NIST seeks comments on Grid Cyber Security


April 23, 2010 – NIST’s complete draft report is available here. Comments on the draft report are due June 2, 2010.

The National Institute of Standards and Technology (NIST) is requesting public comment on the second draft of its Smart Grid Cyber Security Strategy and Requirements report. This report addresses cyber security concerns at different points of the electric grid, privacy and the protection of energy consumers’ personal information amongst other topics.

The NIST report on Smart Grid cyber security is intended as a guidance document, and the final report will serve as the basis of mandatory cyber security requirements for the nation’s electric infrastructure. Any recommendations in the NIST Smart Grid cyber security report are therefore likely to affect significantly the design, planning, development, deployment and implementation of Smart Grid technology and systems. For example, the following may occur:

Developers and vendors of Smart Grid technology and equipment—including energy management software applications, smart meters and distribution grid management systems—may be required to ensure that their products satisfy NIST’s cyber security recommendations.

Electric utilities planning or already engaged in Smart Grid deployment could experience increased equipment and technology costs, decreased flexibility in the design of their individual Smart Grid systems, and the premature obsolescence of equipment and infrastructure that has already been deployed (resulting in substantial stranded investment and infrastructure replacement costs).