Already a subscriber?
MADCAD.com Free Trial
Sign up for a 3 day free trial to explore the MADCAD.com interface, PLUS access the
2009 International Building Code to see how it all works.
If you like to setup a quick demo, let us know at support@madcad.com
or +1 800.798.9296 and we will be happy to schedule a webinar for you.
Security check
Please login to your personal account to use this feature.
Please login to your authorized staff account to use this feature.
Are you sure you want to empty the cart?
PD IEC/TR 62351-12:2016 Power systems management and associated information exchange. Data and communications security - Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems, 2016
- 30333188-VOR.pdf [Go to Page]
- CONTENTS
- FOREWORD
- INTRODUCTION
- 1 Scope
- 2 Normative references
- 3 Terms and definitions
- 4 Abbreviations and acronyms
- 5 DER architectures and DER cyber-physical concepts [Go to Page]
- 5.1 Resiliency challenge for power systems with DER systems
- 5.2 Five-level DER hierarchical architecture
- 5.3 DER system interfaces
- 5.4 Resilience at different DER architectural levels
- 5.5 DER Systems as cyber-physical systems [Go to Page]
- 5.5.1 Protecting cyber-physical DER systems
- 5.5.2 Cyber-physical threats
- 5.5.3 Resilience measures for cyber-physical systems
- 6 Threats, vulnerabilities, and impacts on power system resilience [Go to Page]
- 6.1 Threats – engineering and cyber [Go to Page]
- 6.1.1 Physical and electrical threats – mostly but not entirely inadvertent
- 6.1.2 Cyber threats – inadvertent and deliberate
- 6.2 Vulnerabilities – engineering and cyber vulnerabilities [Go to Page]
- 6.2.1 General
- 6.2.2 Power system vulnerabilities and attacks
- 6.2.3 Cyber security vulnerabilities and attacks
- 6.3 Risk management and mitigation techniques [Go to Page]
- 6.3.1 Risk handling
- 6.3.2 Risk mitigation categories
- 6.4 Impacts on power system resilience [Go to Page]
- 6.4.1 Safety impacts
- 6.4.2 Power outage impacts
- 6.4.3 Power quality impacts
- 6.4.4 Financial impacts
- 6.4.5 Regulatory and legal impacts
- 6.4.6 Environmental impacts
- 6.4.7 Goodwill and other “soft” impacts
- 6.5 DER stakeholders' resilience responsibilities
- 6.6 Resilience Measures for DER systems to counter threats [Go to Page]
- 6.6.1 General IT cyber security approach for DER systems
- 6.6.2 Resilience by engineering designs and operational strategies
- 7 Level 1 DER System resilience recommendations [Go to Page]
- 7.1 General
- 7.2 Level 1 DER system: architecture
- 7.3 Level 1 DER system: vulnerabilities [Go to Page]
- 7.3.1 General
- 7.3.2 Cyber vulnerabilities
- 7.3.3 Engineering design and development vulnerabilities
- 7.3.4 Deployment and operational vulnerabilities
- 7.4 Level 1 DER system: impacts
- 7.5 Level 1 DER system: resilience recommendations [Go to Page]
- 7.5.1 General
- 7.5.2 Manufacturer: DER system design for resilience recommendations
- 7.5.3 Integrator and installer: DER setup for meeting resilience recommendations
- 7.5.4 Testing personnel: resilient DER system interconnection testing recommendations
- 7.5.5 DER user: access recommendations
- 7.5.6 ICT designers: requirements for local DER communications
- 7.5.7 Security managers: alarming, logging, and reporting cyber security recommendations
- 7.5.8 Maintenance personnel: resilience recommendations for maintenance, updating and re-testing, systems
- 7.5.9 Recommended coping actions during an attack or failure
- 7.5.10 Recommended recovery and analysis actions after an attack or failure
- 8 Level 2: Facilities DER energy management (FDEMS) resilience recommendations [Go to Page]
- 8.1 Level 2 FDEMS: architecture
- 8.2 Level 2 FDEMS: Vulnerabilities
- 8.3 Level 2 FDEMS: Impacts
- 8.4 Level 2 FDEMS: Resilience recommendations [Go to Page]
- 8.4.1 General
- 8.4.2 Manufacturer: Design of FDEMS resilience recommendations
- 8.4.3 Integrators and installer: FDEMS implementation for meeting resilience recommendations
- 8.4.4 Testing personnel: Resilient FDEMS testing recommendations
- 8.4.5 FDEMS users: Access recommendations
- 8.4.6 FDEMS ICT designers: Resilience recommendations
