Date Published: May 2019
Comments Due:
Email Questions to:
Author(s)
James McCarthy (NIST), Don Faatz (MITRE), Eileen Division (MITRE)
Announcement
The National Cybersecurity Center of Excellence (NCCoE) at NIST is seeking comments on a draft project description that will focus on securing Industrial Internet of Things (IIoT) information exchanges of distributed energy resources (DERs) in their operating environments. As an increasing number of DERs are connected to the grid, there is a need to examine the potential cybersecurity concerns that may arise from these interconnections.
The goal of this project is to document an approach for improving the overall security of IIoT in a DER environment that will address the following areas of interest:
- The information exchanges between and among DER systems and distribution facilities/entities, and the cybersecurity considerations involved in these interactions.
- The processes and cybersecurity technologies needed for trusted device identification and communication with other devices.
- The ability to provide malware prevention, detection, and mitigation in operating environments where information exchanges are occurring.
- The mechanisms that can be used for ensuring the integrity of command and operational data and the components that produce and receive this data.
- Data-driven cybersecurity analytics to help owners and operators securely perform necessary tasks.
This project will result in a publicly-available NIST Cybersecurity Practice Guide (SP 1800 series)—a detailed implementation guide of the practical steps needed to implement a cybersecurity reference design that addresses this challenge.
This project will explore various scenarios in which information exchanges among interconnected energy infrastructures can be protected from cybersecurity compromises. Components of these infrastructures form what is commonly known as the Industrial Internet of Things (IIoT). In this project, the IIoT comprises interconnected sensors, data transfer and communications systems, instruments, and other commercial off-the-shelf (COTS) devices networked together. This project focuses on demonstrating data integrity and malware prevention, detection, and mitigation for scenarios in which information exchanges occur between distributed energy resources and the distribution grid. These information exchanges create the potential for increased cybersecurity risk.
This project will result in a freely available NIST Cybersecurity Practice Guide.
This project will explore various scenarios in which information exchanges among interconnected energy infrastructures can be protected from cybersecurity compromises. Components of these infrastructures form what is commonly known as the Industrial Internet of Things (IIoT). In this project, the...
See full abstract
This project will explore various scenarios in which information exchanges among interconnected energy infrastructures can be protected from cybersecurity compromises. Components of these infrastructures form what is commonly known as the Industrial Internet of Things (IIoT). In this project, the IIoT comprises interconnected sensors, data transfer and communications systems, instruments, and other commercial off-the-shelf (COTS) devices networked together. This project focuses on demonstrating data integrity and malware prevention, detection, and mitigation for scenarios in which information exchanges occur between distributed energy resources and the distribution grid. These information exchanges create the potential for increased cybersecurity risk.
This project will result in a freely available NIST Cybersecurity Practice Guide.
Hide full abstract
Keywords
data integrity; distributed energy resource (DER); industrial control system; Industrial Internet of Things; malware; microgrid; smart grid
Control Families
None selected
