Tuesday, September 22, 2009

DIACAP a Good Fit for DOD Smart Grid Security?

... and if so, is it being used in the field as DOD rolls out its first few Smart Grid and micro grid pilots, and if so by whom?

The DOD refers to much of cyber security as Information Assurance (IA). And thes primary policy document that instructs the services on which IA controls to implement and how to get their security program right is called the DOD Information Assurance Certification and Accreditation Program, or DIACAP. Here's a short Wikipedia DIACAP summary for you. While great work is being done at NIST and elsewhere right now on Smart Grid security standards, DIACAP seems like a logical starting point for securing Smart Grid devices and systems at DOD facilities.

So far I've received no answers to this question from folks I thought would know in the Department. I've heard security minded folks in the energy industry reference DOD practices as inspiration for some of their cyber security strategies, but have yet to connect the dots. I like to connect dots, so this is a point of frustration.

No comments: