State commissions can select from a toolkit of regulatory approaches to promote desired utility cybersecurity behavior. One approach is to allow the industry to selfregulate, and another approach...
A Voice for Smart-Grid Security
Who will oversee the industry’s cyber standards?
criteria likely would need to be produced by a respected standards development organization such as the IEEE or IEC, and unfortunately this takes time. Some outstanding work already exists by the Software Engineering Institute at Carnegie Mellon in this realm, 5 however it still would need to traverse the standards development process to receive the industry’s blessing.
The utility community will continue driving this work forward. But ultimately it will need a champion that can point to a body of work and authoritatively state which path the industry shall follow. The stage is set and the chorus is carrying the song. With any luck, the eventual leader will be able simply to pick up all the parts and start performing.
4. See citation: http://www.nist.gov/recovery/.
5. Reference: Resiliency Engineering Framework.