THREE PRINCIPLES FOR A SECURE SMART GRID

Cybersecurity And The Smart Grid: Detecting And Thwarting Attacks

3 October 2012 (Renew Grid)

“Over the last few years, the smart grid has created both real concerns and dramatized fears about cybersecurity weaknesses and the risk of potential attacks…[T]here are a few guiding principles that can help in the analysis of these potential attacks and even prevent them.

“Guiding principle #1: Assume that any security system can be breached, and plan ahead for breaches, in order to ensure that a successful attack is detected, localized and compartmentalized. Following this principle lowers the value and likelihood of an attack.”

click to enlarge

“Guiding principle #2: Understand and manage the attack surface, which is the virtual avenue of attack. Some attacks are relatively simple and require minimal training to mount. The system must anticipate and counter these simple attacks…Other[s] require expert cryptologists and super computers…If the reward of a successful attack at this surface does not yield a proportionate benefit [to the needed resources], the likelihood of this attack is reduced.

“Guiding principle #3: Use standard security protocols and best practices that have been applied in IT systems that have been - and continue to be - attacked…[If] known access control, authentication and encryption techniques…have been attacked (and revised when an attack was successful), it makes them generally stronger than a proprietary technique that has not been subjected to relentless attacks…If the industry follows…[these] guiding principles, smart meters can provide a more reliable, theft-resistant and attack-resistant grid than what is currently in place…”

Tweet