Mariana Hentea - Building an Effective Security Program for Distributed Energy Resources and Systems

However, NERC cybersecurity standards and supplementary documents are often similar to guidance applicable to federal agencies [GAO 2011] and do not apply to all power grid functions. In addition, the standards adoption by the electric power industry is lacking coordination and a consistent approach in monitoring industry compliance with voluntary standards. FERC is responsible for regulating aspects of the electric power industry, which includes adopting cybersecurity and other standards it deems necessary to ensure Smart Grid functionality and interoperability.

An essential element of Smart Grid developments around the globe is coordination for the development of international standards. As the United States and other nations construct their Smart Grids, use of international standards ensures the broadest possible market for Smart Grid suppliers.

NIST is devoting considerable resources and multilateral engagement with other countries to cooperate in the development of international standards for the Smart Grid. In addition, NIST and the International Trade Administration (ITA) have partnered with the DOE to establish the International Smart Grid Action Network (ISGAN), a multinational collaboration of 23 countries and the European Union.

ISGAN complements the Global Smart Grid Federation, a global stakeholder organization, which serves as an association of associations to bring together leaders from Smart Grid stakeholder organizations around the world. This organization supports Smart Grid solutions emerging to address the economic, policy, and regulatory challenges of variable renewables. Similarly, the Clean Energy Solutions Foundation ( https://cleanenergysolutions.org) helps governments design and adopt policies and programs that support the deployment of clean energy technologies. Regulatory policies around the globe promote renewable electricity standards (recommendations, good practices, design considerations) to accelerate renewable energy deployment.

However, cybersecurity for the IT/OT systems for the Smart Grid continues to be a significant topic and has been made even more critical by the convergence of IT/OT [Meyers 2013]. This convergence has enabled a new range of consumer‐based OT, most of which is beyond the reach or control in the traditional utility. Therefore, an IT/OT‐converged approach allows utility personnel to deploy each grid modernization application as a part of a connected whole.

In addition, diverse IoT‐based applications call for different deployment scenarios and requirements, which have usually been handled in a proprietary implementation. However, since the IoT is connected to the Internet, most of the devices comprising IoT services need to operate utilizing standardized technologies. The Internet Protocol for Smart Objects (IPSO) Alliance ( www.ipso‐alliance.org) promotes the IoT. Prominent standardization bodies, such as IETF ( www.ietf.org), the Institute of Electrical and Electronics Engineers (IEEE) ( www.ieee.org), and European Telecommunications Standards Institute (ETSI) ( www.etsi.org), are working on developing protocols, systems, architectures, and frameworks to enable the IoT devices to interoperate.

In respect to privacy, international standards bodies are currently working on establishing standards to assist organizations in better protecting personal data. Examples include:

The ISO is working on technical standards for a Privacy Framework and Privacy Reference Architecture.

Regional standards organizations, such as the American National Standards Institute (ANSI) and the European Committee for Standardization (CEN), are involved in data protection standards; CEN\ISSS reported to the European Commission in 2003 on the utility of standards in enforcing the directive. Their work continues in setting standards for networks, biometrics, identity and authentication, cryptographic protocols, security management, deidentification of health information, data storage, and other standards that have a bearing on privacy architectures.

The ETSI produces standards for information and communication technologies.

United Nations Internet Governance Forum (IGF) and the regional IGFs are increasing the privacy discussions. In 2009 and 2010, the IGF program included a main session on security, openness, and privacy as well as numerous workshops devoted to privacy issues.

The need for open standards is a trend that can increase standards adoption toward improving security and privacy of Smart Grid. However, cyber threats can evolve faster than standards. To safeguard vital interests like electrical grids, it is also needed collaboration and information sharing among federal, state, local governments, and industry [NISTIR 7628r1].

Текст предоставлен ООО «ЛитРес».

Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.

Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.