2017 Slides, Findings, and White Paper

About

With the ever-changing cybersecurity landscape, the IEEE organized the first Smart Grid Cybersecurity Workshop on December 14, 2017 in an effort to determine areas for improvement in areas related to cyber and physical security. The workshop hosted multiple industry experts as they shared their knowledge and participated in open discussions with the audience on problems facing the electric power industry. One of the main goals in these discussions was to advance the issues, discuss related standards, gain an understanding of the challenges and review potential solutions for power grid cyber and physical security. The main topics addressed in the 2017 workshop were:

  • Overview of the Security Situation/Risk
  • Cybersecurity—Best Practices
  • Physical Security & Supply Chain—Best Practices and Standards
  • Security Conscious Software Development
  • Policy Issues
  • Academic Research.

This white paper summarizes the industry experts’ presentations and shares the workshop participants’ dialog. The important aspect is to further the education and draw potential synergies on addressing cyber and physical security challenges.

Summary

Standards and Best Practices

  • Cybersecurity standards provide a framework and are developed by industry experts based on sound technical solutions and best practices.
  • Both regulatory and technical industry standards can be used to help organizations create a comprehensive framework to secure the power grid.

Resiliency 

  • A resilient smart grid is one that can bend without breaking and is the result of engineered solutions that respond to cyber-events automatically or can be based on manual processes.

Risk Management 

  • Cyber risk management should start with board-level guidance on risk tolerance, then turn to technical assessments by power system engineers, Information Technology (IT) and financial experts on the safety and risks of the power systems, the components used in those systems, and the other associated supporting systems.
  • Systems can achieve the greatest effectiveness by building cybersecurity into systems from the ground up.

Collaboration/Partnerships/Relationships

  • It is necessary for partnerships and relationships to be established before a cyber-event occurs, allowing for a quick response.

Situational Awareness

  • Assessing the functionality of the power system is critical.
  • Situational awareness is the ability to have an accurate and real-time picture of the system and of assets.
  • This includes monitoring for cyber and physical intrusions while maintaining a detailed list of assets.

Incident Response 

  • Knowing how to respond needs to be second nature.
  • The workshop report describes the need for tools for preparations and post incident forensics, and exercises to help hone skills necessary for incident response.

Ownership and Responsibility 

  • Determining who has ownership and responsibility of power system cybersecurity and where the lines are drawn is vital.
  • Government and the private sector need to be clear on ownership of assets subject to cyber threats. While private assets are the responsibility of the private owners, to what extent should the government get involved.

Workforce

  • Fortifying the workforce in the power industry will take a combination of academic programs, professional education, and community outreach from the existing industry workforce.
  • Protecting the electric grid calls for formally educated workers equipped with knowledge of both the physical and cyber aspects of power systems.
  • To fill their cybersecurity needs asset owners should look for graduates with a formal education/experience in both cybersecurity and power systems engineering.

Next-Gen Cybersecurity Solutions 

  • New cybersecurity protection paradigms have been proposed that examine the physics of the power system application to derive a cyber conclusion. Such technologies require an interdisciplinary team to procure, design, commission, and operate.
  • Asset owners that place the responsibility for securing power systems solely on the back-office IT department will have greater levels of difficulty in implementing these future technologies and solutions.