Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · REGISTER · 2013-10-25 · National Institute of Standards and Technology (NIST), Department of Commerce · Notices

Notices. Notice; request for comments

1,150 words·~5 min read·/register/2013/10/25/2013-25168

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

BILLING CODE 3510-DR-P DEPARTMENT OF COMMERCE National Institute of Standards and Technology [Docket No. 130612544-3544-01] Request for Comments on Draft NIST Interagency Report (NISTIR) 7628 Rev. 1, Guidelines for Smart Grid Cyber Security AGENCY: National Institute of Standards and Technology (NIST), Department of Commerce. ACTION: Notice; request for comments. SUMMARY: The National Institute of Standards and Technology
(NIST)seeks comments on draft NISTIR 7628 Rev. 1, *Guidelines for Smart Grid Cyber Security.* Draft NISTIR 7628 Rev. 1 was completed by the NIST-led Smart Grid Cybersecurity Committee (formerly the Cyber Security Working Group) of the Smart Grid Interoperability Panel. The document has been updated to address changes in technologies and implementations since the release of NISTIR 7628 in September 2010. In addition, the document development strategy, cryptography and key management, privacy, vulnerability classes, research and development topics, standards review, and key power system use cases have been updated and expanded to reflect changes in the Smart Grid environment since 2010. The final version is expected to be posted in the fall of 2013. DATES: Comments must be received by December 24, 2013. ADDRESSES: Please submit your comments, using the comment template forms available electronically from the NIST Web site at: *http://csrc.nist.gov/publications/PubsDrafts.html.* Written comments concerning the document may be sent to: Information Technology Laboratory, ATTN: Tanya Brewer, National Institute of Standards and Technology, 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930. Electronic comments should be sent to: *NISTIR.7628.Rev1@nist.gov,* with the Subject line: Draft NISTIR 7628 Rev. 1 Comments. Draft NISTIR 7628 Rev. 1, Guidelines for Smart Grid Cyber Security, is available electronically from the NIST Web site at: * http://csrc.nist.gov/publications/PubsDrafts.html.* The comment templates are available at the same address. FOR FURTHER INFORMATION CONTACT: Tanya Brewer, telephone: 301-975-4534, National Institute of Standards and Technology, 100 Bureau Drive, Stop 8930, Gaithersburg, MD 20899-8930 or via email: *tanya.brewer@nist.gov.* SUPPLEMENTARY INFORMATION: Background Section 1305 of the Energy Independence and Security Act of 2007
(EISA)(Pub. L. 110-140) requires the Director of the National Institute of Standards and Technology
(NIST)“to coordinate the development of a framework that includes protocols and model standards for information management to achieve interoperability of smart grid devices and systems.” EISA also specifies in Section 1301 that, “It is the policy of the United States to support the modernization of the Nation's electricity transmission and distribution system to maintain a reliable and secure electricity infrastructure that can meet future demand growth and to achieve each of the following, which together characterize a Smart Grid:
(1)Increased use of digital information and controls technology to improve reliability, security, and efficiency of the electric grid.
(2)Dynamic optimization of grid operations and resources, with full cyber-security. . . .” With the transition to the Smart Grid—the ongoing transformation of the nation's electric system to a two-way flow of electricity and information—the information technology
(IT)and telecommunications infrastructures have become critical to the energy sector infrastructure. NISTIR 7628 was first drafted in 2009 by NIST staff and industry technical experts. NIST published a Request for Comments in the **Federal Register** on October 9, 2009 (74 FR 52183) soliciting comments on the working draft. NIST issued a second Request for Comments on April 13, 2010 (75 FR 18819), which also included a summary disposition of comments received in response to the October 9, 2009 Request for Comments. Comments from both Requests for Comments informed the final version of NISTIR 7628, which was released on September 1, 2010, at *http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628.* NISTIR 7628 has been utilized by a variety of stakeholders including utilities, Smart Grid vendors and service providers, and regulatory organizations since its initial publication. Additionally, emerging Smart Grid technologies have matured since the initial publication and are being considered in this revision. Draft NISTIR 7628 Rev. 1 Draft NISTIR 7628 Rev. 1 was completed by the NIST-led Smart Grid Cybersecurity Committee (formerly the Cyber Security Working Group) of the Smart Grid Interoperability Panel. This document incorporates updates to address changes in technologies and implementations since the release of NISTIR 7628 in September 2010. In addition, this document updates and expands the development strategy, cryptography and key management, privacy, vulnerability classes, research and development topics, standards review, and key power system use cases to reflect changes in the Smart Grid environment since 2010. The final version is expected to be posted in the fall of 2013. Summary of Changes to Draft NISTIR 7628 Rev. 1 • Chapter 1, Document Development Strategy, was updated to reflect progress and completion of previously outstanding issues and remaining tasks, including a new section addressing cyber-physical attacks. • Chapter 2, Logical Architecture and Interfaces of the Smart Grid, was updated to address feedback from the SGIP Smart Grid Architecture Committee and includes an expanded section on defense-in-depth security. • Chapter 3, High-Level Security Requirements, was updated to include additional background information on selection of security requirements, and includes a revised Crosswalk of Cyber Security Documents. • Chapter 4, Cryptography and Key Management, was updated to reflect the recommended transition lifetimes for cryptographic algorithms and key lengths in NIST Special Publication 800-131 A, *Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths.* • Chapter 5, Privacy and the Smart Grid, has been updated to reflect changes in the regulatory and legislative areas regarding Smart Grid. The update also addresses emerging Plug-In Electric Vehicle
(PEV)technologies and associated privacy concerns, an expanded Appendix of privacy use cases, a new Appendix summarizing how two states (California and Colorado) arrived at their respective privacy-related regulations, and a new Appendix containing recommendations for how third parties should handle consumer energy usage data. • Chapter 6, Vulnerability Classes, has been updated to incorporate changes in technologies since the original publication. • Chapter 8, Research and Development Themes for Cyber Security in the Smart Grid, has been updated to incorporate changes in technologies since the original publication. • Chapter 9, Overview of the Standards Review, has been updated to reflect the SGCC review and analysis methodology of Smart Grid standards against the high-level security requirements of NISTIR 7628. • Chapter 10, Key Power System Use Cases for Security Requirements has been updated to include more granular use case scenarios in the area of the Advanced Metering Infrastructure. • A number of editorial changes that do not have substantive impact on the document to improve readability, update references, and standardize writing style. Request for Comments NIST seeks public comments on draft NISTIR 7628, Rev. 1, Guidelines for Smart Grid Cyber Security; particularly on the changes made since the originally published version. The draft report is available electronically from the NIST Web site at: *http://csrc.nist.gov/publications/PubsDrafts.html.* The comment templates are available at the same address, and are required for both written and electronic comments. Interested parties should submit comments in accordance with the DATES and ADDRESSES sections of this notice. Dated: October 1, 2013. Willie E. May, Associate Director for Laboratory Programs. [FR Doc. 2013-25168 Filed 10-24-13; 8:45 am]
Connections1 off-index
1 reference not yet in our index
  • Pub. L. 110-140
Citation graph
cites case law
Notices
Notice; request for comments
Pub. L.Pub. L. 110-140
Cites 1Cited by 0 across 0 sources
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.