Security Profile for Advanced Metering Infrastructure - Open Smart ...
Security Profile for Advanced Metering Infrastructure - Open Smart ...
Security Profile for Advanced Metering Infrastructure - Open Smart ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
DHS-2.8.2 Management Port Partitioning<br />
DHS-2.8.2.1 Requirement:<br />
AMI components must isolate telemetry/data acquisition services from management<br />
services.<br />
DHS-2.8.2.2 Supplemental Guidance:<br />
Separation may be accomplished by using different computers, different central<br />
processing units, different instances of the operating systems, different network addresses<br />
or protocol ports (e.g., TCP ports), combinations of these methods, or other methods as<br />
appropriate. Such precautions reduce the risk of allowing access to a data acquisition<br />
server and can help limit the damage of a compromised system.<br />
Configuration and testing ports <strong>for</strong> AMI components should be disabled when not in use.<br />
Depending on the criticality of the system it may be advised that a device be physically<br />
disconnected.<br />
Such precautions reduce the risk of allowing access to a data acquisition server and can<br />
help limit the damage of a compromised system. Configuration and testing ports <strong>for</strong> AMI<br />
components should be disabled when not in use.<br />
Depending on the criticality of the system it may be advised that a device be physically<br />
disconnected.<br />
DHS-2.8.2.3 Requirement Enhancements:<br />
The AMI system management service must be physically or logically separated from<br />
telemetry/data acquisition services and in<strong>for</strong>mation storage and management services<br />
(e.g., database management) of the system.<br />
DHS-2.8.2.4 Rationale:<br />
The security requirements <strong>for</strong> access to configuration/management services on a given<br />
AMI component are greater than those required <strong>for</strong> access to telemetry/data acquisition<br />
services. Without isolation, the communication channel <strong>for</strong> access to the telemetry/data<br />
acquisition services has the potential to be leveraged to gain access to the management<br />
services. This leveraging can occur through a vulnerability in implementation, poor<br />
configuration, or other means. Ensuring separation between services limits the impact of<br />
a vulnerability in a service with lower security requirements being leveraged to access a<br />
service with higher security requirements.<br />
DHS-2.8.3 <strong>Security</strong> Function Isolation<br />
DHS-2.8.3.1 Requirement:<br />
AMI components must isolate security functions from non-security functions.<br />
<strong>Security</strong> <strong>Profile</strong> <strong>for</strong> <strong>Advanced</strong> <strong>Metering</strong> <strong>Infrastructure</strong> Version 1.0<br />
UtiliSec Working Group (UCAIug) December 10, 2009<br />
25