Ecso Detail
# | Reference Id | Detail Txt | Remarks | |
---|---|---|---|---|
1 | 3.3.3 | 3.3.3 IEC 62351 (Power systems management and
associated information exchange – Data and communications security) 3.3.3.1 Focus The scope of the IEC 62351 series is information
security for power system control operations. The primary objective is to
undertake the development of standards for security of the communication
protocols defined by IEC TC 57, specifically the IEC 60870-5 series, the IEC
60870-6 series, the IEC 61850 series, the IEC 61970 series, and the IEC 61968
series.
The figure below presents an overview of IEC 62351 parts, as well as the mapping of IEC 62351 standards to IEC TC 57 communication standards. Figure 1: Overview
of IEC 62351 and mapping to IEC TC 57 communication standards (Source: TC 57 WG
15- January 2017) 3.3.3.2 Associated Evaluation Scheme and
Governance IEC 62351-100-1, currently under development, aims
at specifying common available procedures and definitions for conformance
and/or interoperability testing of the IEC 62351-5, the IEC 608705-7 and their
recommendations over the IEC 62351-3. These are the security extensions for IEC
60870-5 and derivatives. 3.3.3.3 Process Under development. 3.3.3.4 Practice Not known. 3.3.3.5 Relation to other standards / schemes IEC 60870-5 and its derivatives, IEC 60870-6
(TASE.2), and IEC 61850. |
View Edit | |
2 | 3.3.2 | 3.3.2 IEEE C37.240 (Cybersecurity Requirements for Substation
Automation, Protection, and Control Systems) 3.3.2.1 Focus This document provides technical requirements for
substation cybersecurity. It presents sound engineering practices that can be
applied to achieve high levels of cybersecurity of automation, protection, and
control systems independent of voltage class or criticality of cyber assets.
Cybersecurity includes trust and assurance of data in motion, data at rest, and
incident response. These requirements are categorized as follows: •
High level requirements and priorities for
interface categories. •
System communications components. •
Functional Requirements. •
User authentication and authorization. •
Data-in-motion protection. •
Configuration management. •
Security event auditing and analysis/incident
response. •
Security testing. 3.3.2.2 Associated Evaluation Scheme and
Governance There is no official evaluation scheme regarding
this standard. The Institute of Electrical and Electronics
Engineers (IEEE) is a member based organization. Its activities include
developing standards dedicated to advance technology for the benefit of
humanity. 3.3.2.3
Process None. 3.3.2.4 Practice Not publicly
known. 3.3.2.5
Formal Status None. 3.3.2.6 Relation to other standards / schemes Related standards include:
•
IEC 62351-8, Power systems management and associated information exchange—Data
and communications security—Part 8: Role-based access control) |
3.3.2 IEEE C37.240 (Cybersecurity Requirements for Substation Automation, Protection, and Control Systems) | View Edit |
3 | 3.3.1 | 3.3.1 IEEE 1686 (Substation Intelligent Electronic Devices (IEDs) Cyber
Security Capabilities) 3.3.1.1 Focus This standard defines the functions and features to
be provided in intelligent electronic devices (IEDs) to accommodate critical
infrastructure protection programs. Security regarding the access, operation,
configuration, firmware revision and data retrieval from an IED are addressed.
More info: https://standards.ieee.org/findstds/standard/1686-2013.html 3.3.1.2 Associated Evaluation Scheme and
Governance Use of an IEEE standard is wholly voluntary. The
existence of an IEEE standard does not imply that there are no other ways to
produce, test, measure, purchase, market, or provide other goods and services
related to the scope of the IEEE standard. The IEE 1686 standard is sponsored by the IEE PES
Power & Energy Society (http://www.ieeepes.org/) that provides the world's largest forum for
sharing the latest in technological developments in the electric power
industry. NIST (the National Institute of Standards and
Technologies) has been tasked with laying out a plan for the transformation of
the U.S.’s aging energy infrastructure into interoperable Smart Grid. As part
of their task, they’ve put together an open forum for members to collaborate on
standards development called the Smart Grid Interoperability Panel (SGIP). NIST
and the SGIP are selecting a framework of standards which are being used as the
backbone of the new Smart Grid. The IEEE 1686 standard is one of these. 3.3.1.3 Process Not applicable. 3.3.1.4 Practice Not known. 3.3.1.5 Formal Status None. 3.3.1.6 Relation to other standards / schemes This standard is designed to provide the tools and
features for a user to implement an IED security effort in response to NERC CIP
requirements; see section 5.3.3. This standard references: •
IEEE 1711 Trial-use standard for a cryptographic
protocol for cyber security of substation serial links. Other standards that reference this standard: •
IEEE 1815 Electric Power Systems
Communications-Distributed Network Protocol (DNP3). •
ETSI - TR 103 118 Machine-to-machine
communications (M2M); smart energy infrastructures security; review of existing
security measures and convergence investigations. •
IEC/TR 62351-10: Power Systems Management and
Associated Information Exchange – Data and Communications Security – Part 10:
Security Architecture Guidelines.
•
IEC TR 62351-13: Power systems management and
associated information exchange - data and communications security - part 13:
guidelines on security topics to be covered in standards and specifications. |
3.3.1 IEEE 1686 (Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities) | View Edit |