Skip to Main Content
Smart grid standards initiatives aim to coordinate the development of protocols and model standards for interoperability. The smart grid derives its functionality from several existing technologies and standards. At issue is that most of these base standards were developed for specific functionality and security was added later. As such, most standards do not have a unified and comprehensive approach to security, which results in security gaps in these standards. In this paper, we investigate common security issues in smart grid standards that employ communication protocols and the common causes for these issues. We then propose security considerations for developing these standards; to address them, we develop guidelines for drafting security into smart grid standards either when they are updated or when new standards are developed. We draw examples from the ZigBee Smart Energy Profile standard for security requirements, objectives, and to make recommendations for designing security in similar standards. We finally present a retrospective discussion of how following our recommendations would have improved the ZigBee Smart Energy Profile standard by including security in a unified and comprehensive way.