CONTENT OF THE REPORT
Chapter 1 – Cyber Security Strategy includes background information on the Smart Grid and the importance of cyber security in ensuring the reliability of the grid and the confidentiality of specific information. It also discusses the cyber security strategy for the Smart Grid and the specific tasks within this strategy.
Chapter 2 – Logical Architecture includes a high level diagram that depicts a composite high level view of the actors within each of the Smart Grid domains and includes an overall logical reference model of the Smart Grid, including all the major domains. The chapter also includes individual diagrams for each of the 22 logical interface categories. This architecture focuses on a short-term view (1–3 years) of the Smart Grid.
Chapter 3 – High Level Security Requirements specifies the high level security requirements for the Smart Grid for each of the 22 logical interface categories included in Chapter 2.
Chapter 4 – Cryptography and Key Management identifies technical cryptographic and key management issues across the scope of systems and devices found in the Smart Grid along with potential alternatives.
Appendix A – Crosswalk of Cyber Security Documents
Appendix B – Example Security Technologies and Procedures to Meet the High Level Security Requirements
CYBER SECURITY STRATEGY
With the implementation of the Smart Grid has come an increase in the importance of the information technology (IT) and telecommunications infrastructures in ensuring the reliability and security of the electric sector. Therefore, the security of systems and information in the IT and telecommunications infrastructures must be addressed by an evolving electric sector. Security must be included in all phases of the system development life cycle, from design phase through implementation, maintenance, and disposition/sunset.
Cyber security must address not only deliberate attacks launched by disgruntled employees, agents of industrial espionage, and terrorists, but also inadvertent compromises of the information infrastructure due to user errors, equipment failures, and natural disasters. Vulnerabilities might allow an attacker to penetrate a network, gain access to control software, and alter load conditions to destabilize the grid in unpredictable ways. The need to address potential vulnerabilities has been acknowledged across the federal government, including the National Institute of Standards and Technology (NIST)4, the Department of Homeland Security (DHS),5 the Department of Energy (DOE),6 and the Federal Energy Regulatory Commission (FERC).7
Additional risks to the grid include:
Increasing the complexity of the grid could introduce vulnerabilities and increase exposure to potential attackers and unintentional errors;
Interconnected networks can introduce common vulnerabilities;
Increasing vulnerabilities to communication disruptions and the introduction of malicious software/firmware or compromised hardware could result in denial of service (DoS) or other malicious attacks;
Increased number of entry points and paths are available for potential adversaries to exploit;
Interconnected systems can increase the amount of private information exposed and increase the risk when data is aggregated;
Increased use of new technologies can introduce new vulnerabilities; and
Expansion of the amount of data that will be collected that can lead to the potential for compromise of data confidentiality, including the breach of customer privacy.
NIST Guidelines for Smart Grid Cyber Security: Volume 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements
📄 Viewing lite version
Full site ›
Price not listed
🛒 Buy New on Amazon 🇺🇸
Book Details
Author(s)U.S. NIST
PublisherU.S. NIST
ISBN / ASINB00GZCJEQ8
ISBN-13978B00GZCJEQ2
Sales Rank99,999,999
MarketplaceUnited States 🇺🇸