NIST Technical Note 2051 Cybersecurity Framework Smart Grid Profile Jeffrey Marron Avi Gopstein Nadya Bartol Valery Feldman This publication is available free of charge from: https://doi.org /10.6028/NIST.TN .2051 NIST Technical Note 2051 Cybersecurity Framework Smart Grid Profile Jeffrey Marron Applied Cybersecurity Division Information Technology Laboratory Avi Gopstein Office of Smart Grid and Cyber- Physical Systems Engineering Laboratory Nadya Bartol Boston Consulting Group Bethesda, MD Valery Feldman HII Mission Driven Innovative Solutions (HII -MDIS) Annapolis Junction, MD This publication is available free of charge from: https://doi.org /10.6028/NIST.TN.2051 July 2019 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Undersecretary of Commerce for Standards and Technology Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards a nd Technology, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose. National Institute of Standards and Technology Technical Note 2051 Natl. Inst. Stand. Technol. Tech. Note 2051, 142 pages ( July 2019) CODEN: NTNOEF This publication is available free of charge from: https://doi.org /10.6028/NIST.TN.2051 NIST TN 2051 CYBERSECURITY FRAMEWORK SMART GRID PROFILE i This publication is available free of charge from: https://doi.org /10.6028/NIST. TN.2051 Abstract The Smart Grid Profile applies risk management strategies from the Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) to the smart grid and will serve as a foundation for refinements to support new grid architectures . The Profile provides cybersecurity risk management guidance to power system owners/operators by prioritizing cybersecurity activities based on their effectiveness in helping power system owners/operators achieve common high- level business objectives for the smart grid. The Profile also provides a list of considerations relevant to the challenges power system owners/operators may experience as they implement these cybersecurity activities in infrastructures with high concentrations of distributed energy resources (DERs). Key words Architecture; business/mission objectives; cybersecurity; Cybersecurity Framework (CSF); distributed energy resource (DER); grid modernization; Pacific Northwest National Laboratory (PNNL); Profile; reliability; resilience; safety; smart grid . NIST TN 2051 CYBERSECURITY FRAMEWORK SMART GRID PROFILE ii This publication is available free of charge from: https://doi.org /10.6028/NIST. TN.2051 Table of Contents Executive Summary ......................................................................................................... 1 Importance of Cybersecurity in the Smart Grid .......................................................... 3 Overview of the Cybersecurity Framework .................................................................. 5 Smart Grid Profile ......................................................................................................... 10 Smart Grid Business/Mission Objectives .................................................................... 12 Future Work .................................................................................................................. 37 References ................................................................................................................