Approach
The approach used to develop this security profile is shown in Error: Reference source not found and summarized as follows
Functional analysis: research existing and planned DM systems, define the profile's scope, define abstract roles and use cases describing the functionality representative of DM systems, and validate the functional analysis by mapping the roles and use cases against real world examples. This step is elaborated and the results are presented in Section .
Failure analysis: define broad security and operational objectives that should be achieved by DM systems complying with the security profile and analyze the roles and use cases to determine the types of failures that could jeopardize achievement of the security objectives. This step is elaborated and the results are presented in Section .
Control definition and assignment: define the security controls required for DM systems to achieve the security objectives and identify the controls that each role must implement. This step is elaborated and the results are presented in Section .
Control validation: perform a cross check to determine that all failures are addressed and that all controls are necessary. The controls and failures presented in this document represent the results of this refinement and validation.
Figure – Overview of Security Profile Development Approach
As shown in Figure , each step in the approach builds on the results of the preceding steps.
Audience
The primary audiences of this document are organizations that are developing or implementing solutions requiring or providing automated distribution management functionality. This document is written at the normal level of utility security experience for system owners, system implementers, and security engineers. The user is assumed to be experienced at information asset risk estimation. The user is further assumed to be knowledgeable in applying security requirements and guidance. A utility much evaluate the controls, as well as balancing the cost of security against the operational impact and possibility of an operational impact.
How This Document Should Be Used
This profile presents the superset of controls that should be implemented by DM components and systems. This section discusses how the document should be used by various stakeholders. The document is designed to be used in whole or in-part. The profile development approach guides the reader through the process developed by the ASAP-SG team for determining controls required for given failures (impacts) for roles and the functionality they implement (use cases), thereby providing traceability and justification for each of the controls selected.
Electric Utility
The utility may use this document to help achieve several security objectives for their organization through activities such as:
developing security requirements for DM procurement activities
configuring and operating a DM system
evaluating planned or deployed DM architectures (see Appendix B: for more information)
In some cases, a utility will not make use of all functionality described in the included use cases, which may obviate the requirements for certain controls. The tables within the document can be used to determine security controls needed for a utility’s environment and provide traceability and justification for the design requirements and control selection. In other cases, an organization may identify an alternative (mitigating) control that makes a required control unnecessary, but the utility should be sure it addresses all the same failures and perform a risk analysis to confirm the adequacy of the alternative control.
DM Vendors
Vendors may use this document to incorporate security controls needed for the development of DM products and solutions. This document provides enough requirement detail to allow a vendor to begin design activities, but avoids prescription that would thwart innovation or drive toward specific implementations. The reference architecture and use cases offer tools for understanding DM applications in an abstract sense.
|
