The OSGP Alliance (www.osgp.org), an independent, global, not-for-profit association comprised of prominent utilities, systems integrators, service providers as well as smart grid equipment and software product developers, has announced that it is preparing an update to the Open Smart Grid Protocol (OSGP) specifications to add additional security features to the existing security architecture currently defined in the specifications.
The OSGP Alliance undertakes this security update because the alliance understands that the systems built with the OSGP specifications are an important, vital asset for a utility, and also often an essential element for national security. The overall security of a utility is an evolving and dynamic process just as it is for all types of systems deployed for governments, financial institutions and the like, and this planned security update will ensure that the OSGP specifications, and the systems built upon them, will be many years ahead of theoretical threats.
The alliance’s work on this security update is motivated by the latest recommended international cybersecurity practices, and will enhance both the primitives used for encryption and authentication as well as the key length, usage, and update rules and mechanisms. It is important to note that there have not been any reported security breaches of any deployed smart metering or smart grid system built with the current OSGP specifications, and that systems built with these specifications include a comprehensive multi-layer security system that has always been mandatory.
The OSGP Alliance will make a further public announcement about these planned updates to the OSGP specifications in late summer 2015, and will be engaging with various standards-developing organizations, including CENELEC (www.cenelec.eu) and ETSI (www.etsi.org), with proposals to incorporate these planned updates for the benefit of the grid modernization community and all stakeholders.
For more information:
Secretary of OSGP Alliance,
Eemail address: firstname.lastname@example.org.