sg security wg chair: darren reece highfill darren@utilisec

UCAIug: Smart Grid SecurityUCAIug: Smart Grid SecurityOpenSG Face-to-Face OpenSG Face-to-Face (January 2010 – San Francisco, CA)(January 2010 – San Francisco, CA)

SG Security Working GroupSG Security Working GroupAMI-SEC Task ForceAMI-SEC Task Force

SG Security WG Chair:SG Security WG Chair:

Darren Reece HighfillDarren Reece Highfill

[email protected]@utilisec.org

SG Security OverviewSG Security Overview• ChairChair

– Darren Highfill, SCEDarren Highfill, SCE• Vice ChairVice Chair

– Matt Carpenter, InguardiansMatt Carpenter, Inguardians• SecretarySecretary

– Bobby Brown, EnerNexBobby Brown, EnerNex

• Task Forces:Task Forces:– AMI-SECAMI-SEC

AgendaAgendaDay Timeslot Subject Group RoomMonday 1500-1700 Boot Camp SG Sec WG ANZA ITuesday 1030-1200 Status updates

Review of AMI Security Profile v1.0 commentsSG Sec WGAMI-SEC TF

ANZA I

1300-1500 OpenHAN Joint Session ANZA IWednesday 0800-1000 AMI SP: comment classification

AMI SP: begin resolution discussionAMI-SEC TF ANZA I

1030-1200 AMI SP: comment resolution discussion (cont.)AMI SP: action items forward

AMI-SEC TF ANZA I

1300-1500 OpenADE/OpenADR Joint Session ANZA II & III1530-1730 SG Communications Joint Session ANZA I

Thursday 1030-1200 AMI-ENT Joint Session ANZA I1300-1500 Prioritization of needs

Organizational planningSG Sec WG PORTOLA A

Status UpdatesStatus Updates

UtiliSec CharterUtiliSec Charter

• Chartered with developing detailed security and Chartered with developing detailed security and

assurance requirements and security best practices assurance requirements and security best practices

guidance for organizations throughout the lifecycle of guidance for organizations throughout the lifecycle of

smart grid technologysmart grid technology

• Technology-specific, but vendor-agnostic guidanceTechnology-specific, but vendor-agnostic guidance

• Feed and accelerate SDO work (IEC, IEEE, etc.)Feed and accelerate SDO work (IEC, IEEE, etc.)

• http://osgug.ucaiug.org/utilisec/Shared Documents/SG http://osgug.ucaiug.org/utilisec/Shared Documents/SG

Security WG Charter v0.9-20100126.pdfSecurity WG Charter v0.9-20100126.pdf

Security Profile BlueprintSecurity Profile Blueprint

• StatusStatus– Mature draft posted Dec. 2009Mature draft posted Dec. 2009

• http://osgug.ucaiug.org/utilisec/Shared Documents/Security Profile http://osgug.ucaiug.org/utilisec/Shared Documents/Security Profile Blueprint/Security Profile Blueprint - v0_20 - 20091214.docBlueprint/Security Profile Blueprint - v0_20 - 20091214.doc

– Revisited after completion of each profileRevisited after completion of each profile

• Profile Creation MethodProfile Creation Method– Establish Profile ScopeEstablish Profile Scope– Define Logical ArchitectureDefine Logical Architecture– Identify Security-Related ConstraintsIdentify Security-Related Constraints– Recommend Security ControlsRecommend Security Controls– Validate ProfileValidate Profile

AMI Security Profile CommentsAMI Security Profile Comments

Discussion Points:Discussion Points:1.1. The use of "must", "shall", and "should" and corresponding The use of "must", "shall", and "should" and corresponding

definitions, then a group to review the consistency in the definitions, then a group to review the consistency in the document.document.

2.2. No collaborative computing capabilities should be use in an AMI No collaborative computing capabilities should be use in an AMI as it is a dedicated system for one function.as it is a dedicated system for one function.

3.3. AMI is a dedicated system and should not support VoIP AMI is a dedicated system and should not support VoIP capabilities.capabilities.

4.4. Should we add a glossary and acronym section - for example Should we add a glossary and acronym section - for example "reasonable", "strongly", "alert", "flaw"."reasonable", "strongly", "alert", "flaw".

5.5. Should "Smart Grid Application" be part of the Smart Grid Should "Smart Grid Application" be part of the Smart Grid components?components?

6.6. Should the security profile document be formatted to be used in Should the security profile document be formatted to be used in RFPs?RFPs?

