Announcements

All news

Southern Company, Sensus and Wurldtech Cooperation

February 14, 2011

The Wurldtech team is pleased to have an exciting important announcement today jointly with Southern Company, Sensus and Wurldtech.

Today, we're pleased to announce that this truly functional industry cooperation has resulted in another major advancement with Sensus announcing that they are the first AMI vendor to be awarded the Achilles Practices Certification designation - provided to Vendors who have integrated strong security best practices into their organization and apply them throughout the product life-cycle from product design to commissioning and maintenance.  The Achilles Practices Certification (APC) is based on the international cyber security requirements for vendors set out by the International Instrument Users Association (WIB).  Download your copy here.

  • View today's Press Release here.

You will also recall that in October of last year, Sensus was awarded an Achilles Certified designation for the communications robustness of their Flexnet 2.2 AMI system, joining the likes of industry leaders such as ABB, Honeywell, Emerson, Siemens, Yokogawa, and Invensys.

  • View a complete list of Achilles Certified Products here.
  • View the FlexNet Communications Certification Announcement (October 2010) here

This is yet another success story of private industry working together to deal with the real cyber security challenges facing stakeholders today.  As we continue to work together with our industry partners, we look forward to bringing you more exciting news in the near future and hope that this work provides an example for others to draw from in order to accelerate and optimize all the great efforts around the world to improve the resilience and reliability of Smart Grid infrastructure.

 
 "Securing the smart grid is essential to furthering the adoption of technologies that can help us better serve customers and conserve energy," said Joe Sagona, Information Security Manager for Southern Company.  "We support efforts across the industry to commit the time and resources necessary to define and achieve common standards for security."

 "At its core, Sensus is a technology company that customers respect and trust," said David Ayers, Vice President of Engineering at Sensus.  "The ability to offer internationally certified technology solutions extend that trust by achieving a standard of security embraced by global industry leaders."
   "Sensus has demonstrated impressive foresight in pursuing the Achilles Communication and Practices Certifications and we commend their dedication to continual improvement," said Dr. Nate Kube, Chief Technology Officer of Wurldtech.  "As the smart grid industry looks for ways to improve the security and reliability of AMI formal cyber security benchmarks heavily utilized in other critical infrastructure sectors, such as the Achilles Certifications, can help lead the way."

What Does This Mean For End Users? Are Your AMI Systems Secure? How Do You Know?

Until now, end-users have not had a set of standardized, industry developed and accepted cyber security requirements to communicate expectations to their supply chain and they are still left to sift through the various security "claims" of their vendors' sales team. As cyber threats to emerging smart grid technology continue to increase in both frequency and sophistication, a set of independently verifiable security requirements to validate security best practices of industrial system vendors is more important than ever.  By insisting their suppliers certify the robustness of their industrial automation and control systems and demonstrate that their organization follows security best practices from development through commissioning and maintenance an end user can:

  • Drive improvements into the supply chain and significantly reduce cyber risk exposure at no cost
  • Better communicate expectations to suppliers in procurement and selection phases
  • Be assured that security is being integrated throughout the long life-cycle of their systems

What Does This Mean For Manufacturers? A Better Way To Follow & Demonstrate Cyber Security Best Practices

Although much great work has been done over the past few years to advance the goal of developing common security standards for Advanced Metering Infrastructure, there still is today no common set of benchmarks/best practices from which suppliers can draw to improve the security of their systems.  This leaves the vendor community in the costly position of having to continuously rely on often ambiguous vulnerability assessments performed by consultants that must be performed regularly and never have the same result in order to determine their system's overall resilience.  By now having a common set of  industry-driven requirements for metering system resilience and organizational best practices vendors can:

  • Significantly reduce the costs of third party security counsulting
  • Integrate and reduce cost associated with constant process evergreening
  • Differentiate their products based on achieving an industry recognized benchmark for cyber security