Showing posts with label ami. Show all posts
Showing posts with label ami. Show all posts

Thursday, December 5, 2013

Beroset on AMI and Smart Meter Security Considerations - Late 2013

Ed Beroset is the Director of Technology and Standards at one of the main smart meter making companies, Elster, and I've had the good fortune of meeting him on several occasions when both had speaking duties at grid security conferences. In this case, tech director also = security strategist and spokesman.

Recently, as I've started to prepare myself for work with Greentech Media's Grid Edge council, I wanted to check up on the current state of security thinking around AMI and smart meters.

Lo and behold, here's Ed who just put it down in pixels with 3 questions to ask yourself, along the lines of what are you protecting and why, and 7 to ask your vendors.  In the latter category, I particularly like #1 and the advice that follows:
What security measures does your system employ? 
Don’t settle for vague or imprecise answers to this question. Any reputable vendor will be able to give you a clear and detailed answer. Furthermore, don’t accept the excuse that the security measures are proprietary and top secret. As any security expert can attest, in modern systems, it is not a secret algorithm, but a secret key, that ensures security.
This may be more advanced than your typical energy sector start-up is ready for or need be ready for, but it's a good example of the types of scrutiny mature product suppliers like Elster have come to expect as a matter of doing business with increasingly security-aware customers.

You can read the full article HERE.

Posted by at 9:10 AM
Labels: , , ,

Thursday, January 31, 2013

Electric Sector Security Observations from Distributech 2013

The show is over for me as I'm up in LA for some IBM training, but it was a very good 2 days. Here's a few of the highlights I took away:

  • Saw a great new product with immediate applicability to AMI (and other wireless network) security with crossover applications in restoration, routing and reliability
  • Patrica Hoffman, DOE's Assistant Secretary for the Office of Electricity Delivery and Energy Reliability (OE), following great, largely renewable-energy oriented keynotes from senior executives at SDG&E and Cal ISO, gave her perspective on the world and beat a drum loudly for improved cybersecurity awareness and action towards the end of her talk
  • Speaking of DOE, after visiting several security vendor booths found a remote outpost DOE cybersecurity booth in the far corner of the big hall. Those folks seemed glad to have any human contact :)
  • One industry security guru whose knowledge I implicitly trust said he would like to see a greater emphasis on security architectures this year. Too many point products are being bought and strung together with little consideration for the bigger, enterprise protection picture. And that's a recipe for weakness and inefficiency, and for the folks recommending or doing the buying, a formula for losing credibility and trust
  • I couldn't make the conference's security focus panel but if someone did and has some impressions to share, please do and I'll post them here.
  • Lastly, from my extended family at IBM flown in from all over the world, definitely detecting heightened security awareness and interest from utilities that until recently weren't all that active.
For those still in town and/or next time you're in town, highly recommend the new Blind Burro restaurant ... ate their twice and it's fantastic. So far, scores a ridiculously high 4.5 our of 5 stars on Yelp. Mmmm tasty.
Posted by at 11:45 AM
Labels: , , ,

Wednesday, March 21, 2012

Webcast Alert: NESCO on PKI for AMI, Smart Grid and ICS Networks

For those unfamiliar, NESCO = National Electric Sector Cybersecurity Organization (NESCO). And NESCO is running an upcoming webinar on Public Key Infrastructure (PKI) in the context of modernized (and modernizing) grid systems and networks, including control systems.

Here are the details you need:
  • When: Tuesday, March 27, 2012 at 10:00 AM - 11:00 AM ET
  • Link to Register: Click HERE
  • Associated NESCO PKI white paper is HERE
For more about NESCO, including how to get involved, click HERE

I'm getting a little tired of these all-capital HERE links, but let's do one more before calling it a night:

Click HERE to find out how New England fans feel about Tim Tebow joining the Jets today.
Posted by at 11:33 PM
Labels: , , , ,

Monday, March 5, 2012

Balu Ambody on Smart Grid Security Gains at IBM's 2012 Pulse Conference


I'm still back in unusually warm Boston, about to head to Houston to join a cybersecurity panel at CERAWEEK on Wednesday.

But want you to know that a smart guy I've shared the stage with before, AMI vendor Sensus' Director of Information Security Balu Ambody, will be giving a talk on Smart Grid Security at the MGM Grand tomorrow.

It's part of IBM's huge annual "Pulse" conference, and if you happen to be there, you can bee-line it to his session armed with the following info:
  • Session ID: BSI-1714
  • Title: "Smart Grid Security" 
  • Day/Time: Tuesday 3/6/12 at 14:00-15:00 Pacific Time
  • Venue: MGM Grand Conference Center, Room 306
  • Abstract: An introduction to smart grid security challenges, followed by a discussion of Sensus' use of IBM's security solutions to enhance the security of their smart meters and smart meter management system
Photo credit: Kevin Hutchinson on Flickr.com
Posted by at 1:22 PM
Labels: , , ,

Tuesday, October 4, 2011

Covering the 3rd Smart Grid Security Summit


Have iPad with Twitter app loaded: will travel. When I'm not tripping over words as a moderator or panelist over the next two days, I'll try to give you a feel for who's saying what here in San Diego.

I came in late today and caught the tail end of the privacy workshop. Then onto a social gathering sponsored by the Canadian Consulate in a so-called Tiki room (see reference image above - conference attendees, you decide), where we got a little more privacy, courtesy of the Ontario Information and Privacy Commission. Other workshops today covered advanced AMI security and security testing.

All good stuff, and ready to dig into security topics tomorrow. For Twitter followers, will use #smartgrid #security and #sgssummit. And once again, here's the conference site.

Photo credit: http://www.nuthousepunks.com/blog/
Posted by at 12:29 AM
Labels: , , , , ,

Monday, September 14, 2009

Smart Grid an Unexpected Boon to Telco's

It was good to read, the other day, about the integration of yet another group of players into the Smart Grid universe: The Telco's. I had bumped into a very interesting article on the mixing of Power and Communication networks at Telephony Online. As the Internet was developing, the shining lights who were attempting to secure the early networks and systems of the Internet age were most often employees of the rapidly growing community of Internet Service Providers, and many were employees of the backbone providers (initially the telco's).


There have been multiple announcements and articles about these new linkages in the past few months, like this announcement from AT&T, this second piece in Telephony Online magazine, and this article about the new FCC interest in Smart Grid/Meter backhaul.

As we talk through the coming culture clash between ordinary IT and Utility IT, it is very reassuring to know that there may soon be pressure building for good security from the IT security experts within the major telco partners for backhaul, billing, equipment provision, etc.

I am hoping that we see these providers demand the same kind of security from the Utility connection partners as they have demanded from their partners on the Internet side of the business. It may provide exactly the linkage we need to have the migration we need begin to move talented people from IT to utilITies.
Posted by at 11:50 PM
Labels: , , , ,
Subscribe to: Posts (Atom)