OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

mqtt message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: [OASIS Issue Tracker] Updated: (MQTT-128) Signifiance of the last sentence of Security doc 5.14 is unclear

     [ http://tools.oasis-open.org/issues/browse/MQTT-128?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter Niblett updated MQTT-128:
-------------------------------

    Proposal: 
Here's a suggested rewording of the two paragraphs. Does this capture their original intention?

The energy provider compares the current and target states to see where it needs to take action: in this case the largest discrepancies are in the "Protect" and "Recover" functions. The framework core in Section 5.1.3  then points  it to some actions that it can take to remedy this situation. In this case it shows that the energy provider should follow the Guidelines for Smart Grid Cyber Security [NISTIR 7628] and the Contingency Planning Guide for Federal Information Systems [NIST SP 800-34].

> Signifiance of the last sentence of Security doc 5.14 is unclear
> ----------------------------------------------------------------
>
>                 Key: MQTT-128
>                 URL: http://tools.oasis-open.org/issues/browse/MQTT-128
>             Project: OASIS Message Queuing Telemetry Transport (MQTT) TC
>          Issue Type: Improvement
>          Components: SecuritySC
>            Reporter: Peter Niblett
>            Priority: Minor
>
> In WD03, Section 5.14 concludes as follows:
> "The gap between the two states indicates actions the energy provider must undertake to achieve the target state. Here, the gap is essentially defined by the "Protect" and "Recover" functions as they bear the largest discrepancies. 
> The energy provider is conscious it requires more efforts to comply with the current version of the Smart Grid Cybersecurity (NISTIR 7628) and NIST SP 800-34 for the reconstitution efforts plan. "
> I understand what the first of these two paragraphs is saying, but I don't understand the second one. 
> - Are the two documents mentioned related to the gaps mentioned in the previous paragraph, or is this something separate? If they are related I think it would help to say so explicitly.
> - What is a "reconstiution efforts path"?

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://tools.oasis-open.org/issues/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]