Security Architecture Methodology for the Electric Sector, Version 2.0 (co-author)

At present, there is no common security architecture methodology used throughout the utility industry. Several architecture frameworks are available, and each includes unique terms and definitions. In general, these frameworks are intended for use in developing an enterprise architecture and not specifically a cyber security architecture.

Typically, an enterprise architecture does not address cyber security, specifically the overall attack surface, attack vectors, potential vulnerabilities, and applicable mitigation strategies. The challenge is to develop a security architecture methodology that augments, rather than replaces, current enterprise architecture methodologies and is at a level that is useful to utilities. This report includes the second version of a cyber security architecture methodology that may be used by utilities for existing and planned system architectures. This report applies the methodology to distribution and transmission substations and includes reference architectures for legacy, transition, and future/target configurations. A reference cyber security architecture may be used in evaluating the current system configuration and defining transition and target configurations.