AMI security profile approved


Knoxville, TN, U.S.A. — (METERING.COM) — June 25, 2010 – Version 2.0 of the “Security Profile for Advanced Metering Infrastructure,” which is aimed at providing guidance and security controls to organizations developing or implementing AMI solutions, has been approved and released.

The intent of the document is to present security concerns relevant to AMI and to provide prescriptive, actionable guidance for how to build-in and implement security for AMI smart grid functionality. This guidance is neutral to vendor specific implementations and architectures, and the scope of this work extends from the meter data management system (MDMS) up to and including the home area network (HAN) interface of the smart meter.

The document also provides a tailored security profile based on AMI use cases.

Specific recommended controls cover:

  • System and communication protection
  • Information and document management
  • System development and maintenance
  • Incident response
  • System and information integrity
  • Access control
  • Audit and accountability
  • Survivability.

In developing the guidance, the task force examined community-established AMI use cases, evaluated risk for AMI, and utilized a security service domain analysis. The controls were adapted from the Department of Homeland Security’s catalog of control systems security.

The document was prepared for the AMI Security (AMI-SEC) Task Force of the Utility Communications Architecture International Users Group (UCAIug) and the NIST Cyber Security Coordination Task Group by the Advanced Security Acceleration Project (ASAP-SG) under the management of Enernex Corporation.