Will a control system cyber security framework really get organizations to collaborate

July 10, 2013
Electrons do not have organization charts. Neither do hackers. Unfortunately people and organizations do. As a result of the second utility willing to engage in an Aurora demonstration project, an issue arose about the cyber security of the devices used in the transformer controls. After several calls I was routed to the chair of the IEEE Transformer Committee. Their charter does not include cyber security. More than that, in order to address Aurora, it also includes the IEEE Power Systems Relay Committee, the IEEE Substations Committee, IEC TC 57 WG15 plus myriad IEEE Smart Grid standards.
Electrons do not have organization charts. Neither do hackers. Unfortunately people and organizations do. As a result of the second utility willing to engage in an Aurora demonstration project, an issue arose about the cyber security of the devices used in the transformer controls. After several calls I was routed to the chair of the IEEE Transformer Committee. Their charter does not include cyber security. More than that, in order to address Aurora, it also includes the IEEE Power Systems Relay Committee, the IEEE Substations Committee, IEC TC 57 WG15 plus myriad IEEE Smart Grid standards. Any generation issues would need to be addressed by ISA. To date, the only true cross-collaboration in control system cyber security has been by the offensive community in the development of Stuxnet. I hope the NIST framework effort can be more successful in getting collaboration than what has occurred to date.Joe Weiss
About the Author

Joe Weiss | Cybersecurity Contributor

Joe Weiss P.E., CISM, is managing partner of Applied Control Solutions, LLC, in Cupertino, CA. Formerly of KEMA and EPRI, Joe is an international authority on cybersecurity. You can contact him at [email protected]