• Project Description:Project Description:

– Utility-driven, public-private collaborative project to develop Utility-driven, public-private collaborative project to develop system-level security requirements for smart grid technologysystem-level security requirements for smart grid technology

• Needs Addressed:Needs Addressed:

– Utilities:Utilities: specification in RFP specification in RFP

– Vendors:Vendors: reference in build process reference in build process

– Government:Government: assurance of infrastructure security assurance of infrastructure security

– Commissions:Commissions: protection of public interests protection of public interests

• Approach:Approach:

– Architectural team Architectural team produce material produce material

– Usability Analysis team Usability Analysis team assess effectiveness assess effectiveness

– NIST, UtiliSec NIST, UtiliSec review, approve review, approve

• Deliverables:Deliverables:

– Strategy & Guiding Principles white paperStrategy & Guiding Principles white paper

– Security Profile BlueprintSecurity Profile Blueprint

– 3 Security Profiles: AMI, ADE, Communications3 Security Profiles: AMI, ADE, Communications

– Usability AnalysisUsability Analysis

ASAP-SG: SummaryASAP-SG: Summary

Schedule: Jun09 – Dec09

Budget: $3M

($1.5M Utilities + $1.5M DOE)

Performers: Utilities, EnerNex, Inguardians, SEI, ORNL

Partners: DOE

Release Path: NIST, UCAIug

Contacts:Bobby Brown [email protected]

Darren Highfill [email protected]

Schedule: Jun09 – Dec09

Budget: $3M

($1.5M Utilities + $1.5M DOE)

Performers: Utilities, EnerNex, Inguardians, SEI, ORNL

Partners: DOE

Release Path: NIST, UCAIug

Contacts:Bobby Brown [email protected]

Darren Highfill [email protected]

ASAP-SG: Upcoming ProfilesASAP-SG: Upcoming Profiles

• Distribution AutomationDistribution Automation• Wide Area Situational AwarenessWide Area Situational Awareness (i.e. Synchrophasors) (i.e. Synchrophasors)

• Home Area NetworksHome Area Networks• Substation AutomationSubstation Automation

Joint SessionJoint Session

SG Security & SG SystemsSG Security & SG Systems




TemplateTemplate

• Summary of SG Systems group security requirementsSummary of SG Systems group security requirements• Relevant Technological IssuesRelevant Technological Issues• Artifacts related to above issuesArtifacts related to above issues

– SG Security artifacts: existing and/or neededSG Security artifacts: existing and/or needed– Business artifacts from requesting group (e.g. use cases)Business artifacts from requesting group (e.g. use cases)

• Q&AQ&A• Collaboration between SG Security and SG Systems Collaboration between SG Security and SG Systems

groupgroup– Statement of NeedStatement of Need

– Task assignmentsTask assignments

SG-SystemsSG-Systems

• Summary of SG-Systems security requirementsSummary of SG-Systems security requirements (Greg (Greg Robinson)Robinson)

• Outstanding IssuesOutstanding Issues (Greg Robinson) (Greg Robinson)

• SG Security artifacts related to above issuesSG Security artifacts related to above issues– ExistingExisting– NeededNeeded

• Q&AQ&A• Collaboration between SG Security and SG-SystemsCollaboration between SG Security and SG-Systems

– SG-Systems Statement of NeedSG-Systems Statement of Need


OpenHANOpenHAN

• Summary of OpenHAN security requirementsSummary of OpenHAN security requirements (Mary Zientara) (Mary Zientara)

• IssuesIssues (Robby Simpson) (Robby Simpson)

– PrivacyPrivacy– Securing one way communicationsSecuring one way communications– HAN network admissionsHAN network admissions– Application level security Application level security – Digital Certificate authority (technology, business, security credentials)Digital Certificate authority (technology, business, security credentials)


• Q&AQ&A• Collaboration between SG Security and OpenHANCollaboration between SG Security and OpenHAN

– OpenHAN Statement of NeedOpenHAN Statement of Need– Task assignmentsTask assignments


SG Security / OpenADE / OpenADRSG Security / OpenADE / OpenADR




OpenADEOpenADE

• Summary of OpenADE security requirementsSummary of OpenADE security requirements (Steve Van (Steve Van Ausdall / Dave Mollerstuen)Ausdall / Dave Mollerstuen)

• Third Party Data Access Security ProfileThird Party Data Access Security Profile (Darren Highfill) (Darren Highfill)

