Cyber Security working Group November 2010 - PowerPoint PPT Presentation

1 / 35
About This Presentation

Cyber Security working Group November 2010


Title: SGIP Update Meetings Author: NIST Last modified by: Sandy Bacik Created Date: 12/8/2009 12:58:59 AM Document presentation format: On-screen Show (4:3) – PowerPoint PPT presentation

Number of Views:161
Avg rating:3.0/5.0
Slides: 36
Provided by: NIST150


Transcript and Presenter's Notes

Title: Cyber Security working Group November 2010

Cyber Security working GroupNovember 2010
  • Marianne Swanson
  • November 30, 2010

  • Industry Update NESCO (Rhonda Dunfee)
  • Subgroup Updates (Subgroup Leads)

November 30-December 3, 2010
The NESCO Group EnergySec EPRI
  • Rhonda Dunfee

November 30-December 3, 2010
Roadmap Updated to Include Smart Grid
  • Published in January 2006, updated Roadmap in
  • Energy Sectors synthesis of critical control
    system security challenges, RD needs, and
    implementation milestones
  • Provides strategic framework to
  • align activities to sector needs
  • coordinate public and private programs
  • stimulate investments in control systems security

Roadmap Vision In 10 years, control systems for
critical applications will be designed,
installed, operated, and maintained to survive an
intentional cyber assault with no loss of
critical function.
The NESCO Group
  • Mission Lead a broad-based, public-private
    partnership to improve electric sector energy
    systems cyber security
  • Vision An industry owned and operated group that
    supports electric sector response efforts to
    address cyber events
  • Goals
  • Identify and disseminate cyber security best
    practices to the sector
  • Analyze, monitor and relay infrastructure
    weakness and threat information
  • Work with federal agencies to improve electric
    sector cyber security
  • Encourage key electric sector supplier and vendor
    support / interaction

The NESCO Group Funding
  • 16.2M Cost-sharing award (10M Federal)
  • EnergySec NESCO (Total 9,752,730)
  • EPRI NESCOR a research and analysis resource
    for NESCO (Total 6,662,500)

Activities To Date
  • Sep 30 Completed
  • Internal DOE meeting to discuss expectations and
  • Meetings with EnergySec and EPRI discussing
  • Definitized EnergySec agreement awarded (eff. Oct
  • Undefinitized EPRI agreement awarded (expected
    definitization Dec 31)
  • Nov 2-3 Visit with ICS-CERT at Idaho National
  • Nov 3-4 Participation in the TCIPG Industry
  • Nov 17 Kickoff Meeting for NESCO/NESCOR
  • Identify key milestones and deliverables
  • Discuss expectations
  • Nov 18 Informational Briefing for Federal
    Partners in DC
  • Dec 1 Participation in the CIP Congress at the
    National Harbor
  • Dec 8-9 Participation in CIPC in Tampa

NESCO - EnergySec
  • 501(c)(3) non-profit organization
  • 401 active portal users from 108 unique
  • Organizations represent 54.92 U.S. generation
    and 66.79 electric distribution
  • Current board of directors and advisory team
    consist of industry professionals in information
    security, physical security, engineering, plant
    operations, disaster recover, telecommunications,
  • First deliverable complete Closed mailing list
    to replace the general EnergySec Forum and enable
    participants to more easily interact

Strengthen the Cyber Security Posture of the
Electric Sector
  • Establish a broad-based public-private
    partnership for collaboration and cooperation
  • Develop NESCO membership
  • Conduct Town Hall Meetings
  • Improve collaboration with government
  • Reach out to other industry groups, academia and
  • For example, ES-ISAC, ICSJWG, NERC
  • Encourage vendor and manufacturer involvement in

EnergySec Portal
Enhance Electric Infrastructure Reliability and
Cyber Security Solutions Development
  • Coordinate end user testing opportunities for
    projects and research requiring broad industry
    adoption for success
  • Create code and best practices repository
  • Create working groups to evaluate incidents and
    best practices

Provide a Path for Rapid Information Dissemination
  • Establish a rapid notification system
  • Develop situational awareness information
    dissemination system for threat and vulnerability
  • Enhance collaboration web portal
  • Institute the capability to share information,
    best practices, resources, and solutions to and
    from domestic and international electric sector

Provide Data Analysis and Forensics Capabilities
to Assess Cyber-Related Threats and Events
  • Provide on-demand service to conduct forensics
    for cyber security breaches through external
    organizations who are forensics leaders
  • Design and implement a data analysis program

Additional Tasks
  • Project management
  • Assist in developing strategies to protect the
    energy infrastructure
  • Stimulate support and interaction with key
    electric sector suppliers and vendors

