Skip to Main Content
Cybersecurity is an important but usually not adequately addressed area in the smart grid. Its standardization is also relatively immature. The NISTIR 7628 seems to be a comprehensive document for security designers/practitioners in smart grid research and practice. However, the NISTIR 7628 security framework might still be insufficient to specify the requirements of a secure smart grid system. More specifically, the EV charging infrastructure is used to study the effectiveness of the NISTIR 7628 framework in specifying security criteria, and the resulting security assurance. Two weaknesses, one in addressing node or device authentication and the other in location privacy of EV owners, are found for a system satisfying all the security requirements stipulated by the NISTIR 7628, thus illustrating the subtlety of applying the NISTIR 7628.