• Outstanding IssuesOutstanding Issues (Steve Van Ausdall / Dave Mollerstuen) (Steve Van Ausdall / Dave Mollerstuen)


• Q&AQ&A• Collaboration between SG Security and OpenADECollaboration between SG Security and OpenADE

– OpenADE Statement of NeedOpenADE Statement of Need


OpenADROpenADR

• Summary of OpenADR security requirementsSummary of OpenADR security requirements (Albert Chiu) (Albert Chiu)

• Third Party Data Access Security ProfileThird Party Data Access Security Profile (Darren Highfill) (Darren Highfill)

• Outstanding IssuesOutstanding Issues (Albert Chiu) (Albert Chiu)

– Use of public networks such as the internetUse of public networks such as the internet– NERC CIPNERC CIP– Voluntary DR programs with pricing, weather, special days, etc. over Voluntary DR programs with pricing, weather, special days, etc. over

different communications channelsdifferent communications channels– Security lessons learned in current OpenADR deploymentsSecurity lessons learned in current OpenADR deployments

• SG Security artifacts related to above issuesSG Security artifacts related to above issues– ExistingExisting

– NeededNeeded

• Q&AQ&A• Collaboration between SG Security and OpenADRCollaboration between SG Security and OpenADR

– OpenADR Statement of NeedOpenADR Statement of Need– Task assignmentsTask assignments


SG Security / SG CommunicationsSG Security / SG Communications




SG CommunicationsSG Communications

• Summary of SG Communications group security Summary of SG Communications group security requirementsrequirements

• Relevant Technological IssuesRelevant Technological Issues• Artifacts related to above issuesArtifacts related to above issues

– SG Security artifacts: existing and/or neededSG Security artifacts: existing and/or needed– Business artifacts from requesting group (e.g. use cases)Business artifacts from requesting group (e.g. use cases)

• Q&AQ&A• Collaboration between SG Security and SG Collaboration between SG Security and SG

Communications groupCommunications group– Statement of NeedStatement of Need



SG Security / AMI-ENTSG Security / AMI-ENT




AMI-ENTAMI-ENT

• Summary of AMI-ENT security requirementsSummary of AMI-ENT security requirements (Mark Ortiz) (Mark Ortiz)

• Outstanding IssuesOutstanding Issues (Mark Ortiz) (Mark Ortiz)

– Application level security Application level security – XML security considerations & messagingXML security considerations & messaging


• Q&AQ&A• Collaboration between SG Security and AMI-ENTCollaboration between SG Security and AMI-ENT

– AMI-ENT Statement of NeedAMI-ENT Statement of Need


• Interested? Send an email to [email protected]? Send an email to [email protected]

Wrap-up SessionWrap-up Session

• AMI Security Profile commentsAMI Security Profile comments• Interest Areas / Lists to be FormedInterest Areas / Lists to be Formed• Prioritization / Action Items / AssignmentsPrioritization / Action Items / Assignments• Call for Presenters / TopicsCall for Presenters / Topics

AMI Security ProfileAMI Security Profile

• The intent of the document is to provide The intent of the document is to provide prescriptive, actionable guidance for how to prescriptive, actionable guidance for how to build-in, build-in, procureprocure and implement security for AMI and implement security for AMI smart grid functionalitysmart grid functionality

• This guidance is neutral to vendor specific This guidance is neutral to vendor specific implementations and architecturesimplementations and architectures

• Work extends from the meter data management Work extends from the meter data management system (MDMS) up to and including the home system (MDMS) up to and including the home area network (HAN) interface of the smart meterarea network (HAN) interface of the smart meter

What Should Be Logged?What Should Be Logged?

• Is there a definition for Security Events, Control Events, Is there a definition for Security Events, Control Events, System/Device Confirmation changes? (DHS 2.16.2.1)System/Device Confirmation changes? (DHS 2.16.2.1)

• Log all success / all unsuccessful? (DHS 2.14.4.2, DHS Log all success / all unsuccessful? (DHS 2.14.4.2, DHS 2.15.24.3)2.15.24.3)

• Message details – (date, time, source, destination, Message details – (date, time, source, destination, message details)message details)

• Do we need a definition for security events, control Do we need a definition for security events, control events, system/device confirmation changes? (DHS events, system/device confirmation changes? (DHS 2.14.4.2, DHS 2.16.2.1)2.14.4.2, DHS 2.16.2.1)

