Earth2tech, as usual, does a great job of
reducing complexity into consumable pieces. In this case, the subject is the new NIST Smart Grid standards draft released today (
PDF here). Far from appearing as an afterthought or not at all, Cyber Security issues are front and center in the executive summary and are described in some detail on pages 71-79 of the document. Also significant is that control system security, which some feel is getting short shrift in this process, is given substantial attention and weighting, with a list of applicable security-related standards on page 79.
As the diagram above illustrates, however, complexity itself may ultimately become the biggest security challenge. The best human minds, augmented with the most sophisticated tools, will have a monumental task keeping track of the myriad threat vectors and security controls deployed to defend against them. As one of the GridWeek conference panelists said on Tuesday, acknowledging complexity's potential risks, "we hope that we can move towards simplicity at some time in the future." Yeah, that'll be easy.
Diagram: NIST
