3
STANDARDS
There are several standards, which apply to substation cyber-security. The standards currently applicable to
General Electric IEDs are NERC and IEEE1686.
Standard
Country
Description
NERC CIP (North American Electric Reliability
Corporation)
USA
Framework for the protection of the grid critical Cyber Assets
BDEW (German Association of Energy and Water
Industries)
Germany
Requirements for Secure Control and Telecommunication
Systems
ANSI ISA 99
USA
ICS oriented then Relevant for EPU completing existing standard
and identifying new topics such as patch management
IEEE 1686
International
International Standard for substation IED cyber-security
capabilities
IEC 62351
International
Power system data and Comm. protocol
ISO/IEC 27002
International
Framework for the protection of the grid critical Cyber Assets
NIST SP800-53 (National Institute of Standards and
Technology)
USA
Complete framework for SCADA SP800-82and ICS cyber-security
CPNI Guidelines (Centre for the Protection of National
Infrastructure)
UK
Clear and valuable good practices for Process Control and SCADA
security
3.1
NERC COMPLIANCE
The North American Electric Reliability Corporation (NERC) created a set of standards for the protection of critical
infrastructure. These are known as the CIP standards (Critical Infrastructure Protection). These were introduced to
ensure the protection of 'Critical Cyber Assets', which control or have an influence on the reliability of North
America’s electricity generation and distribution systems.
These standards have been compulsory in the USA for several years now. Compliance auditing started in June
2007, and utilities face extremely heavy fines for non-compliance.
NERC CIP standards
CIP standard
Description
CIP-002-1 Critical Cyber Assets
Define and document the Critical Assets and the Critical Cyber Assets
CIP-003-1 Security Management Controls
Define and document the Security Management Controls required to protect the
Critical Cyber Assets
CIP-004-1 Personnel and Training
Define and Document Personnel handling and training required protecting Critical
Cyber Assets
CIP-005-1 Electronic Security
Define and document logical security perimeters where Critical Cyber Assets reside.
Define and document measures to control access points and monitor electronic
access
CIP-006-1 Physical Security
Define and document Physical Security Perimeters within which Critical Cyber Assets
reside
CIP-007-1 Systems Security Management
Define and document system test procedures, account and password management,
security patch management, system vulnerability, system logging, change control
and configuration required for all Critical Cyber Assets
CIP-008-1 Incident Reporting and Response Planning
Define and document procedures necessary when Cyber-security Incidents relating
to Critical Cyber Assets are identified
CIP-009-1 Recovery Plans
Define and document Recovery plans for Critical Cyber Assets
P54A/B/C/E
Chapter 18 - Cyber-Security
P54xMED-TM-EN-1
417
Summary of Contents for P4A
Page 2: ......
Page 20: ...Contents P54A B C E xviii P54xMED TM EN 1 ...
Page 27: ...CHAPTER 1 INTRODUCTION ...
Page 28: ...Chapter 1 Introduction P54A B C E 2 P54xMED TM EN 1 ...
Page 38: ...Chapter 1 Introduction P54A B C E 12 P54xMED TM EN 1 ...
Page 39: ...CHAPTER 2 SAFETY INFORMATION ...
Page 40: ...Chapter 2 Safety Information P54A B C E 14 P54xMED TM EN 1 ...
Page 52: ...Chapter 2 Safety Information P54A B C E 26 P54xMED TM EN 1 ...
Page 53: ...CHAPTER 3 HARDWARE DESIGN ...
Page 54: ...Chapter 3 Hardware Design P54A B C E 28 P54xMED TM EN 1 ...
Page 86: ...Chapter 3 Hardware Design P54A B C E 60 P54xMED TM EN 1 ...
Page 87: ...CHAPTER 4 SOFTWARE DESIGN ...
Page 88: ...Chapter 4 Software Design P54A B C E 62 P54xMED TM EN 1 ...
Page 99: ...CHAPTER 5 CONFIGURATION ...
Page 100: ...Chapter 5 Configuration P54A B C E 74 P54xMED TM EN 1 ...
Page 120: ...Chapter 5 Configuration P54A B C E 94 P54xMED TM EN 1 ...
Page 121: ...CHAPTER 6 CURRENT DIFFERENTIAL PROTECTION ...
Page 122: ...Chapter 6 Current Differential Protection P54A B C E 96 P54xMED TM EN 1 ...
Page 149: ...CHAPTER 7 AUTORECLOSE ...
Page 150: ...Chapter 7 Autoreclose P54A B C E 124 P54xMED TM EN 1 ...
Page 207: ...CHAPTER 8 CB FAIL PROTECTION ...
