High Level Requirements Scope Statement (2).doc

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

UCA International User’s Group OpenSG SG Conformity Working Group Security Conformance Task Force High Level Requirements Task Group

Scope Statement and Estimated Schedule

The High Level Requirements Task Group has been formed under the UCAIug OpenSG SG Conformity Security Conformance Task Force. This document defines the scope of work for this task group and estimated schedule of tasks.

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Page 1 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

1. Table of Contents 1.

TABLE OF CONTENTS......................................................................................................................................2

2.

CHANGE RECORD...........................................................................................................................................3

3.

TASK GROUP DESCRIPTION........................................................................................................................4 A. B. C. D. E. F. G.

4.

SCHEDULE ESTIMATES.................................................................................................................................6 A. B.

5.

ESTIMATED SCHEDULE......................................................................................................................................6 RESOURCE REQUIREMENTS – TEAM AND SUPPORT RESOURCES......................................................................6 CONTROLS........................................................................................................................................................7

A. B. C. D. E.

6.

SCOPE................................................................................................................................................................4 COMPLETION CRITERIA.....................................................................................................................................4 CONSTRAINTS....................................................................................................................................................4 DEPENDENCIES..................................................................................................................................................4 ASSUMPTIONS...................................................................................................................................................4 CRITICAL SUCCESS FACTORS............................................................................................................................4 ROLES AND STAKEHOLDERS.............................................................................................................................4

TASK GROUP MEETINGS...................................................................................................................................7 STATUS REPORTS...............................................................................................................................................7 ISSUE MANAGEMENT........................................................................................................................................7 CHANGE MANAGEMENT...................................................................................................................................7 COMMUNICATION MANAGEMENT.....................................................................................................................7 Authorizations.......................................................................................................................................................9

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Page 2 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

2. Change Record Date

02/18/10

Author Jon Stitzel

OpenSG Conformance Task Force Security Conformity Working Group

Version 0.1

Change Reference Initial draft

High Level Requirements Scope Document v0.1

Page 3 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

3. Task Group Description The High Level Requirements Task Group has been formed to ascertain the overall requirements for cyber security conformity for Smart Grid devices.

a. Scope The High Level Requirements Task Group shall be restricted to providing a specific list of requirements for testing technical cyber security conformance with existing or developing cyber security standards, in relation to OpenSG Smart Grid standards efforts. Although the efforts of the High Level Requirements Task Group will be in cooperation with other UCA Technical Committees, OpenSG Working Groups, and coordinated with the SG Conformity Working Group and subsequent Task Forces; this Task Group will give no influence to operational or interoperability standards, or standards being developed outside the OpenSG umbrella.

b. Completion Criteria This task group will consider security conformity requirements for the following aspects of the Smart Grid, at a minimum: 



Operating Systems  Windows  Unix flavors  Linux Security Mechanisms  Authentication  Authorization  Audit and Logging  Cryptographic Implementation and Configuration  Error Handling  Anti-Replay  Anti-Malware  Intrusion Detection



c. Constraints This task group will operate under the auspices of the Security Conformance Task Force and will comply with the scope and charter of that group.

d. Dependencies This task group has no external dependencies at this time.

e. Roles and Stakeholders Roles

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Page 4 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group The following role definitions are being applied to the volunteers assigned to this task group: Chair

Team Member

Provides guidance for task group activities, coordinates with other task groups as appropriate, and communicates task group activities to task force chair. Works with Chair to accomplish the goals of the task group within the stated scope.

Stakeholders Name

Role Chair Team Member

Jon Stitzel

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Page 5 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

4. Schedule Estimates a. Estimated Schedule Key milestones relative to task group formation are as follows: Task Group Milestones Create Task Group Approval of Scope Document and Schedule First Draft of Requirements Document Comments Due for First Draft Second Draft of Requirements Document Comments Due for Second Draft Final Draft of Requirements Document Review and Approval by Conformance Task Force

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Target Date 02/12/2010 02/26/2010 03/19/2010 03/26/2010 04/09/2010 04/16/2010 04/23/2010 04/30/2010

Page 6 of 7

UCA International Users Group SG Conformity Security Conformance High Level Requirements Task Group

5. Controls In order to facilitate the efficient and timely completion of this Task Group’s efforts, the following functions shall be performed as stipulated.

a. Task Group Meetings The High Level Requirements Task Group shall convene at least weekly for the duration of the project, or until instructed to disband by the OpenSG Security Conformance Task Force Chair. The Task Group chair shall preside over these weekly meetings, receive updates as necessary from team members, and ensure all tasks are performed in a timely manner.

b. Status Reports The Chair of the High Level Requirements Task Group shall provide status reports at least weekly to the Chair of the OpenSG Security Conformance Task Force. These status reports will include progress updates, scheduling changes, and estimated completion dates for specific tasks.

c. Change Management Modifications to the High Level Requirements Document shall be tracked to ensure accurate version control. Comments on draft versions of the document should be posted on the OpenSG Security Conformance website for response. All officially released draft versions of the High Level Cyber Security Requirements Document shall be annotated in said document and include the date of release, version number, primary author, and a brief description of major changes from the previous version.

d. Communication Management All formal and draft copies of working documents shall be made available on the OpenSG SharePoint website for team comment.

OpenSG Conformance Task Force Security Conformity Working Group

High Level Requirements Scope Document v0.1

Page 7 of 7