NIST Guidelines for Smart Grid Cyber Security: Volume 3, Supportive Analyses and References
Book Details
Author(s)U.S. NIST
PublisherU.S. NIST
ISBN / ASINB00GZCJLHA
ISBN-13978B00GZCJLH2
MarketplaceUnited Kingdom 🇬🇧
Description
CONTENT OF THE REPORT
Chapter 6 – Vulnerability Classes includes classes of potential vulnerabilities for the Smart Grid. Individual vulnerabilities are classified by category.
Chapter 7 – Bottom-Up Security Analysis of the Smart Grid identifies a number of specific security problems in the Smart Grid. Currently, these security problems do not have specific solutions.
Chapter 8 – Research and Development Themes for Cyber Security in the Smart Grid includes R&D themes that identify where the state of the art falls short of meeting the envisioned functional, reliability, and scalability requirements of the Smart Grid.
Chapter 9 – Overview of the Standards Review includes an overview of the process that is being used to assess standards against the high level security requirements included in this report.
Chapter 10 – Key Power System Use Cases for Security Requirements identifies key use cases that are architecturally significant with respect to security requirements for the Smart Grid.
Appendix F – Logical Architecture and Interfaces of the Smart Grid
Appendix G – Analysis Matrix of Interface Categories
Appendix H – Mappings to the High Level Security Requirements
Appendix I – Glossary and Acronyms
Appendix J – SGIP-CSWG Membership
This book is intended to be used by those responsible for designing, implementing, operating or procuring some part of the electric grid. It contains a list of five classes of potential vulnerabilities with descriptions of specific areas that can make an organization vulnerable as well as the possible impacts to an organization should the vulnerability be exercised. For the purpose of this document, a vulnerability class is a category of weakness which could adversely impact the operation of the electric grid. A “vulnerability†is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. This document contains a number of possible vulnerabilities, identified by management, operational and technical categories. It is best used as a stimulus for detailed risk analysis of real or proposed systems, and while it was created from many sources of vulnerability information, including NIST 800-82, Guide to Industrial Control Systems Security, and 800-53 Rev. 3, Recommended Security Controls for Federal Information Systems and Organizations, Open Web Application Security Project (OWASP) vulnerabilities, National Vulnerability Database Common Weakness Enumeration (CWE) vulnerabilities, attack documentation from Idaho National Laboratory (INL), input provided by the NIST CSWG Bottom-Up group, and the North American Electric Reliability Corporation Critical Infrastructure Protection Standards (NERC CIP) standards, it is just a starting point for more detailed vulnerability identification in future CSWG work efforts.
Chapter 6 – Vulnerability Classes includes classes of potential vulnerabilities for the Smart Grid. Individual vulnerabilities are classified by category.
Chapter 7 – Bottom-Up Security Analysis of the Smart Grid identifies a number of specific security problems in the Smart Grid. Currently, these security problems do not have specific solutions.
Chapter 8 – Research and Development Themes for Cyber Security in the Smart Grid includes R&D themes that identify where the state of the art falls short of meeting the envisioned functional, reliability, and scalability requirements of the Smart Grid.
Chapter 9 – Overview of the Standards Review includes an overview of the process that is being used to assess standards against the high level security requirements included in this report.
Chapter 10 – Key Power System Use Cases for Security Requirements identifies key use cases that are architecturally significant with respect to security requirements for the Smart Grid.
Appendix F – Logical Architecture and Interfaces of the Smart Grid
Appendix G – Analysis Matrix of Interface Categories
Appendix H – Mappings to the High Level Security Requirements
Appendix I – Glossary and Acronyms
Appendix J – SGIP-CSWG Membership
This book is intended to be used by those responsible for designing, implementing, operating or procuring some part of the electric grid. It contains a list of five classes of potential vulnerabilities with descriptions of specific areas that can make an organization vulnerable as well as the possible impacts to an organization should the vulnerability be exercised. For the purpose of this document, a vulnerability class is a category of weakness which could adversely impact the operation of the electric grid. A “vulnerability†is a weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. This document contains a number of possible vulnerabilities, identified by management, operational and technical categories. It is best used as a stimulus for detailed risk analysis of real or proposed systems, and while it was created from many sources of vulnerability information, including NIST 800-82, Guide to Industrial Control Systems Security, and 800-53 Rev. 3, Recommended Security Controls for Federal Information Systems and Organizations, Open Web Application Security Project (OWASP) vulnerabilities, National Vulnerability Database Common Weakness Enumeration (CWE) vulnerabilities, attack documentation from Idaho National Laboratory (INL), input provided by the NIST CSWG Bottom-Up group, and the North American Electric Reliability Corporation Critical Infrastructure Protection Standards (NERC CIP) standards, it is just a starting point for more detailed vulnerability identification in future CSWG work efforts.
More Books by U.S. NIST
