Electric Power Research Institute About Us
The Institute
Office Locations

2016 Corporate Social Responsibility Report

EPRI completed a full corporate social responsibility assessment in 2015 culminating in release of its first Corporate Social Responsibility report. The report (and companion video) provides a comprehensive look at EPRI's social responsibility culture and actions around four focus areas: community, employees, operations, and research.

Our Work Events Newsroom Careers EPRI Journal

Product Abstract

Cyber Security Architecture Methodology for the Electric Sector

Product ID:3002005942
Date Published:31-Dec-2015
Sector Name:Power Delivery & Utilization - Distribution & Utilization
Document Type:Technical Results
Price:No Charge

This Product is publicly available

View Executive Summary      1.83 MB - Adobe PDF (.pdf)


Currently, the nation’s power system consists of both legacy and next-generation technologies. This includes devices that may be 30–50 years old, include no cyber security controls, and implement proprietary communication protocols and applications. Many of these legacy devices have significant computing and performance constraints that limit the cyber security controls that may be implemented. In contrast, the new technology may include modern information technology (IT) devices with commercially available applications and communication protocols. The new operations technology (OT) devices may also include commercially available applications and communications.

With this change in technology, utilities are exploring methods to better address the cyber security requirements. This includes prioritizing the systems, performing a cyber security risk assessment, and determining the impacts of a cyber security compromise. These activities are part of a cyber security strategy.

Another component of the cyber security strategy is a cyber security architecture. Currently, utilities have enterprise architecture diagrams, but they have not typically developed a security architecture.

This report includes a methodology for developing a security architecture that leverages existing architecture methodologies.

2015 Program 183   Cyber Security and Privacy
  • Security Vulnerabilities
  • Cyber security
  • Security architecture
  • Attack Surface

For further information about EPRI, call the EPRI Customer Assistance Center at (800) 313-3774 or email askepri@epri.com

 Having Trouble Downloading?

Internet Explorer Information Bar

If using Internet Explorer the browser automatically blocks downloads by default, instead displaying an "Information Bar" at the top or bottom of the page.

Click "Download File" on Information Bar if using Internet Explorer 8 or older. If using version 9, click “Save” button on Information Bar and then select “Open” once downloaded.

Pop-up blocker software

You can hold down the CTRL key when selecting Download to bypass your pop-up blocker.

You may also configure your pop-up blocker to allow EPRI.com to open new windows.

Recommended Software

EPRI recommends using the latest version of Adobe Reader for best performance.

 Support Services

EPRI Customer Assistance Center (CAC):
800-313-3774 or 650-855-2121 Option 4

Hours of Operation:
8:00 AM - 6:00 PM Eastern Time (GMT-5)

Order and Conference Center:
800-313-3774 or 650-855-2121 Option 2