Upload
emory-curtis
View
218
Download
0
Embed Size (px)
Citation preview
Boot Camp - Conformity
July 19, 2010 Detroit, USA
Bruce Muschlitz, EnerNexSlide 2
Boot Camp - Conformity• Overview– What does this Working Group do?– Previous meetings – Knoxville, San Fran, DC– Guiding principles– Terms we use– NIST Activities– Our Activities– Re-organization
Bruce Muschlitz, EnerNexSlide 3
Boot Camp – ConformityGoals of the working group
• Coordinate Task Forces– Edge Conformity– Enterprise Conformity– Security Conformity
• Provide overall guidance• Propose/Review task force deliverables
Bruce Muschlitz, EnerNexSlide 4
Boot Camp – ConformityPrevious Meeting (Knoxville)
• Organized Group• Introduced 61850-10 as one models• Stressed conformance != interoperabilty• Explained abstract vs. detailed tests• Introduced “virtual” test environments
Bruce Muschlitz, EnerNexSlide 5
Boot Camp – ConformityPrevious Meeting (San Francisco)
• Continued Group Organization• Discussed “plug-fest” – won’t do this• Discussed how other do this:– ISO Guide 65– IEC 17011 and 17025– http://www.rabnet.com
• Discussed Product Mark (logo)• Recognized: 61850 Testing, SGIP TCC
Bruce Muschlitz, EnerNexSlide 6
Boot Camp – ConformityPrevious Meeting (McLean)
• Organized Security Conformity• Re-organized by Horizontal teams• Discussed interaction with SGIP TCC• Recognized Edge/ENT might work better as
(Physical) Device/ (Middleware) Interface
Bruce Muschlitz, EnerNexSlide 7
Boot Camp – ConformityGuiding Principles
• Detailed Tests are not defined by UCAIug • Testers shall adhere to the defined tests • Equivalence of testers (no easy testers) • Tester shall produce “full” test results • Testers are free to script the tests
Bruce Muschlitz, EnerNexSlide 8
Boot Camp – ConformityCommon Terms
• Conformance – meets spec?• Interop – plays well with others?• Positive tests – does it work right?• Negative tests – recovers gracefully?• Black Box tests – no inside knowledge• White Box tests – view algorithms
Slide 9
Boot Camp – ConformityNIST Priority Action Plans
Phil Beecher, PG&E
Bruce Muschlitz, EnerNexSlide 10
Boot Camp – ConformityNIST SGIP Standing Committees
• Smart Grid Architecture Committee• Smart Grid Testing and Certification
Committee – TCC committee will learn on our work– TCC will share some duties with out work
Conformity Activities
• Common Glossary• Product Mark presentation• Templates – test cases, use cases• TISSUEs (Technical Issues)• “Conformity Requirements Document”
Re-Organization• Original organization based upon physical
location of devices (distance from enterprise)• New organization based upon interface
functionality (real or virtual)– Real – wired or wireless protocols– Virtual - APIs
Bruce Muschlitz, EnerNexSlide 13
Boot Camp – ConformityBackground Material
• http://osgug.ucaiug.org• http://www.ucaiug.org• http://www.rabnete.com• http://www.iec.ch/helpline/sitetree/
conformity• http://collaborate.nist.gov/twiki-sggrid/bin/view/SmartGrid/
WebHome
Slide 14
Boot Camp – ConformityQuestions?
Phil Beecher, PG&E
Boot Camp
Edge / Enterprise Conformity
Edge / Enterprise Conformity Activity
• Certification Process Reference Manual• Define Abstract Test Cases
What is the CPRM?
• Overview of device and system requirements• Identifies best practice for device and system
protocol design• Defines the process used to define and
maintain the quality of a Certification Program
Guiding Principles
• Open standards based• Clean, layered architecture• Robust certification program• Focussed on application programming interface, not specific
applications• Layered conformance testing• Performance testing considerations• Economically viable
Organisational Requirements
• Identify organisational structure to support a robust certification and interoperability testing program– Program management– Test laboratory qualification– Logo management– Change control– Dispute resolution– Devices and systems
Program Overview
Context (systems)
Context (products)
OpenSG SG Conformity – Security Conformity
July 19, 2010Bobby Brown
Security Conformity Task Force
Security Conformity TF Charter
• Establish security conformance requirements for laboratories desiring to certify smart grid components and systems
• Establish clear scoping boundaries, perform research to identify existing models, and propose a high-level philosophy of approach
• Chair: Bobby Brown, EnerNex representing Consumers Energy, [email protected]
• Vice-Chair: needed
Work Plan
• Reporting & Communication• High-level Conformity Requirements• Testing Use Cases
Goals
• Provide testing laboratories with best practice for cyber security testing.• Provide environmental and technical considerations for entities
developing internal cyber security testing processes• Develop cyber security tools list and resources for security testing.• Develop test cases• Support funded efforts conducting actual testing to vet and assist in the
development of the testing method, and cyber security metrics.• Develop guidance for suppliers outsourcing cyber security testing –
technical, procedural, communication, reporting, and status.
Conformance Definitions
a) “Is any activity to determine, directly or indirectly, that a process, product, or service meets relevant standards and fulfills relevant requirements.” ISO/IEC Guide 2:2004
b) Conforms if… “has not been proven to be non-conformant with standard x”
Meeting Logistics
• Every Friday at 2:00PM Eastern Time (changing to every other week)
Contact [email protected] for dial-in information and to be added to ListServ
Detroit Face-to-Face Agenda
8-10 AM Thurs July 22nd in Founders B-3
• Review Charter & Work Plan• Old Business• AMI Use Cases• Identify Standards (AMI)
Bruce Muschlitz, EnerNexSlide 34
Boot Camp – Edge ConformityQuestions?