Electric Power Research Institute
  • Independent nonprofit organization
  • Conducts RD relating to the generation, delivery
    and use of electricity
  • Members represent more than 90 of the
    electricity generated and delivered in the U.S.
  • International partnership includes 40 countries

Collaborate and provide input to NESCO
  • Support NESCO in enhancing collection and
    dissemination of threat and vulnerability
    information to industry
  • Assist NESCO and others in developing strategies
    to identify and prepare for immediate and future
    challenges to grid reliability, resiliency, and
  • Review and assess existing cyber security
    standards to meet requirements and identify gaps
    in cyber security capabilities
  • Conduct cost-benefit analyses of graded risk
    management approach
  • Develop testing methodologies and facilitate

Information Sharing Approach
  • Building on EnergySecs past successes
  • Keys have been proficiency, familiarity and trust
  • Built relationships at the operations,
    management, and executive levels among companies
    within the energy sector
  • Provided trusted and effective forums for
    obtaining mutual assistance on issues related to
    critical infrastructure protection
  • Developed trust within the industry in order to
    develop, promote, and support new information
    sharing technologies that provide both
    confidentiality and impartiality
  • Focused on the industry
  • Emphasized timeliness as demanded by the current
    threat and risk landscape

  • Constraints to NESCO
  • Staged Cost-sharing leading to
    self-sustainability in 3 years
  • Large sector size
  • Diverse stakeholders (asset owners/operators
    generation, transmission and distribution end
    users, vendors)
  • Collaboration with Federal agencies and Industry
  • Avoiding duplication of effort and establishing
  • Information sharing
  • Government ? NESCO
  • Industry ? NESCO

Rhonda Dunfee Infrastructure Security Energy
Restoration Division Office of Electricity
Delivery Energy Reliability DOE Rhonda.Dunfee_at_hq
CSWG Subgroup Updates
  • Subgroup Leads

November 30-December 3, 2010
Subgroup Updates
  • AMI Security (Darren Highfill)
  • Design Principles (Daniel Thanos)
  • Privacy (Tanya Brewer)
  • Testing Certification (Sandy Bacik)

November 30-December 3, 2010
  • Twiki http//
  • Meetings Tuesdays at 1300 Eastern
  • Dial-in Information 866-793-6322 X3836162
  • Mailing list
  • To join the mailing list contact
  • Co-Chair contact information
  • Darren Highfill (
  • Ed Beroset (

November 30-December 3, 2010
AMI Security Subgroup Scope
  • Back-office components that have metering as
    primary focus
  • E.g. MDMS is in scope, CIS is not
  • Through the electric meter or utility-owned/operat
    ed gateway
  • Water meters, gas meters, and customer-owned/opera
    ted devices are not explicitly in scope
  • Interface-Oriented Projection of Requirements
    Devices wishing to communicate using AMI must
    meet certain capabilities and follow certain
    behavior to be allowed on the network
  • May develop classes of device requirements to
    account for highly heterogeneous resource
    constraints (i.e. home EMS vs. gas meter)
  • All layers of communications stack
  • Challenge in finding appropriate SDO to work with
  • Consensus from St. Louis benefits of unified
    document addressing AMI in the manner it is
    procured outweigh challenges

AMI Security Subgroup PAP Proposal
  • Consensus Propose a Priority Action Plan to
    standardize a set of requirements for AMI
  • Proposal is stronger if we know which SDO/SSO we
    want to work with
  • Current draft http//
  • Linked on CSCTGAMI and Priority Action Plans
  • Criteria for selecting SDO/SSO
  • Industry acceptance
  • Expertise in power systems, especially advanced
  • Expertise in communications, networking, and
  • Openness to interaction with AMI Security
    Subgroup and the SGIP
  • Ability to work quickly
  • Cost of final product (i.e. purchase price of
  • Nominated SDOs/SSOs
  • AMI Security Subgroup to produce and distribute

Design Principles
  • Twiki http//
  • Meetings Fridays 1530 Eastern
  • Dial-in Information 800-728-9607 X4570752
  • Mailing list
  • To join the mailing list contact
  • Chair contact information
  • Daniel Thanos (

November 30-December 3, 2010
  • Twiki http//
  • Meetings Thursdays, 1100 Eastern
  • Dial-in Information 866-802-3515 X2817109
  • Mailing list
  • To join the mailing list contact
  • Chair contact information
  • Rebecca Herold (

