Owner of the document requires that the content be not remodified or redistributed.
Share |

Securing Power Utilities: Why standards aren't enough for automation security
Jim Krachenfels and Eric Byers

NERC's CIP (Critical Infrastructure Protection) standards aim to protect the reliability of the bulk electric system, but the requirements have been open to interpretation, and focuses on complaince rather than effectiveness. Organizations have been concerned about fines for trivial issues, and having to file a lot of questionable documentation, rather than focusing on effective security measures. This article takes a look at NERC CIP and other standards, and examines "Defense in Depth (DiD) - multiple layers of defense distributed throughout the control network - as a strategy for securing operations.

Document Type:
Magazine Articles
Electricity Today Magazine