- 8.4.7 Security managers: Alarming, logging, and reporting recommendations
- 8.4.8 Maintenance personnel: Resilience recommendations for maintenance, updating and re-testing, systems
- 8.4.9 Recommended coping actions during an attack or failure
- 8.4.10 Recommended recovery and analysis actions after an attack or failure
- 9 Level 3: Third parties: Retail energy provider or aggregators resilience recommendations [Go to Page]
- 9.1 Level 3: Third parties: ICT architecture
- 9.2 Level 3: Third parties: ICT vulnerabilities
- 9.3 Level 3: Third parties: ICT impacts
- 9.4 Level 3: Third parties ICT: Resilience recommendations [Go to Page]
- 9.4.1 Third party ICT designers: Resilience recommendations
- 9.4.2 ICT users: Access recommendations
- 10 Level 4: Distribution operations analysis resilience recommendations [Go to Page]
- 10.1 Level 4 DSO analysis: Architecture
- 10.2 Level 4 DSO analysis: Vulnerabilities
- 10.3 Level 4 DSO analysis: Impacts
- 10.4 Level 4 DSO analysis: Resilience recommendations [Go to Page]
- 10.4.1 Resilient design of distribution grid equipment with DER systems
- 10.4.2 Resilience through DSO grid operations with DER systems
- 10.4.3 Resilience through power system analysis
- 10.4.4 Resilience by stakeholder training
- Annexes [Go to Page]
- Annex A (informative) NISTIR 7628 Smart Grid Catalog of Security Requirements [Go to Page]
- A.1 NISTIR 7628 families of security requirements
- A.2 Detailed NISTIR 7626 Catalogue of Smart Grid Security Requirements
- Annex B (informative) IT security guidelines [Go to Page]
- B.1 Overview of cyber security issues for DER systems
- B.2 Security guidelines and policies across organizational boundaries
- B.3 User and device authentication
- B.4 Good practices for specifying and implementing cryptography
- B.5 Cryptographic methods
- B.6 Cryptography used for transport layer security on networks
- B.7 Wireless cryptography
- B.8 Key management using Public Key Cryptography
- B.9 Multicast and group keys
- B.10 Device and platform integrity
- B.11 Resilient network configurations
- B.12 Network and system management (NSM)
- B.13 Some additional cyber security techniques
- B.14 Security testing procedures
- B.15 Security interoperability
- Annex C (informative) Mapping between IEC 62443-3-3, NISTIR 7628, and IEC TR 62351-12 [Go to Page]
- C.1 Mapping table
- C.2 IEC TR 62351-12 cyber security items not mapped to all guidelines
- Annex D (informative) Glossary of terms
- Bibliography
- Figures [Go to Page]
- Figure 1 – Smart grid resilience: intertwined IT cyber security and engineering strategies
- Figure 2 – Smart Grid Architecture Model (SGAM)
- Figure 3 – Five-level hierarchical DER system architecture
- Figure 4 – Structure of use cases within the DER hierarchy
- Figure 5 – Mitigations by engineering strategies and cyber security measures
- Figure 6 – Security requirements, threats, and possible attacks
- Figure 7 – Level 1: Autonomous DER systems at smaller customer and utility sites
- Figure 8 – Level 2 FDEMS architecture
- Figure 9 – DER third parties: Retail energy provider or aggregators architecture
- Figure 10 – Distribution operations architecture
- Tables [Go to Page]
- Table 1 – Examples of mitigations by engineering strategies and cyber security techniques
- Table 2 – Engineering and cyber security data for managing the resilience of DER systems
- Table 3 – Examples of mitigation categories for cyber-physical systems
- Table 4 – Level 1 impact severities due to attacks and failures of autonomous DER systems
- Table 5 – Level 2 impact severities due to malicious attacks and failures of FDEMS
- Table 6 – Level 3 impact severities due to malicious attacks and failures of DER ICT
- Table 7 – Level 4 impact severities due to malicious attacks and failures of DMS or DERMS
- Table A.1 – NIST Smart Grid Security Requirements Families
- Table A.2 – Detailed NIST Catalogue of Smart Grid Security Requirements
- Table C.1 – Mapping between IEC 62443-3-3, NISTIR 7628, and IEC TR 62351-12
- Table C.2 – IEC 62351-12 cyber security items not mapped to all guidelines [Go to Page]