Comments on the draft report are due June 2, 2010.
The National Institute of Standards and Technology (NIST) has announced that it is requesting public comment on the second draft of its Smart Grid Cyber Security Strategy and Requirements report. This report addresses a broad range of issues, covering not only cyber security concerns at different points of the electric grid, but also privacy and the protection of energy consumers' personal information.
Although NIST has clarified that its report on Smart Grid cyber security is intended as a guidance document, it is expected that NIST's final report will serve as the basis for the eventual adoption of mandatory cyber security requirements for the nation's electric infrastructure. Any recommendations in the NIST Smart Grid cyber security report are therefore likely to affect significantly the design, planning, development, deployment and implementation of Smart Grid technology and systems. For example, the following may occur:
Developers and vendors of Smart Grid technology and equipment—including energy management software applications, smart meters and distribution grid management systems—may be required to ensure that their products satisfy NIST's cyber security recommendations.
Electric utilities planning or already engaged in Smart Grid deployment could experience increased equipment and technology costs, decreased flexibility in the design of their individual Smart Grid systems, and the premature obsolescence of equipment and infrastructure that has already been deployed (resulting in substantial stranded investment and infrastructure replacement costs).
NIST's complete draft report is available here . Comments on the draft report are due June 2, 2010.
The McDermott Difference
If you have any questions or would like to discuss the various issues and recommendations covered in the second draft of NIST's Smart Grid Cyber Security Strategy and Requirements report, please contact a member of McDermott's telecommunications practice . We would be pleased to assist you in assessing the potential impact of NIST's report on your company's operations and in preparing any comments you may wish to file apprising NIST of your views.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
