Cybersecurity in Distribution Automation: approach for common referential leveraging Standardization

Loading...
Thumbnail Image

Paper number

2086

Working Group Number

Conference name

CIRED 2019

Conference date

3-6 June 2019

Conference location

Madrid, Spain

Peer-reviewed

Yes

Short title

Convener

Authors

Jean-Luc, Batard, Schneider Electric, France
Ludovic, Lamberti, Schneider Electric, France
Matthieu, Salles, Schneider Electric, France
Eric, Suptitz , Schneider Electric, France

Abstract

This article provides some approach to ease definition and analysis of Cybersecurity requirement during Projects for Distributed Automation Equipments, while still taking into account Utility specificities. It is based on appropriate usage of IEC 62443 standard.Defining and analyzing a common Cybersecurity requirement referential is today a nightmare both for Utilities&PrivateCustomers (Hereafter referred to as "Customers") and for Monitoring&Control product suppliers. 1/ Situation as per todayCurrent usage for Request for projects consist most often in extracting from various standards and existing literature (whitepapers, local regulations,…) a list of requirements of different nature. In best case it is based on the output of a risk assessment process.Current standardization state has been significantly improved on the past years, and is still evolving. However there as still numerous limits (to be listed)… Resulting difficulties for actors are time&money consuming, and expand with the number of private referential2/ Proposed approach is based on leveraging functional requirements defined in IEC 62443, but also referring to the defined Security levels, enabling then to refer to consistent profiles rather than a dedicated list of functional requirements.Flexibility remains to adapt to each Customer specificities by selecting the most relevant security level.  This decision is based on Customer risk assessment, made according to ISO 27000 standard.In complement, specification should require that functional requirements from IEC 62443 are implemented in compliance to IEC 62351 serie.

Table of content

Keywords

Publisher

AIM

Date

2019-06-03

Permanent link to this record

https://cired-repository.org/handle/20.500.12455/728
http://dx.doi.org/10.34890/952

ISSN

2032-9644

ISBN

978-2-9602415-0-1