🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PD IEC/TR 62351-12:2016

BSI PD IEC/TR 62351-12:2016

$215.11

Power systems management and associated information exchange. Data and communications security – Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems

Published By Publication Date Number of Pages
BSI 2016 112
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This part of IEC 62351, which is a technical report, discusses cyber security recommendations and engineering/operational strategies for improving the resilience of power systems with interconnected Distributed Energy Resources (DER) systems. It covers the resilience requirements for the many different stakeholders of these dispersed cyber-physical generation and storage devices, with the goal of enhancing the safety, reliability, power quality, and other operational aspects of power systems, particularly those with high penetrations of DER systems.

The focus of this technical report is describing the impact of DER systems on power system resilience, and covers the cyber security and engineering strategies for improving power system resilience with high penetrations of DER systems.

While recognizing that many other requirements exist for improving power system resilience, this technical report does not address general power system configurations, operations, manual power restoration activities or the many other non-DER-specific issues. For instance, power system reliability relies on well-coordinated protective relays, stable power system designs, and well-trained field crews, while control center cyber security relies on many best practices for communication network design and firewalls. However, this technical report only addresses the additional reliability and resilience issues caused by 3rd-party managed DER systems which may not be as well-secured or operated with the same reliability as the utility-managed power system.

This technical report discusses the resilience issues for cyber-physical DER systems interconnected with the power grid, building on the concepts and the hierarchical architecture described in the Smart Grid Interoperability Panel (SGIP) draft DRGS Subgroup B White Paper – Categorizing Use Cases in Hierarchical DER Systems 01-14-2014.docx 2 .

