🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PD IEC TS 63208:2020

BSI PD IEC TS 63208:2020

$189.07

Low-voltage switchgear and controlgear. Security aspects

Published By Publication Date Number of Pages
BSI 2020 50
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document applies to the security related main functions of switchgear and controlgear during the whole lifecycle of the equipment. It is applicable to wired and wireless data communication means and the physical accessibility to the equipment, within its limits of environmental conditions.

This document is intended to develop awareness about security aspects and provides recommendations and requirements on the appropriate countermeasures against vulnerability to threats.

In particular, it focuses on potential vulnerabilities to threats resulting in:

  • unintended operation of the switching device or the control device or sensor, which can lead to hazardous situations;

  • unavailability of the protective functions (overcurrent, earth leakage, etc.).

This document does not cover security requirement for information technology (IT) and for industrial automation and control systems (IACS), but it only implements in switchgear and controlgear appropriate security countermeasures derived from the base security publication ISO/IEC 27001 and the group security publications IEC 62443 (all parts).

This document, as a product security publication, follows IEC Guide 120 and includes typical use case studies as given in Annex B.

PDF Catalog

PDF Pages PDF Title
2 undefined
4 CONTENTS
7 FOREWORD
9 INTRODUCTION
10 1 Scope
2 Normative references
11 3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
14 3.2 Abbreviated terms
15 4 General
5 Security objectives
6 Security lifecycle management
6.1 General
16 6.2 Security risk assessment
Figure 1 – Example of physical interfaces of an embedded devicein an equipment which can be subject to an attack
Table 1 – Typical threats
17 6.3 Response to security risk
Figures
18 6.4 Security requirement specification
6.5 Important data
6.6 System architecture
6.6.1 Control system
6.6.2 Levels of communication functionalities
19 6.6.3 Levels of connectivity
Figure 2 – Control system architecture with switchgear and controlgear
20 Figure 3 – Control system connectivity level C3
Figure 4 – Control system connectivity level C4
21 6.6.4 Control system exposure levels
Figure 5 – Control system connectivity level C5
Table 2 – Level of exposure of a control system
22 7 Security requirements
7.1 General
7.2 Cybersecurity aspects
Figure 6 – Switchgear and controlgear minimum security profile
23 7.3 Physical access and environment
24 7.4 Equipment requirement
7.4.1 General
7.4.2 Hardening
7.4.3 Encryption techniques
7.4.4 Embedded software robustness and integrity
25 7.4.5 Denial of service
7.4.6 Authentication of users
26 7.4.7 Communication systems
7.4.8 Wireless communication
8 Instructions for installation, operation and maintenance
27 9 Development and testing
9.1 General development method
9.2 Testing
Figure 7 – Example of security instruction symbol
28 Annex A (informative)Cybersecurity and electrical system architecture
A.1 General
A.2 Typical architecture involving switchgear and controlgear and their assembly
A.2.1 Building
29 A.2.2 Manufacturing
Figure A.1 – Building electrical architecture
30 A.3 Security levels and product standards
Figure A.2 – Industrial plants
31 Annex B (informative)Use case studies
B.1 General
B.2 Use case 1 – Protection against malicious firmware upgrade of a circuit-breaker
32 B.3 Use case 2 – Protection against unauthorized access to electrical production network
33 B.4 Use case 3 – Protection against DDoS (distributed denial of service) attack through insecure IoT devices
34 B.5 Use case 4 – Protection against unauthorized access to the electrical network using illegitimate device
36 B.6 Use case 5 – Protection against malicious firmware upgrade of a sensor (e.g. proximity switch), mounted in a machine wired-connected by IO-Link interface
37 B.7 Use case 6 – HMI: human machine interface – Protection against unauthorized access to a simple sensor (mounted in a machine) – improper parametrization
38 B.8 Use case 7 – HMI: human machine interface – Protection against unauthorized access to a complex sensor (mounted in a machine) – improper parametrization
40 B.9 Use case 8 – Protection against unauthorized access to a sensor (e.g. proximity switch), mounted in a machine, connected by wireless communication interface (WCI)
42 Annex C (informative)Basic cybersecurity aspects
C.1 General
C.2 Identification and authentication
C.3 Use control
C.4 System integrity
43 C.5 Data confidentiality
C.6 Restricted data flow
C.7 Timely response to events
C.8 Resource availability
44 Annex D (informative)Guidelines for users of switchgear and controlgear
D.1 General
D.2 Risk assessment and security planning
D.2.1 Risk assessment
D.2.2 Security plan
45 D.3 Recommendations for design and installation of the system integrating switchgear and controlgear
D.3.1 General access control
D.3.2 Recommendations for local access
46 D.3.3 Recommendations for remote access
D.3.4 Recommendations for firmware upgrades
47 Bibliography

Related products

BSI PD IEC TS 63208:2020
$189.07