Stuxnet has at least two major implications for Smart Grid. The first is Smart Grid utilizes key management. Stuxnet is one of the first cyber attacks to use compromised digital keys. Since then, there have been at three other cyber vulnerabilities to utilize compromised digital keys. There should be a reassessment of the key management process for Smart Grid. The second is the more insidious aspect of Stuxnet that attacks control system logic. Programmable Logic Controllers (PLCs) and other controllers with Windows “front-ends” are utilized throughout the Smart Grid for controlling renewable resources, modern automated substations, and other grid systems. These systems can be vulnerable to Stuxnet-type attacks. Control system policies and procedures need to be developed and implemented immediately to at least minimize these types of attacks. Joe Weiss
