Title :
Cyber vulnerability disclosure policies for the smart grid
Author :
Hahn, A. ; Govindarasu, M.
Author_Institution :
Dept. of Electr. & Comput. Eng., Iowa State Univ., Ames, IA, USA
Abstract :
As smart grid technologies become more widely deployed, an increasing number of cyber vulnerabilities will be found throughout the supporting systems. While the traditional IT industry has a long history of dealing with vulnerability disclosures, however, recent discoveries within control system software have shown the power industry still lacks sufficient polices and approaches. This paper introduces current vulnerability disclosure methods, including full disclosure, limited disclosure, and non-disclosure. It then provides a comparison of disclosure policies by both vendors and disclosure coordinators. Finally, it addresses industry specific characteristics which may impact domain-specific disclosure policies and identifies requirements for improving disclosure methods.
Keywords :
electricity supply industry; power system control; smart power grids; control system software; current vulnerability disclosure; cyber vulnerability disclosure policy; disclosure coordinators; domain-specific disclosure policy; power industry; smart grid; traditional IT industry; Computer security; Control systems; Electronic mail; Google; Industries; Software;
Conference_Titel :
Power and Energy Society General Meeting, 2012 IEEE
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4673-2727-5
Electronic_ISBN :
1944-9925
DOI :
10.1109/PESGM.2012.6345603
