Return to SGIP Community > Standing Member Committees (SMC)
Cybersecurity threats exploit the increased complexity and connectivity of critical infrastructure systems, placing the United States security, economy, and public safety and health at risk. Similar to financial and reputational risk, cybersecurity risk affects a company’s bottom line. It can drive up costs and impact revenue, harm an organization’s ability to innovate and impact its ability to gain and retain customers.
In 2013, President Obama shared that “repeated cyber intrusions into critical infrastructure demonstrate the need for improved cybersecurity. The cyber threat to critical infrastructure continues to grow and represents one of the most serious national security challenges we must confront. To better address these risks, U. S. President Obama issued Executive Order 13636, “Improving Critical Infrastructure Cybersecurity” in February of that same year, which called for the development of a voluntary risk-based Cybersecurity Framework to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.
The electric grid is critical to the economic and physical well-being of the nation, and emerging cyber threats targeting the grid highlight the need to integrate advanced cybersecurity to protect these critical assets.
The major elements of the Smart Grid, in addition to the electric grid, are information technology, industrial control systems, and the communications infrastructure used to send command information from generation to the distribution systems. These elements are also used to exchange usage and billing information between utilities and their consumers.
Key to the successful deployment of the Smart Grid infrastructure is the development of a cybersecurity strategy. Cybersecurity needs to be designed into the new systems supporting the Smart Grid, and added into existing systems without extensively impacting operations.
For successful development and implementation of a secure Smart Grid infrastructure, two key actions must occur – designing cybersecurity functionality into emerging interoperability standards that support the Smart Grid and adding cybersecurity into existing interoperability standards.
A key working group of SGIP, SGCC volunteer members are involved with:
Providing recommended security requirements that may be used by strategists, designers, implementers, and operators of the Smart Grid, in their job functions at, utilities, equipment manufacturers and for guidance to regulators).
Creating and maintaining a logical reference model of the Smart Grid, which enables the creation and maintenance of a logical Smart Grid system and security architecture.
Identifying and clearly describing privacy risks and concerns with developed or emerging interoperability standards for the Smart Grid, and then determining the most appropriate and feasible practices for mitigating the risks.
Identifying Smart Grid cybersecurity-specific gaps and challenges. Where possible, SGCC will collaborate with SGIP Priority Action Plans (PAPs) or other groups (e.g., National Electric Sector Cybersecurity Organization Resource (NESCOR), OpenSG, etc.) to help address the identified gaps.
Assessing proposed standards and requirements for adoption into the SGIP Catalog of Standards.
Developing cybersecurity and privacy resources that can benefit Smart Grid stakeholders.
At present, SGCC has six subgroups which focus on specific issues or projects such as development of white papers or guidelines.
SGCC Architecture Subgroup — This Subgroup continues to refine the Smart Grid cybersecurity architecture in coordination with the SGIP SGAC on the EU architecture harmonization effort.
SGCC Cloud Computing Subgroup — This Subgroup is responsible for identifying and addressing the unique cybersecurity issues of using and managing Smart Grid applications that utilize cloud computing.
SGCC High Level Requirements (HLR) Subgroup — This Subgroup maintains the high-level security requirements in NISTIR 7628 and develops mappings and other analyses between NISTIR 7628 (Vol 1, Vol 2, Vol 3) and other documents, standards, and guidelines.
SGCC Privacy Subgroup — This Subgroup identifies and describes privacy risks and concerns within developed or emerging interoperability standards for the Smart Grid, and then determines the most appropriate and feasible practices for mitigating the risks.
SGCC RMP Case Study Subgroup — This Subgroup is completing a case study narrative to accompany the Department of Energy’s Cybersecurity Risk Management Process (RMP) guideline developed by the Department of Energy (DOE), in collaboration with the National Institute of Standards and Technology (NIST) and the North American Electric Reliability Corporation (NERC).
SGCC Standards Subgroup — This Subgroup assesses cybersecurity requirements associated with SGIP-identified Smart Grid standards and other industry cybersecurity documents which are proposed to be listed in the SGIP Catalog of Standards ( CoS). Using carefully crafted criteria based on NISTIR 7628, the Subgroup examines candidate standards and prepares recommendations regarding cybersecurity issues such as security management, security architecture, encryption, etc.
Group Chair: Suzanne Lightman, Senior Advisor for Information Security Computer Security Division, NIST
Vice Chair: Scott Saunders, Sacramento Municipal Utility District (SMUD)
Vice Chair: Akhlesh Kaushiva, U.S. Department of Energy (DoE)
Secretary: Amanda Stallings, Ohio Public Utilities Commission
IKBAn ever-growing repository for Smart Grid technical knowledge from common vocabulary and actors to the Catalog of Standards.Learn MoreSGIP CommunitySGIP brings together and gives voice to over 20 industry segments representing every domain in the power industry.Learn More
KEY DOCUMENTS (SGCC)
COMMUNICATE & CONNECT
Member Calendar of Activities
JOIN SGIP’S MAILING LIST
WELCOME NEW MEMBER
JOIN SGIP NOW
Be a part of shaping the standards for the Smart Grid industry.
NEWSLETTER SIGN UP
© 2015 SGIP 2.0, Inc. All Rights Reserved.