190 likes | 356 Vues
AMI-SEC Task Force October 23 rd Face-To-Face Meeting – Knoxville, TN R oadmap, ASAP Deliverables, & Outreach. Darren Reece Highfill, CISSP EnerNex Corporation darren@enernex.com. Agenda. Introductions Roadmap Review of comments Update of Scope, Charter System Security Requirements
E N D
AMI-SEC Task ForceOctober 23rd Face-To-Face Meeting – Knoxville, TNRoadmap, ASAP Deliverables, & Outreach Darren Reece Highfill, CISSP EnerNex Corporation darren@enernex.com
Agenda • Introductions • Roadmap • Review of comments • Update of Scope, Charter • System Security Requirements • Overview • Detail discussion • Component Catalog • Architectural Description • Review / approval • Deliverable suite usage • Outreach • SmartGridiPedia • NIST • ASAP • Meeting Schedule for 2009
SSR – Primary Security Services • Confidentiality and Privacy (FCP) • Integrity (FIN) • Availability (FAV) • Identification (FID) • Authentication (FAT) • Authorization (FAZ) • Non-Repudiation (FNR) • Auditing (FAU)
SSR – Supporting Security Services • Anomaly Detection Services (FAS) • Boundary Services (FBS) • Cryptographic Services (FCS) • Notification and Signaling Services (FNS) • Resource Management Services (FRS) • Trust and Certificate Services (FTS)
SSR – Assurance • Development Rigor (ADR) • Organizational Rigor (AOR) • Handling/Operating Rigor (AHR) • Accountability (AAY) • Access Control (AAC)
Agenda • Introductions • Roadmap • Review of comments • Update of Scope, Charter • System Security Requirements • Overview • Detail discussion • Component Catalog • Architectural Description • Review / approval • Deliverable suite usage • Outreach • SmartGridiPedia • NIST • ASAP • Meeting Schedule for 2009
What is an AMI Security Component? Hardware and/or Software that meet the following criteria: • Must cover at least one requirements (SSR) category and at least one security domain • Must enable relevant security policy • Must not be a policy • Can be an algorithm • Cannot be a product • Assures business value or system function • Must be available in the market
SSR – Component Catalog Mapping Component
Example Components Are each of these components? Where do they map? • AES Encryption Strategy • A5 Encryption Strategy • CAVE Encryption Strategy • RSA Encryption Strategy • DSA Encryption Strategy • RC4 Stream Encryption Strategy • Blowfish Block Encryption Strategy • 3DES Block Encryption Strategy • IDEA Block Encryption Strategy • Stream Encryption Strategy • Block Encryption Strategy • Encrypted Storage • Storage Encryption Mode • Storage Encryption Strategy • Authenticating Encryption Mode • Network Packet Filter • Proxy • Network Application Reverse Proxy • Application Layer Gateway • Host Packet Filter • Hardware Encryption Manager • Software Encryption Manager • RADIUS Server • RADIUS Protocol • TACACS+ Server • TACACS+ Protocol • LDAP Server • LDAP • Identity Server • Authentication Server • Authorization Server • Policy Enforcement Manager • Intrusion Detection System • Network IDS • Host IDS • Network IPS • Network IDS • Wireless IDS • IEEE 802.11i • IEEE 802.11ae • IEEE 802.11af π
Agenda • Introductions • Roadmap • Review of comments • Update of Scope, Charter • System Security Requirements • Overview • Detail discussion • Component Catalog • Architectural Description • Review / approval • Deliverable suite usage • Outreach • SmartGridiPedia • NIST • ASAP • Meeting Schedule for 2009
Agenda • Introductions • Roadmap • Review of comments • Update of Scope, Charter • System Security Requirements • Overview • Detail discussion • Component Catalog • Architectural Description • Review / approval • Deliverable suite usage • Outreach • SmartGridiPedia • NIST • ASAP • Meeting Schedule for 2009
Outreach – Washington, DC • Objective:Increase awareness in Washington, DC that the electric power industry is proactively addressing this important issue in a productive manner • Inform policy-makers: • Security for AMI is important • Utilities are proactively and collaboratively addressing the issue • We have produced the first round of guidance for AMI and are working on expansion for the Smart Grid
Outreach – Washington, DC • Who: • Congressional Staff • Energy & Commerce • House Homeland Security • Smart Grid Task Force • DOE/OE (lead) • DOE/EERE • FERC • NIST • EPA • DHS • USDA • Industry & Trade • NERC • NARUC • NRECA
Agenda • Introductions • Roadmap • Review of comments • Update of Scope, Charter • System Security Requirements • Overview • Detail discussion • Component Catalog • Architectural Description • Review / approval • Deliverable suite usage • Outreach • SmartGridiPedia • NIST • ASAP • Meeting Schedule for 2009
Planning / Logistics • Next meeting dates • F2F • January 6-8 • EPRI – Palo Alto, CA • April 14-16 • AEP – Columbus, OH • July 14-16 • TBD – Host Needed • October 20-22 • EnerNex – Knoxville, TN • Teleconferences: • Nov. 5th, 1-2pm EDT • Nov .19th, 1-2pm EDT • Dec. 10th, 1-2pm EDT