Building resiliency into cybersecurity

The smart grid not only needs sound architecture for functionality, and cybersecurity for security — it also needs resilience to satisfy its high operational availability requirements. This resilience refers to the ability for the physical architecture to continue, or quickly recover to normal operation after a cyber event. The systems need additional requirements to include resiliency measures to expand on existing best practices and tools.

Based on the National Institute of Standards and Technology Interagency Report 7628 Revision.1 (NISTIR 7628 rev1), the SEPA Cyber-Physical Resiliency Task Force has identified resiliency gaps that exist. The task force then created a “crosswalk” between the NISTIR 7628 rev1 and other available resiliency controls. The final product here is a supplement of recommendations that acts as a resiliency gap filler to the NISTIR 7628 rev1.

The Cyber-Physical Resilience Task Force is sponsored by both the SEPA Cybersecurity Working Group and the Grid Architecture Working Group.

What’s in the Resiliency Supplement report

This report contains a comprehensive addendum of resiliency supplements to the “Cybersecurity Guidelines for the Smart Grid” for Systems Security Engineering. The supplement consists of detailed information, including:

• Resiliency Requirement Description
• Impact Level Allocation
• Comprehensive entries based on individual records from NISTIR 7628 rev1