The IT Law Wiki
The IT Law Wiki

Overview[]

The Smart Grid Interoperability Panel–Cyber Security Working Group (SGIP-CSWG) was formerly known as the Cyber Security Coordination Task Group (CSCTG). The SGIP-CSWG was established as a permanent working group within the Smart Grid Interoperability Panel. It is now called the Grid Interoperability Panel-Smart Grid Cybersecurity Committee.

The CSWG has members from a wide range of organizations and industries, including utilities, state utility commissions, privacy advocacy groups, academia, Smart Grid appliance and applications vendors, information technology (IT) engineers, and information security (IS) practitioners. This diversity of disciplines and areas of interest among the group’s participants helps to ensure all viewpoints are considered when looking at privacy and security issues, and it brings a breadth of expertise both in recognizing inherent privacy risk areas and in identifying feasible ways in which those risks might be mitigated while at the same time supporting and maintaining the value and benefits of the Smart Grid.

The CSWG membership collaborated to deliver the NIST Interagency Report (NISTIR) 7628, Guidelines for Smart Grid Cyber Security, in August 2010. Since then the group has focused on specific topics such as risk management processes, key management in the Smart Grid, the Smart Grid security architecture, security testing and certification, Advanced Metering Infrastructure (AMI) security, and privacy in the Smart Grid. In addition, the group is conducting security reviews of many Smart Grid-related standards and beginning to develop a User's Guide for NISTIR 7628.

Subgroups[]

During the development of NISTIR 7628, CSWG subgroups performed detailed technical analyses on an array of security-related topics, and then documented the research, issues, and guidance in specific sections. The CSWG creates and disbands subgroups in order to meet present needs.

Since the NISTIR 7628 publication, some of the CSWG subgroups have merged, while others are regrouping as they determine their next set of tasks. The CSWG currently consists of the following subgroups:

Privacy issues[]

The SGIP-CSWG has worked since June 2009 to research privacy issues within the existing and planned Smart Grid environment. Its research to date has focused on privacy concerns related to consumers' personal dwellings and use of electric vehicles.[1] In July and August of 2009, the privacy subgroup performed a comprehensive privacy impact assessment (PIA) for the consumer-to-utility portion of the Smart Grid.

References[]

  1. There may also be privacy concerns for individuals within business premises, such as hotels, hospitals, and office buildings, in addition to privacy concerns for transmitting Smart Grid data across country borders. However, because the existing collection of NIST use cases does not cover business locations or cross border data transmission, and in view of its time constraints, the Privacy subgroup has not researchws business premises or cross border privacy issues.