12
OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Embed Size (px)

DESCRIPTION

Review Security Conformity TF Charter Establish security conformance requirements for laboratories desiring to certify smart grid components and systems and; Establish clear scoping boundaries, perform research to identify existing models, and propose a high-level philosophy of approach. Chair: Bobby Brown, EnerNex representing Consumers Energy, Vice-Chair: needed

Citation preview

Page 1: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

OpenSG SG Conformity – Security ConformityJuly 22, 2010Bobby Brown

Page 2: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

AgendaThursday, July 22nd

• Overview Security Conformance & Charter• Align with Conformity WG

– Use Cases OpenHAN, OpenADE, OpenADR– Identify Security Functions/Services

• Identify Requirements and Standards• Discuss Development of Abstract Security Test Cases• Support TCC and CSWG Testing & Certification Subgroup

Page 3: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Review Security Conformity TF Charter

• Establish security conformance requirements for laboratories desiring to certify smart grid components and systems and;

• Establish clear scoping boundaries, perform research to identify existing models, and propose a high-level philosophy of approach.

• Chair: Bobby Brown, EnerNex representing Consumers Energy, [email protected]

• Vice-Chair: needed

Page 4: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Conformance Definitions

a) “Is any activity to determine, directly or indirectly, that a process, product, or service meets relevant standards and fulfills relevant requirements.” ISO/IEC Guide 2:2004

b) Conforms if… “has not been proven to be non-conformant with standard x”

Page 5: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Which Areas?

• Work closely with Conformity Groups– OpenHAN– OpenADR– OpenADE

Page 6: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Which Requirements & Standards?

• OpenSG – OpenHAN, OpenADE, OpenADR• OpenSG – Security Profiles• Testing & Certification Committee

List of Standards- SGIP_TCC_Interoperability_Issue_Assessment_Process_V02.pdf

Page 7: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Identify Generic Security Functions/Services

• Authentication• Logging/Auditing• Alerting• Secure Data Transfer• Authorization

Page 8: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Example PatternofSecure WirelessAccess onPrivate Network

Page 9: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Develop Abstract Test Cases

• Template

Page 10: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Outward Support

• SGIP Testing & Certification Committee• CSWG Testing & Certification Sub-group• SG Security CyberSec-Interop

Page 11: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Meeting Logistics

• Currently every Friday at 2:00PM Eastern Time– propose to meet with Conformity WG for now

[email protected]

Contact [email protected] to be added to ListServ

Page 12: OpenSG SG Conformity – Security Conformity July 22, 2010 Bobby Brown

Thank you!

Bobby Brown, [email protected]