1 / 15

Cyber Security Working Group March 17, 2010

Cyber Security Working Group March 17, 2010. Smart Grid Cyber Security Strategy. Establishment of a Cyber Security Coordination Task Group (CSCTG) Established in March 2009 CSCTG transitioned to the Smart Grid Interoperability Panel – Cyber Security Working Group (SGIP–CSWG)

uta
Download Presentation

Cyber Security Working Group March 17, 2010

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cyber Security Working GroupMarch 17, 2010

  2. Smart Grid Cyber Security Strategy • Establishment of a Cyber Security Coordination Task Group (CSCTG) • Established in March 2009 • CSCTG transitioned to the Smart Grid Interoperability Panel – Cyber Security Working Group (SGIP–CSWG) • Almost 400 participants • Chair - Annabelle Lee, NIST • Vice Chairs – Dave Dalva, CISCO and Alan Greenberg, Boeing • Secretary – Mark Enstrom, Neustar • EnerNex Support – Sandy Bacik • Weekly telecon • Teleconference Day & Time: Mondays, 11am EDT Call-in number:866-745-6097 • Participant passcode: 7413006

  3. Smart Grid Cyber Security Strategy (2) • Have established the following sub-groups • Vulnerability class analysis • Bottom-up assessment • Privacy • Standards assessment • High level requirements • Cryptography and key management • Functional/security architecture development • Research and Development

  4. Smart Grid Cyber Security Strategy and Requirements • First draft posted as a NIST Interagency Report (NISTIR) 7628 in September 2009 • Development of the document lead by NIST • Document written by the CSCTG and the Advanced Security Acceleration Project – Smart Grid team • Represents significant coordination among federal agencies, the private sector, regulators, and academics • Document includes material that will be used in selecting and tailoring security requirements • Document includes: • A cyber security strategy that includes a high level risk assessment for the Smart Grid • High level security requirements • Background materials that were used in performing the risk assessment and the analysis material used to select the security requirements

  5. Smart Grid Cyber Security Strategy and Requirements (2) • Second draft posted on February 2, 2010 • Second draft will be posted for a 60-day comment period • Time-period to begin when Federal Register Notice (FRN) published • Draft includes: • Overall cyber security strategy • Bottom-up security assessment • Privacy assessment • Security relevant use cases • Vulnerability class analysis • High level requirements for the entire Smart Grid • Overall functional logical architecture and lower level logical interface diagrams • Initial analysis of standards • R and D topics • Comments and disposition will also be posted

  6. Smart Grid Cyber Security Strategy and Requirements (3) Final version planned for June 2010 Will include: Revisions based on the comments received Updated sections Bottom-Up analysis Vulnerability classes Privacy assessment Security-relevant use cases Logical interface diagrams Research and Development (R&D) High level requirements – including tailored security requirements New sections Overall security architecture Design considerations to assist implementers Cryptography and key management

  7. Smart Grid Cyber Security Strategy

  8. Smart Grid Cyber Security Strategy - Tasks

  9. SGIP Organization SGIP Membership NIST SGIP Officers Governing Board SGIP Administrator Standing Committees Priority Action Plan Teams PAP 1 PAP 2 PAP 3 Test & Certification Committee (SGTCC) Architecture Committee (SGAC) PAP 4 PAP 5 PAP … Domain Expert Working Groups Permanent Working Groups B2G TnD H2G Cyber Security Working Group (CSWG) BnP I2G PEV2G

  10. Liaisons and Updates PMO – Alan Greenberg Test and Certification Committee – Dave Dalva Architecture Committee – Sandy Bacik and Justin Searle

  11. CSWG Roadmap • This roadmap defines the tasks and estimated timeline for CSWG work over the next 2-3 years • Tasks • Task 1. Selection of use cases with cyber security considerations • Task 2. Performance of a risk assessment • Bottom-up analysis • Top-down analysis • Task 3. Specification of high level security requirements • Privacy assessment • Task 4a. Development of a security architecture • Task 4b. Assessment of Smart Grid standards • Task 5. Conformity assessment

  12. CSWG Roadmap (2) • Phase 1 • Forming of CSCTG and sub-groups • SGIP making a permanent working group – CSWG • First draft of the NISTIR 7628 (09/2009) • Coordination with other federal agencies • Phase 2 • Second draft of the NISTIR 7628 (02/2010) • Coordination with: • SGIP GB • Architecture Committee • SGIP • Test and Certification Committee • PAPs • NISTIR 7628 version 1.0 (06/2010) • User guide on using the NISTIR • Outreach to other organizations

  13. CSWG Roadmap (3) • Phase 3 • Continue outreach efforts • Expand working relationships with SGIP GB, SGIP, Committees, PAPs, and other working groups • NISTIR 7628 updates • CSWG face to face meetings • Maintaining the SGIP-CSWG roadmap

  14. Outreach and Coordination…. Coordination with PAPs: Strategy for coordination Send to SGIPGB Expectations from PAP teams What does this mean? How do the PAPs interact with CSWG? Outreach…. EEI Microsoft, AT&T NAESB NARUC, PUCs Universities Defense community – DOD, NSA, etc. Government laboratories International – EU, OECD, etc. APPA (munis) etc.

  15. How to Participate in SGIP-CSWG • NIST Smart Grid portal http://nist.gov/smartgrid • SGIP-CSWG • Chair: Annabelle Lee (annabelle.lee@nist.gov) • CSWG Twiki site: http://collaborate.nist.gov/twiki-sggrid/bin/view/SmartGrid/CyberSecurityCTG

More Related