security profile for openadr - Open Smart Grid - OpenSG - UCA ...

More documents

Recommendations

Info

2 176 Functional Analysis 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 The purpose of the functional analysis is to define a clear picture of the scope, architecture, and functionality of Open Automated Demand Control (OpenADR) systems, as addressed by this security profile. The implementation of OpenADR system functions varies in terms of function, scope, and technology from among different market and system offerings and deployments. However, this profile approaches the problem by defining a set of abstract roles that capture essential functionality that may be realized through a variety of implementations. This profile defines roles in such a way that the logical architecture and use case functionality may be used to represent a wide variety of real-world implementations. By way of background, the following steps were performed in the functional analysis: 1. Review of the existing documents that define the overall OpenADR process, paradigm, and design (as defined in Appendix E References). 2. Define abstract roles that characterize elements of OpenADR Systems. Roles are neutral to implementation and vendor, and capture the essence of common functionality without the details of particular applications. The resulting roles are presented in Section 2. Their relationships with each other (topologically) are presented in Section 2.1. 3. Define use cases describing how the roles interact to implement OpenADR functionality. The use cases are modular in nature, which allows organizations to determine which use cases are relevant to their deployments. They also capture raw functionality, without the inclusion of security controls, which ensures that no pre-existing security controls are assumed and allows different controls to be applied without bias. The resulting use cases are presented in Section 2.4. SECURITY PROFILE FOR OPENADR Version – 0.02 UCA International Users Group December 15, 2011 16
200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 4. Validate the roles and use cases by ensuring that they are adequate to describe common real-world implementations. The mapping between roles and real world implementations are presented in Section 2.3 (this is presented before the use cases to reinforce the meaning of the roles). The security recommendations found in this document are defined in terms of the logical architecture and its constituent roles, both of which are defined in this section. The logical architecture includes some elements that are outside the scope of this profile; however, each of these elements is important within the context of OpenADR and so are included as context. 2.1 Logical Architecture The roles defined in this profile are abstract or logical roles; that is, each role does not necessarily map one-to-one with an actor, device, or system. It is possible for an actor to implement the functionality of multiple roles. However, it is also possible for the functionality of one role to be implemented by multiple actors. This document focuses on defining the roles, their functionality, and ultimately the security controls each role must implement at this abstract level and leaves the task of mapping roles to specific actors, devices, or systems to those developing or procuring these elements. SECURITY PROFILE FOR OPENADR Figure 3 – Role Interaction Diagram Version – 0.02 UCA International Users Group December 15, 2011 17
Page 1 and 2: SECURITY PROFILE FOR OPENADR SECURI
Page 3 and 4: Executive Summary This document pre
Page 5 and 6: 4.2.9 Controls Mapped to Roles ....
Page 7 and 8: Table of Tables TABLE 1 - CONTROLS:
Page 9 and 10: Authors Bruce Bartell Darren Highfi
Page 11 and 12: 22 23 24 25 26 27 28 29 30 31 32 33
Page 13 and 14: 79 80 81 82 83 84 85 86 87 88 89 90
Page 15: 142 143 144 145 146 147 148 149 150
Page 19 and 20: 243 244 245 246 247 248 249 250 251
Page 21 and 22: 304 305 306 307 308 309 310 311 312
Page 23 and 24: 358 359 360 361 362 363 364 365 366
Page 25 and 26: 412 413 414 415 416 417 418 419 420
Page 27 and 28: 455 456 457 458 459 460 461 462 463
Page 29 and 30: 502 503 504 505 506 507 508 509 510
Page 31 and 32: 541 542 543 544 545 546 547 548 549
Page 33 and 34: 581 582 583 584 585 586 587 588 589
Page 35 and 36: 622 623 624 625 626 627 628 629 630
Page 37 and 38: 665 666 667 668 669 670 671 672 673
Page 39 and 40: 700 701 702 703 704 705 706 707 sd
Page 41 and 42: 731 732 733 734 735 736 737 738 739
Page 43 and 44: 803 804 805 806 807 808 809 810 811
Page 45 and 46: 842 843 844 845 846 847 848 849 850
Page 47 and 48: F8 sends an incorrect type of mess
Page 49 and 50: 859 SF1 DR Resource is physically u
Page 51 and 52: 881 882 883 884 885 886 887 888 889
Page 53 and 54: 955 956 957 958 959 960 961 962 •
Page 55 and 56: 966 967 968 Control Control ID ID I
Page 57 and 58: 973 974 975 4.2.5 Identification &
Page 59 and 60: 981 Control Control ID ID ID Short
Page 61 and 62: 984 985 Control Control ID ID ID Sh
Page 63 and 64: Controlling Control Control ID ID S
Page 65 and 66: 987 988 989 990 991 992 993 994 995
Page 67 and 68:
1022 1023 1024 1025 1026 1027 1028
Page 69 and 70:
1048 1049 1050 1051 1052 NIST IR 76
Page 71 and 72:
NIST NIST IR IR IR 7628 7628 7628 R
Page 73 and 74:
Page 75 and 76:
Page 77 and 78:
1065 1066 SECURITY PROFILE FOR OPEN
Page 79 and 80:
1074 1075 1076 1077 1078 1079 1080
Page 81 and 82:
1104 1105 1106 1107 1108 1109 1110
Page 83 and 84:
1131 1132 1133 1134 1135 1136 1137
Page 85 and 86:
1197 1198 1199 1200 1201 1202 1203
Page 87 and 88:
1265 1266 1267 1268 1269 1270 1271
Page 89 and 90:
1331 1332 1333 1334 1335 1336 1337
Page 91 and 92:
1364 1365 1366 1367 1368 1369 1370
Page 93 and 94:
1420 1421 1422 1423 1424 1425 1426
Page 95 and 96:
1470 1471 1472 1473 1474 1475 1476
Page 97:
1529 1530 1531 1532 1533 1534 suite
show all

security profile for openadr - Open Smart Grid - OpenSG - UCA ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?