Presentation on theme: "UCAIug Summit October 22-26, 2012 New Orleans, Louisiana New Orleans Downtown Marriott at the Convention Center."— Presentation transcript:
UCAIug Summit October 22-26, 2012 New Orleans, Louisiana New Orleans Downtown Marriott at the Convention Center
CIM Overview: CIM is an international standard globally accepted for modeling the information exchanges required in electric utility industry. The interoperability enabled by the CIM standards is a key factor for achieving the Smart Grid vision. OpenSG Overview: The OpenSG User Group (OSGug) was formed to create a forum for the development of requirements for SmartGrid systems. The work focus has been defined by the pragmatic needs of the Utility and Vendor communities. Through these forums leading experts share their insights, create technical content, and resolve key technical issues. Testing Overview: The UCAIug Quality Assurance Program provides for Formalized conformance testing of products supporting IEC 61850 standard will verify that supported functions of the IED are implemented correctly as defined in the IEC 61850 standard. The results of the tests are documented in a detailed test report. If an IED passes the mandatory tests a conformance certificate will be issued. The Testing community is actively working to add the CIM standards and Green Button to its Quality Assurance Program. Green Button Overview: The Green Button is based a standard developed by the North American Energy Standards Board (NAESB). NAESB OpenESPI 1.0 Standardizes the Energy Services Provider Interface (ESPI). Green Button uses the OpenESPI 1.0 standard to implement the common-sense idea that electricity customers should be able to securely download their own easy-to-understand household energy usage information from their utility or electricity supplier website. IEC 61850 Overview IEC 61850 is an international standard developed by the International Electro technical Commission (IEC) that provides a comprehensive framework for the implementation of power system automation within substations and across the power system. IEC 61850 is a mission critical part of achieving the Smart Grid vision.
Open Smart Grid (OpenSG) Security Working Group Meeting
Message from Chair, Vice Chair, Secretary OpenSG Security Working Group Members, welcome to the conference. For those attending events throughout the week, please share any pertinent information you learn with the group and thanks for your support and participation. The goal of this conference for OpenSG Security Working Group is to have an open discussion and determine next steps to include projects. Ensure the message of Utility Centric is out and all utilities know the OpenSG is specifically for the utilities Solicit inputs from Utilities on what they need from OpenSG, specifically with regards to Security Solicit inputs on improvements, comments, suggestions for group items Vote on Advanced Metering Infrastructure Profile Changes Review EPRI Slides and where group can assist
Open Smart Grid Security Working Groups Overview (Some Groups are in Hibernation Until Called Upon) Chair - JD Senger, Oncor Vice Chair - Bobby Brown, Booz Allen Hamilton Secretary - Scott Palmquist, Itron
SG Security WG – Task Forces Usability Analysis Task Force Evaluation and refinement of Security Profiles and other materials considered for ratification by the SG Security WG CyberSec-Interop Task Force (In Hibernation) Spinoff from DOE National SCADA Test Bed Lemnos Interoperable Security Project AMI-SEC Task Force (In Hibernation) Produce technical specifications used by utilities to assess and procure AMI Embedded Systems Security Task Force (Charter Under Revision) Security requirements for embedded components and devices used in utility field systems
Will Arensman firstname.lastname@example.org Tam Do email@example.com Galen Rasche firstname.lastname@example.org Standardized Security Objects for AMI October 23, 2012
Continued Coordination with External Groups NIST Cyber Security Working Group Electric Power Research Institute (EPRI) project P183.009, Standardized Security Objects for AMI. P183.009 Industrial Control Systems Joint Working Group (ICSJWG) Vendor Subgroup Green Button Any Updates on DOE funding for 2013? Next Steps