November 30-December 3, 2010
Smart Grid Privacy Group Scope/Mission
  • To identify and clearly describe privacy concerns
    within the Smart Grid and opportunities for their
    mitigation. In addition, the group strives to
    clarify privacy expectations, practices, and
    rights with regard to the Smart Grid by
  • Identifying potential privacy problems and
    encouraging the use of relevant existing fair
    information practices
  • Seeking the input of and educating Smart Grid
    entities, subject matter experts, and the public
    on options for protecting privacy of, and
    avoiding misuse of, personal information used
    within the Smart Grid
  • Providing recommendations for coordinating
    activities of relevant local, state, and federal
    agencies regarding Smart Grid privacy related
  • Making recommendations and providing information
    to organizations developing privacy policies and
    practices that promote and protect the interest
    of Smart Grid consumers and organizations

Smart Grid Privacy Group Scope/Mission
  • Try to answer questions such as those received
  • How will information about my energy consumption
    (days, times, amounts, and other use profile
    information) be used shared with business
  • Will there be any public way to verify addresses
    or names of clients of the grid?
  • Any and all PII will be considered private and
    confidential I hope. Or will they make the
    mistakes of so many others in the past of doing
    reverse lookups based on meter numbers or
    neighborhood consumption reports?
  • Do the Fair Information Practice principles
    (FIPs) provide a sound and adaptable framework
    for addressing consumer privacy concerns or are
    they just the baseline?
  • How secure are the meters, HAN and other
    communication devices (secure in the means of
    protecting customer information)?
  • What types of "click and consent" models will be
  • How will information be shared and used, and how
    will it be protected?
  • What kind privacy protections will be in place
    prior to allowing third party access?

Group Demographics
  • The NIST Smart Grid Privacy Subgroup currently
  • Energy and Utilities Industry Experts
  • State Public Utilities Commission Representatives
  • Information Security Experts
  • Privacy Experts
  • Attorneys and Legal Experts
  • University Professors and Students
  • Other technical, operational and privacy experts,
    from all regions, are welcome to join the group!

Work Going Forward
  • Address privacy issues for businesses
    (commercial, institutional, industrial)
  • Expand upon PEV issues
  • Discuss National Strategy for Trusted IDs in
    Cyber Space (NSTIC) impact on privacy in the
    Smart Grid
  • Address privacy issues related to energy
  • Add more privacy use cases to what is in NISTIR
  • Add more discussion of opt-in versus opt-out
    what real choices are possible to allow Smart
    Grid functioning and what is not?
  • Expand upon data collection endpoints/paths
    (e.g., private internetworks, storage media
    devices, etc.) that will be part of the Smart
  • Expand upon Internet- and wireless-related issues

Work Going Forward
Smart Grid Categories with Potential Privacy Issues Consumers (expanding Upon Version 1 of NISTIR 7628) Consumers (expanding Upon Version 1 of NISTIR 7628) Consumers (expanding Upon Version 1 of NISTIR 7628) Consumers (expanding Upon Version 1 of NISTIR 7628) Commercial / Institutional (apartments, hospitals, dormitories, etc.) Commercial / Institutional (apartments, hospitals, dormitories, etc.) Commercial / Institutional (apartments, hospitals, dormitories, etc.) Commercial / Institutional (apartments, hospitals, dormitories, etc.) Commercial/Non-Institutional (office buildings, retail stores, data centers, car rentals, etc.) Commercial/Non-Institutional (office buildings, retail stores, data centers, car rentals, etc.) Commercial/Non-Institutional (office buildings, retail stores, data centers, car rentals, etc.) Commercial/Non-Institutional (office buildings, retail stores, data centers, car rentals, etc.)
Smart Grid Categories with Potential Privacy Issues Physical Admini-strative Technical Privacy Impacting Data Physical Admini-strative Technical Privacy Impacting Data Physical Admini-strative Technical Privacy Impacting Data
Smart Meters                        
- energy usage  X X  X   X X  X X  X - P P P
- pricing data X X  X  X X X  X  X - P P P
- smart device data X X  X  X X X  X  X - P P P
PEVs (NOTE Requested by PAP11)                      
- private charging station X X X X X X X X - P P P
energy usage X X X X X X X X - P P P
pricing data X X X X X X X X - P P P
PEV related data X X X X X X X X - P P P
- public charging station P P P P P P - P - P P P
PEV related data P P P P P P - P - P P P
- servicing X X X X P P P P - P P P
  • Thank you to everyone for your contributions and
  • On Wednesday,
  • Annabelle Lee, FERC, will provide us with an
    update on the FERC standards review
  • CSWG PAP liaisons and their involvement in the
    PAPs will be discussed
  • CSWG Standards subgroup lead will provide a
    review of what the standards subgroup has
    accomplished and the standard template the CSWG
    uses for the standard review process
  • Preview of the CSWG 3-year plan
  • Twiki http//

November 30-December 3, 2010
Write a Comment
User Comments (0)