• Do we need to define levels of auditing? (DHS 2.16.4.1)Do we need to define levels of auditing? (DHS 2.16.4.1)

AMI SP Comments - SummaryAMI SP Comments - Summary

• Use IEEE definitions for shall, should, etc.Use IEEE definitions for shall, should, etc.• Encryption – for supplemental guidance, level of Encryption – for supplemental guidance, level of

protection needs to be applied to the dataprotection needs to be applied to the data• Malicious code protection – use due diligence / Malicious code protection – use due diligence /

care, remove the implementation guidance, care, remove the implementation guidance, general updatesgeneral updates

• Update document for “reasonable period of Update document for “reasonable period of time”, “strongly authenticated”, “alert”, “alarm”, time”, “strongly authenticated”, “alert”, “alarm”, “flaw”“flaw”

AMI SP Comments – SummaryAMI SP Comments – Summary (cont) (cont)

• Review definition of Grid Control Center (4.3.9)Review definition of Grid Control Center (4.3.9)• DHS 2.8.13 – Collaborative Computing requirements DHS 2.8.13 – Collaborative Computing requirements

and verbiageand verbiage• DHS 2.8.17 – VoIP requirement enhancementsDHS 2.8.17 – VoIP requirement enhancements• DHS-2.14.2 – Flaw remediation – better definitionDHS-2.14.2 – Flaw remediation – better definition• DHS 2.15.2.1 – Identification and authentication – more DHS 2.15.2.1 – Identification and authentication – more

clarificationsclarifications• Comment resolution team to send an email to the group Comment resolution team to send an email to the group

about why the document is not suitable for an RFP about why the document is not suitable for an RFP document.document.

AMI SP CommentsAMI SP Comments

Thank you Thank you everyoneeveryone for the comments and for the comments and contributions, they are greatly appreciatedcontributions, they are greatly appreciated

OpenSG Group Mappings – Comm ViewOpenSG Group Mappings – Comm View

Closing PlenaryClosing Plenary

SG SecuritySG Security




Progress This WeekProgress This Week

• Key accomplishmentsKey accomplishments– Approved CharterApproved Charter– Strong technical debate/review of AMI SP commentsStrong technical debate/review of AMI SP comments– Introduction of 3PDA SPIntroduction of 3PDA SP

• Collaborative sessionsCollaborative sessions– OpenHAN, OpenADR: Generate Statement of NeedOpenHAN, OpenADR: Generate Statement of Need– SG Network, AMI-ENT: Action items definedSG Network, AMI-ENT: Action items defined– OpenADE: Delivered 3PDA SPOpenADE: Delivered 3PDA SP

Interest Areas / New Email ListsInterest Areas / New Email Lists

• Third Party Data AccessThird Party Data Access– Usability AnalysisUsability Analysis

– General Interest (Future Task Force?)General Interest (Future Task Force?)

• OpenHAN SupportOpenHAN Support• SG Communications SupportSG Communications Support• AMI-ENT SupportAMI-ENT Support• Lemnos (Configuration Profiles)Lemnos (Configuration Profiles)• Risk AssessmentRisk Assessment• Application Security RequirementsApplication Security Requirements

Moving ForwardMoving Forward

• Define agendas and action plans for next collaborative Define agendas and action plans for next collaborative sessionssessions

• Facilitate sub-group formation & activityFacilitate sub-group formation & activity• Changes to AMI Security ProfileChanges to AMI Security Profile

– Resolution of commentsResolution of comments

– Mapping use cases and/or security domains to control Mapping use cases and/or security domains to control requirementsrequirements

• Review / comment / revision of 3PDA SPReview / comment / revision of 3PDA SP

SG CommunicationsSG Communications

• Email reflector:Email reflector:– [email protected]@SmartGridListServ.org– [email protected]@SmartGridListServ.org– [email protected]@listserv.enernex.com

• Webinar information:Webinar information:– Provided via UtiliSec-Announce listProvided via UtiliSec-Announce list

• Webinar times:Webinar times:

Meeting Day PST EST UK CET

SG-Security Every other Monday 11:00 14:00 19:00 20:00

Questions?

[email protected]

UtiliSec Collaboration Sitehttp://osgug.ucaiug.org/utilisec

sg security wg chair: darren reece highfill darren@utilisec

Documents

security profile document

detailed security

amientjoint sessionanza

smart grid technologyneeds

smart grid application

smart grid components

dedicated system

comment classificationami