“Green Button” is the common-sense idea that electricity customers should be able to securely download their own easy-to-understand household energy usage information from their utility or electricity supplier website. Numerous companies are already developing web and smart phone applications and services for businesses and consumers that can use Green Button data to help consumers choose the most economical rate plan for their use patterns; deliver customized energy-efficiency tips; provide easy-to-use tools to size and finance rooftop solar panels; and conduct virtual energy audits that can cut costs for building owners and speed the initiation of retrofits. Developing innovative applications and services to help consumers understand and manage their energy use and understand the environmental impacts of that usage is a field ripe for innovation. Numerous companiesapplications The attached document is a call for participation to any Accreditation Body, Certification Body, and Conformity and Interoperability Test Laboratories interested in participating in the UCAIug “Green Button” Testing Program. If your organization is interested in participating in this program, we encourage you to respond to the call for participation by end of business Friday, November 2 nd, 2012. We will be having a Face to Face meeting at the UCAIug 20112 Summit in New Orleans. The Summit runs from October 22-26. Wednesday, October 24 th we will have the initial meeting to kick-off the UCAIug Green Button Testing Program. More information on the Summit is available at http://www.ucaiug.org/Meetings/NO2012/default.aspx.The OpenADE will be meeting all day on Thursday, October 25, 2012 working sessions to make progress on the Green Button testing requirements that will drive the test cases. http://www.ucaiug.org/Meetings/NO2012/default.aspx GREEN BUTTON (OpenSG Members Please Advise if Attending)
Advanced Metering Infrastructure Security Profile Update for Vote Updated tables 2, line 4 in the AMI-Sec Security Profile. Approval of the modification vote to eligible voting members. Upon approval will rev the doc to Version 2.1 and remove track changes. Changes submitted - Page 13 in the table row labeled Line #4: to MDMS, the Summary of Communication lists "customer HAN equipment commands." This is in conflict with the requirements section of the document, and should be changed to something along the lines of "customer HAN equipment responses.“ We don't want HAN devices sending commands to any part of the AMI system. Call to Vote for following eligible members: JD Senger, Tam Do, Rich Tolway, Scott Palmquist, John Lilley, Galen Rasche, Neil Greenfield, Glen Chason, Mark Ellison, Irene Gassko, David Chambers, Naeem Ahsan, Darren Highfill, David Mitton (If you already sent me your vote I have on record)
Ongoing Objectives Support relationships with other OpenSG working groups and task forces Discuss future objectives of group Continued coordination with NIST, DOE and others Ensure utility centric and utilities inputs are incorporated Discuss any interim work done by TFs
Ongoing Efforts The ASAP-SG Team finished the first complete public draft of the Security Profile for Substation Automation. http://osgug.ucaiug.org/utilisec/Shared%20Documents/Substation% 20Automation%20Security%20Profile/SA%20Security%20Profile% 20-%20v0_15%20-%2020120930.docx John Lilley (Sempra) will resurrect the Usability Analysis Task Force to review the draft document and comments. Once completed the SG Security Working Group will vote on this document. Embedded Systems Task Force activated and no longer in hibernation. Charter being revised and deliverables to group in November. Update from Rohit
Ongoing Efforts Energy Sector Cybersecurity Capability Maturity Model (ES-C2M2) Discussion Risk Management (i.e., how systems are assessed and scored). Utilities appear struggle with this and/or don’t have methods that are repeatable. NIST has some guidelines, but none are specific enough to base a real calculation. Having a risk program will also be key in NERC CIP compliance.
Substation Automation Profile Update For those of you interested in reviewing and commenting on the Substation Automation Security Profile, it is posted on the SharePoint site at: http://osgug.ucaiug.org/utilisec/Shared%20Documents/Forms/ AllItems.aspx?RootFolder=%2futilisec%2fShared%20Docume nts%2fSubstation%20Automation%20Security%20Profile&Fol derCTID=&View=%7b059E5611%2d3141%2d4B3E%2dAAA4%2 dFE7645EE07EE%7d Darren Highfill (email@example.com)) has volunteered to be the comments wrangler and firstname.lastname@example.org)
Closing Security Group Discussion Members open discussion on all topics for the Security Working Group such as items of interest by members. Utility Members are the reason the group is here, any Utility members that would like to discuss hot topics the group should be focused on please advise. Closing Comments