Punching Up Smart Grid Security Standards

Friday, May 13, 2011 @ 02:05 PM gHale

Cyber security measures should increase in smart grid standards for wireless communications and smart metering the next time they undergo revision, said the Smart Grid Interoperability Panel’s (SGIP) Cyber Security Working Group (CSWG) chairperson, Marianne Swanson.

SGIP, set up by the National Institute of Standards and Technology (NIST), just approved standards for smart meters and wireless devices designed to improve interoperability and security of the smart grid electricity system.

Almost every house has an electricity meter, and the Meter Upgradeability Standard (PAP 0) ensures the new generation of smart electricity meters does not become obsolete, NIST said.

In addition, the Guidelines for Assessing Wireless Communications for Smart Grid Applications (PAP 2) cover standards necessary for wireless communications between all devices connected to the smart grid, including a range of components in generation plants, substations, and transmission systems, NIST said.

In addition to interoperability standards, PAP 0 and PAP 2 contain general cyber security provisions designed to protect the grid from sabotage or data theft. Swanson said the CSWG reviewed PAP 0 and PAP 2 and made recommendations for improvements in cyber security for future revisions.

“These standards as they stand are good [from a cyber security perspective], but when you go to revise them, you should include these other things,” Swanson said. “From a security perspective, we will always find something that needs to be tweaked.”

On the smart meter standard, the CSWG recommended physical access and environmental security for meter upgrades work through local access methods; maintenance of a secure, intact audit log (i.e., not modified or erased) occur during an upgrade; and protection of timestamps and time synchronization work in during upgrades.

On the wireless communications guidelines, the group recommended future guidelines require a risk assessment to determine applicable security requirements; assess the various cyber security techniques used with wireless systems, as well as assess the impact of these cyber security techniques on complete wireless systems; and develop additional use cases that cover wireless-specific cyber security requirements.

NIST chairs the CSWG, which includes 600 members from government and private industry from around the world, Swanson said.

Leave a Reply

You must be logged in to post a comment.