings: nelson.hastings@nist.govnelson.hastings@nist.gov – Sandy Bacik: sandy.bacik@enernex.comsandy.bacik@enernex.com – Robert Former: Robert.Former@itron.comRobert.Former@itron.com 22 November 30-December 3, 2010

23 T ESTING & C ERTIFICATION Completed SGIP Testing & Certification Committee Contributions Interoperability Process Reference Manual contributions of a basic security test definition and security testing best practices WIP Compile list of security testing frameworks that provide repeatable testing structures Compile list of security testing questions for utilities to use in request for proposals (RFPs) Compile list of security test case topics Compile list of general security test requirements based on the NISTIR 7628 volume 1 Compile list of general security test requirements based on the CSWG AMI-SEC subgroup requirements 23 November 30-December 3, 2010

24 Thank you to everyone for your contributions and support Teleconference Day & Time: Mondays, 11am Eastern Time (-5:00 GMT) Call-in number: 866-745-6097 Participant passcode: 7413006 Twiki: http://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CyberSecurityCTGhttp://collaborate.nist.gov/twiki- sggrid/bin/view/SmartGrid/CyberSecurityCTG W RAP - UP 24 November 30-December 3, 2010


Download ppt "CYBER SECURITY WORKING GROUP NOVEMBER 2010 Marianne Swanson December 1, 2010."

Similar presentations


Ads by Google