Smart Grid Security Guidelines

Monday, January 31, 2011 @ 03:01 PM gHale

There is now a series of Smart Grid related Cyber Security documents providing prescriptive, actionable guidance for utilities and vendors implementing Smart Grid systems.

The documents, also referred to as Cyber Security Profiles, are part of the 2010 phase of the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG) to accelerate the development of security requirements and standards for the electric utility industry.

Power industry service provider, EnerNex, along with the utilities of the Open Smart Grid Subcommittee of the UCA International Users Group in collaboration with the U.S. Department of Energy (DOE), the Electric Power Research Institute (EPRI), and other interested parties, joined to form ASAP-SG.

ASAP-SG provides all electric utilities uniform access to a greater body of knowledge and expertise than would otherwise be available to any one utility. Currently the team has begun development on a Wide Area Management, Protection and Control Security Profile that includes SynchroPhasors.

The project is a utility-driven, public-private collaborative effort to develop recommendations and best practices for architecting, designing, acquiring, integrating, and operating smart grid systems. DOE is helping to support ASAP-SG by matching contributions from utilities dollar-for-dollar.

“These deliverables are vital to the industry as utilities are deploying smart grid systems and infrastructure,” said Bobby Brown, director of communication and information systems security for EnerNex and project manager of ASAP-SG. “This clear, actionable guidance outlined in these documents ensure security is built-in to the deployment of Smart Grid.”

In the first phase of the project, they produced three application centric Security guidelines and delivered them to the Open Smart Grid Subcommittee and National Institute of Standards and Technology (NIST) Smart Grid Interoperability Panel (SGIP) – Cyber Security Working Group covering:

• Advanced Metering Infrastructure (AMI)

• Third Party Energy Data Access

• Distribution Management

To view the documents go to the website and click on Creative Commons 3.0.
Organizations participating in creating the documents include, EnerNex, EPRI, Consumers Energy, Florida Power & Light, Pacific Gas and Electric (PG&E), Southern California Edison, InGuardians, Oak Ridge National Laboratory and the Software Engineering Institute at Carnegie Mellon University.

The project is also contributing work to other standards bodies, such as the International Electrotechnical Commission (IEC) 62351 Data and Communications Security, to facilitate and accelerate community Cyber Security efforts.

Leave a Reply

You must be logged in to post a comment.