Version 1 of the NIST Cybersecurity Requirements for the Smart Grid was released by the standard organization this week. While the document is still listed as a draft, it represents on the most comprehensive analysis of smart grid security available today. The document is available for download here:

The document is offered in three volumes. Volume 1 provides an overview of the effort and discusses high level security architecture concepts and data privacy issues. Volume 2 could be consider the "meat" of the effort, listing 25 security requirements and also evaluating cryptography and key management, a significant issue for utilities deploying millions of smart network devices. Volume 3 concludes the document with a listing of some of the vulnerability cases considered, a "bottom up" analysis of the smart grid to date and key use cases in the power system space. All told, the document is nearly 400 pages. UTC will provide a detailed summary for members, as well as an impact analysis.