PDF Catalog

PDF Pages PDF Title
4 CONTENTS
8 FOREWORD
10 INTRODUCTION
11 Figures
Figure 1 – Smart grid resilience: intertwined IT cyber security and engineering strategies
12 1 Scope
2 Normative references
13 3 Terms and definitions
14 4 Abbreviations and acronyms
15 5 DER architectures and DER cyber-physical concepts
5.1 Resiliency challenge for power systems with DER systems
16 5.2 Five-level DER hierarchical architecture
17 Figure 2 – Smart Grid Architecture Model (SGAM)
18 Figure 3 – Five-level hierarchical DER system architecture
19 5.3 DER system interfaces
20 5.4 Resilience at different DER architectural levels
21 5.5 DER Systems as cyber-physical systems
5.5.1 Protecting cyber-physical DER systems
Figure 4 – Structure of use cases within the DER hierarchy
22 5.5.2 Cyber-physical threats
23 5.5.3 Resilience measures for cyber-physical systems
Figure 5 – Mitigations by engineering strategies and cyber security measures
24 Tables
Table 1 – Examples of mitigations by engineering strategies and cyber security techniques
Table 2 – Engineering and cyber security data for managing the resilience of DER systems
25 6 Threats, vulnerabilities, and impacts on power system resilience
6.1 Threats – engineering and cyber
6.1.1 Physical and electrical threats – mostly but not entirely inadvertent
6.1.2 Cyber threats – inadvertent and deliberate
28 6.2 Vulnerabilities – engineering and cyber vulnerabilities
6.2.1 General
6.2.2 Power system vulnerabilities and attacks
30 6.2.3 Cyber security vulnerabilities and attacks
32 6.3 Risk management and mitigation techniques
6.3.1 Risk handling
Figure 6 – Security requirements, threats, and possible attacks
33 6.3.2 Risk mitigation categories
34 Table 3 – Examples of mitigation categories for cyber-physical systems
35 6.4 Impacts on power system resilience
6.4.1 Safety impacts
36 6.4.2 Power outage impacts
37 6.4.3 Power quality impacts
6.4.4 Financial impacts
38 6.4.5 Regulatory and legal impacts
6.4.6 Environmental impacts
6.4.7 Goodwill and other “soft” impacts
6.5 DER stakeholders’ resilience responsibilities
39 6.6 Resilience Measures for DER systems to counter threats
6.6.1 General IT cyber security approach for DER systems
40 6.6.2 Resilience by engineering designs and operational strategies
7 Level 1 DER System resilience recommendations
7.1 General
7.2 Level 1 DER system: architecture
41 Figure 7 – Level 1: Autonomous DER systems at smaller customer and utility sites
42 7.3 Level 1 DER system: vulnerabilities
7.3.1 General
7.3.2 Cyber vulnerabilities
7.3.3 Engineering design and development vulnerabilities
43 7.3.4 Deployment and operational vulnerabilities
7.4 Level 1 DER system: impacts
45 Table 4 – Level 1 impact severities due to attacks and failures of autonomous DER systems
46 7.5 Level 1 DER system: resilience recommendations
7.5.1 General
7.5.2 Manufacturer: DER system design for resilience recommendations
47 7.5.3 Integrator and installer: DER setup for meeting resilience recommendations
49 7.5.4 Testing personnel: resilient DER system interconnection testing recommendations
50 7.5.5 DER user: access recommendations
7.5.6 ICT designers: requirements for local DER communications
52 7.5.7 Security managers: alarming, logging, and reporting cyber security recommendations
7.5.8 Maintenance personnel: resilience recommendations for maintenance, updating and re-testing, systems
53 7.5.9 Recommended coping actions during an attack or failure
54 7.5.10 Recommended recovery and analysis actions after an attack or failure
8 Level 2: Facilities DER energy management (FDEMS) resilience recommendations
8.1 Level 2 FDEMS: architecture
55 Figure 8 – Level 2 FDEMS architecture
56 8.2 Level 2 FDEMS: Vulnerabilities
8.3 Level 2 FDEMS: Impacts
57 Table 5 – Level 2 impact severities due to malicious attacks and failures of FDEMS
58 8.4 Level 2 FDEMS: Resilience recommendations
8.4.1 General
8.4.2 Manufacturer: Design of FDEMS resilience recommendations
59 8.4.3 Integrators and installer: FDEMS implementation for meeting resilience recommendations
62 8.4.4 Testing personnel: Resilient FDEMS testing recommendations
8.4.5 FDEMS users: Access recommendations
63 8.4.6 FDEMS ICT designers: Resilience recommendations
65 8.4.7 Security managers: Alarming, logging, and reporting recommendations
8.4.8 Maintenance personnel: Resilience recommendations for maintenance, updating and re-testing, systems
66 8.4.9 Recommended coping actions during an attack or failure
67 8.4.10 Recommended recovery and analysis actions after an attack or failure
68 9 Level 3: Third parties: Retail energy provider or aggregators resilience recommendations
9.1 Level 3: Third parties: ICT architecture
69 9.2 Level 3: Third parties: ICT vulnerabilities
Figure 9 – DER third parties: Retail energy provider or aggregators architecture
70 9.3 Level 3: Third parties: ICT impacts
71 9.4 Level 3: Third parties ICT: Resilience recommendations
9.4.1 Third party ICT designers: Resilience recommendations
Table 6 – Level 3 impact severities due to malicious attacks and failures of DER ICT
73 9.4.2 ICT users: Access recommendations
74 10 Level 4: Distribution operations analysis resilience recommendations
10.1 Level 4 DSO analysis: Architecture
Figure 10 – Distribution operations architecture
75 10.2 Level 4 DSO analysis: Vulnerabilities
76 10.3 Level 4 DSO analysis: Impacts
77 Table 7 – Level 4 impact severities due to malicious attacks and failures of DMS or DERMS
78 10.4 Level 4 DSO analysis: Resilience recommendations
10.4.1 Resilient design of distribution grid equipment with DER systems
10.4.2 Resilience through DSO grid operations with DER systems
79 10.4.3 Resilience through power system analysis
80 10.4.4 Resilience by stakeholder training
81 Annexes
Annex A (informative) NISTIR 7628 Smart Grid Catalog of Security Requirements
A.1 NISTIR 7628 families of security requirements
Table A.1 – NIST Smart Grid Security Requirements Families
82 A.2 Detailed NISTIR 7626 Catalogue of Smart Grid Security Requirements
Table A.2 – Detailed NIST Catalogue of Smart Grid Security Requirements
87 Annex B (informative) IT security guidelines
B.1 Overview of cyber security issues for DER systems
B.2 Security guidelines and policies across organizational boundaries
89 B.3 User and device authentication
91 B.4 Good practices for specifying and implementing cryptography
92 B.5 Cryptographic methods
93 B.6 Cryptography used for transport layer security on networks
94 B.7 Wireless cryptography
B.8 Key management using Public Key Cryptography
96 B.9 Multicast and group keys
B.10 Device and platform integrity
B.11 Resilient network configurations
97 B.12 Network and system management (NSM)
B.13 Some additional cyber security techniques
B.14 Security testing procedures
98 B.15 Security interoperability
99 Annex C (informative) Mapping between IEC 62443-3-3, NISTIR 7628, and IEC TR 62351-12
C.1 Mapping table
100 Table C.1 – Mapping between IEC 62443-3-3, NISTIR 7628, and IEC TR 62351-12
105 C.2 IEC TR 62351-12 cyber security items not mapped to all guidelines
106 Table C.2 – IEC 62351-12 cyber security items not mapped to all guidelines
108 Annex D (informative) Glossary of terms
109 Bibliography

Related products

BSI PD IEC/TR 62351-12:2016
$215.11