Cybersecurity for Smart Grid Systems

Objective: To develop the measurement science needed to advance the development and standardization of cybersecurity, including privacy, policies, measures, procedures, and resiliency, in the smart electric grid.

What is the new technical idea?
As a result of deployment of new smart grid technologies, the electric power industry is faced with new and changing cybersecurity threats, vulnerabilities, and the need for requirements applicable to the smart grid, both broadly and in specific areas such as applied cryptography, and cybersecurity for microgrids. The new technical idea is to adapt existing cybersecurity best practice methodologies and tools and to understand how to apply them in the electric sector, while identifying gaps and unique requirements for the grid that require new methodologies and tools.  NIST will address these challenges through research conducted in the NIST Smart Grid Testbed facility, leading the Smart Electric Power Alliance (SEPA) Cybersecurity Committee (SGCC) to evaluate of cybersecurity policies and measures in industry standards, and develop relevant guidance documents for the smart grid cybersecurity community.

What is the research plan?
Device authentication and behavior analysis for edge grid devices in a smart grid environment 
This project will investigate various means for device authentication within the smart grid environment.  Researching practices already implemented in the IT space (x509 certificates, Trusted Platform Modules (TPM), etc) and how to implement them in a distributed grid system while mapping to their associated levels of assurance.  In this project, a device authentication scenario will be implemented in the Smart Grid Test Bed and security features will be enabled to analyze their feasibility on devices. The first task will be to list the varying ways device identities can be stored within smart grid devices.  The second task will be to implement these varying device identities and authentication mechanisms within the Smart Grid Test Bed.  The end result will be a document that encapsulates the implementation, the performance results gathered, and discuss their implications of smart grid systems.

Smart Grid Architecture Cybersecurity Framework (CSF) Profile for Voltage Control
For this work effort, the Cybersecurity Framework (CSF) is being used to compare and contrast distribution system voltage control within two grid architectures—the previously-explored PNNL High-DER architecture and a current, conventional architecture. A CSF Profile would be the primary means of expressing these differences in the achievement of voltage control within the two architectures. The first task will consist of meeting with relevant stakeholders to understand voltage control within the context of a current, conventional architecture as well as within the previously-explored PNNL High-DER architecture.  Special attention will be paid to compare & contrast voltage control strategies within the 2 architectures as well as the associated cybersecurity considerations.

The 2nd task will involve prioritizing CSF Subcategory outcomes for the delivery of voltage control within a current, conventional architecture as well as within the previously-explored High-DER architecture. Additionally, the team shall identify considerations for power system stakeholders in achieving voltage control and/or the desired cybersecurity outcomes within the architectures.

The 3rd task will involve documenting the target Profile—the prioritization of the CSF subcategories and associated cybersecurity considerations—in a NISTIR or NIST Technical Note.  The Profile will compare/contrast the delivery of voltage control within the two different architectures (High-DER vs. conventional architecture) and the associated cybersecurity considerations for power system stakeholders. It is intended that the Profile will also incorporate updated NERC CIP to CSF mappings (i.e., current NERC CIP <-> CSF v1.1).
 

Examining the Cybersecurity Requirements of New Grid Architectures
A major finding of the Smart Grid Interoperability Framework, Revision 4, is that the logical interface categories of NISTIR 7628 are generally applicable to emerging interfaces in new system architectures, but that all security practices from the bulk power system may not be relevant to or useful for new domains in which those interfaces occur. The program will therefore explore the mapping of logical interfaces to the new system architectures, with a specific focus on identifying those cybersecurity practices that can be used for, or adapted to, the new interfaces. The work will also identify gaps in cybersecurity protections that may result from the different operational and integration requirements between the conventional Bulk Power System focused and the new DER focused logical interfaces.