Page 208: ...Chapter 8 CB Fail Protection P54A B C E 182 P54xMED TM EN 1 ...
Page 219: ...CHAPTER 9 CURRENT PROTECTION FUNCTIONS ...
Page 220: ...Chapter 9 Current Protection Functions P54A B C E 194 P54xMED TM EN 1 ...
Page 244: ...Chapter 9 Current Protection Functions P54A B C E 218 P54xMED TM EN 1 ...
Page 247: ...CHAPTER 10 VOLTAGE PROTECTION FUNCTIONS ...
Page 248: ...Chapter 10 Voltage Protection Functions P54A B C E 222 P54xMED TM EN 1 ...
Page 261: ...CHAPTER 11 FREQUENCY PROTECTION FUNCTIONS ...
Page 262: ...Chapter 11 Frequency Protection Functions P54A B C E 236 P54xMED TM EN 1 ...
Page 268: ...Chapter 11 Frequency Protection Functions P54A B C E 242 P54xMED TM EN 1 ...
Page 269: ...CHAPTER 12 MONITORING AND CONTROL ...
Page 270: ...Chapter 12 Monitoring and Control P54A B C E 244 P54xMED TM EN 1 ...
Page 300: ...Chapter 12 Monitoring and Control P54A B C E 274 P54xMED TM EN 1 ...
Page 301: ...CHAPTER 13 SUPERVISION ...
Page 302: ...Chapter 13 Supervision P54A B C E 276 P54xMED TM EN 1 ...
Page 312: ...Chapter 13 Supervision P54A B C E 286 P54xMED TM EN 1 ...
Page 323: ...CHAPTER 14 DIGITAL I O AND PSL CONFIGURATION ...
Page 324: ...Chapter 14 Digital I O and PSL Configuration P54A B C E 298 P54xMED TM EN 1 ...
Page 336: ...Chapter 14 Digital I O and PSL Configuration P54A B C E 310 P54xMED TM EN 1 ...
Page 337: ...CHAPTER 15 FIBRE TELEPROTECTION ...
Page 338: ...Chapter 15 Fibre Teleprotection P54A B C E 312 P54xMED TM EN 1 ...
Page 354: ...Chapter 15 Fibre Teleprotection P54A B C E 328 P54xMED TM EN 1 ...
Page 355: ...CHAPTER 16 ELECTRICAL TELEPROTECTION ...
Page 356: ...Chapter 16 Electrical Teleprotection P54A B C E 330 P54xMED TM EN 1 ...
Page 366: ...Chapter 16 Electrical Teleprotection P54A B C E 340 P54xMED TM EN 1 ...
Page 367: ...CHAPTER 17 COMMUNICATIONS ...
Page 368: ...Chapter 17 Communications P54A B C E 342 P54xMED TM EN 1 ...
Page 439: ...CHAPTER 18 CYBER SECURITY ...
Page 440: ...Chapter 18 Cyber Security P54A B C E 414 P54xMED TM EN 1 ...
Page 457: ...CHAPTER 19 INSTALLATION ...
Page 458: ...Chapter 19 Installation P54A B C E 432 P54xMED TM EN 1 ...
Page 471: ...CHAPTER 20 COMMISSIONING INSTRUCTIONS ...
Page 472: ...Chapter 20 Commissioning Instructions P54A B C E 446 P54xMED TM EN 1 ...
Page 513: ...CHAPTER 21 MAINTENANCE AND TROUBLESHOOTING ...
Page 514: ...Chapter 21 Maintenance and Troubleshooting P54A B C E 488 P54xMED TM EN 1 ...
Page 530: ...Chapter 21 Maintenance and Troubleshooting P54A B C E 504 P54xMED TM EN 1 ...
Page 531: ...CHAPTER 22 TECHNICAL SPECIFICATIONS ...
Page 532: ...Chapter 22 Technical Specifications P54A B C E 506 P54xMED TM EN 1 ...
Page 558: ...Chapter 22 Technical Specifications P54A B C E 532 P54xMED TM EN 1 ...
Page 559: ...APPENDIX A ORDERING OPTIONS ...
Page 560: ...Appendix A Ordering Options P54A B C E P54xMED TM EN 1 ...
Page 565: ...APPENDIX B SETTINGS AND SIGNALS ...
Page 566: ...Appendix B Settings and Signals P54A B C E P54xMED TM EN 1 ...
Page 790: ...Appendix B Settings and Signals P54A B C E B224 P54xMED TM EN 1 ...
Page 835: ...APPENDIX C WIRING DIAGRAMS ...
Page 836: ...Appendix C Wiring Diagrams P54A B C E P54xMED TM EN 1 ...
Page 849: ......