Hello Chris,

Similar to your post, Katie Fehrenbacher, has written the article "Smart Grid: Spotlight on Security," on earth2tech.com, saying that "The security of the smart grid is going under the microscope this week. As Patricia Hoffman, the acting assistant secretary for the Department of Energy's Office of Electricity Delivery and Energy Reliability said in a testimonial last week, the DOE may refuse to hand out smart grid stimulus funds to an otherwise promising project if that applicant can't prove that the project has addressed cyber security concerns."

In a comment under Katie's article I added a robust way to handle the cyber security issue that is more resilient, as follows:
The real security problems perceived on the highly complex end-to-end Smart Grid are due to trying to make additional incremental extensions to the obsolete Investor Owned Utilities Architecture Framework, which has a non-trivial architecting flaw that was introduced with the Energy Policy Act of 1992. That problem should not be solved by regulation alone.

The highly complex emergent whole end-to end system has already been divided into two systems, by restructuring it into a simplified strong regulated service system and a smart open market business system that mutually reinforce each other.

The first system is an integrated (T&D) transportation only utility, that will follow regulation as usual will "have to prove security to get the funds."

The second system, which owns the meter and becomes a one stop provider to customers, should prove security in the competitive marketplace, under an architecture competition [such as the Silicon Valley Model].

Please read the following EWPC post "On Cyber Spies Threats: Keep Public Wires Regulation and go for Energy Markets" at http://www.energyblogs.com/ewpc/index.cfm/2009/4/2...