How many of you have downloaded NISTIR 7628: Smart Grid Cyber Security Strategy and Requirements, saw it was 305 pages and put it aside? Maybe you even waded into the first ten to twenty pages and read a lot of general statements and gave up. Well if you have some time before the summer is over, pick it up again because there is some great information in there.
Let me guide you through the highlights in a quick and painless way.
1. Jump right to Figure 2.2 on page 29 and see a drawing of logical interfaces in an AMI. This shows the common hardware and software components in an AMI deployment. Equally important it shows the communication flows between these components. If you don’t understand what a component, or actor in NISTIR parlance, does, then note the number in the box and go to Table 2. on page 22 and read about it. Don’t look at any of the other information yet.
You can repeat this process for Distribution Grid Management in Figure 2.3, Electric Storage in Figure 2.4, Electric Transportation in Figure 2.5, HAN/BAN in Figure 2.6, and Wide Area Situational Awareness in Figure 2.7.
You should now have a basic understanding of the components and flows in six major “smart grid” domains.
1a. [Optional] You can now look at Figure 2.1 on page 21 that shows Figures 2.2 – 2.7 all combined in a single drawing to see a consolidated smart grid view. Look to the upper left and see many of the existing system such as Plant Control Systems and Transmission SCADA.
2. Now go to Section 3.2 Logical Interface Categories beginning on page 54. Each information flow line drawn between the components in the Figures you just looked at is assigned to one of the 18 Logical Interface Categories. Section 3.2 is a description of the type of communication and high level security requirements for each category. This is good info so spend some time here.
3. The next step in the methodology assigns each logical interface from Figures 2.1 – 2.7 to one of the Logical Interface Categories – – that is why they were individually numbered. So as an example look at Table 2.2 on page 30 and see how the AMI logical interfaces are assigned.
4. The next step in the methodology gets messy and may not be worth reading if you are looking for an overview. Security controls from the DHS Catalog of Security Controls are then assigned to each of the 18 logical interface categories. So the idea is you would draw your system as in Figure 2.2, select the interface category for each connection, and then have a list of recommended security controls. There is a lot of detail in the document, but the concept is simple.
5. Now skip to Appendix A. There are some great use cases here for a variety of smart grid domains. Each use case has a described scenario, smart grid characteristics and corresponding cyber security objectives / requirements. For example AMI: Remote Connect/Disconnect of Meter or EV: Plug In Hybrid Vehicle or Customer Receives and Responds to Utility Price Signal.
6. Finally read the first three pages of Chapter 4 Privacy and the Smart Grid, pages 100 – 102. Provides a good overview of the issue.
All of this should take you less than an hour. If you want more detail after that you have another 260 pages you can go through.