1. Threats and Risks
Description: Review of the threat landscape including capabilities, techniques, and impacts observed in both the lab and in the wild. How to calculate risk and the expertise required to determine risk in the context of smart grid applications.
2. Risk Management, Resilience, and Holistic Security
Description: How to calculate and manage the risk associated with threats. Who should be involved when assessing risk. How to address the security challenges holistically at scale. Creating resilient power systems. How to bridge organization silos including who has the responsibility of designing, implementing, and maintaining smart grid cybersecurity.
3. Supply Chain
Description: Code signing, contract requirements for vendors on supplying firmware and patching, inherited vulnerabilities, open source libraries, contracts and liability associated with contractors, secure equipment manufacturing, building code for building code, etc.
4. Technical Standards and Regulatory Standards
Description: Overview and demonstration of current, pending, and future industry standards and guides being developed by industry organizations like IEEE, IEC, NIST and others. How to overcome the challenges associated with adoption and awareness of these resources. Review of the current, pending, and future policy standards being developed NERC, states, and other countries. Concerns, challenges, and solutions regarding implementation. Motivating factors and thoughts on securing assets that are out-of-scope of NERC-CIP.
Description: Creating the next pipeline of professionals capable of addressing these challenges. Academic programs at various universities. Computer Science vs Electrical Engineering vs Cyber Engineering vs IT Security formal degree programs. Cross training. Certifications. Engineering Licensure. HR policies on acquiring new talent to fill specific roles.
6. Academic Research and NextGen Solutions
Description: Examination and review of past and current research activates underway that help ensure a resilient and secure smart grid. How do we move these scientific advancements from the university and labs to the field. What’s needed for implementation.