Cybersecurity in Distribution Automation: approach for common referential leveraging Standardization

dc.contributor.affiliationSchneider Electric
dc.contributor.affiliationSchneider Electric
dc.contributor.affiliationSchneider Electric
dc.contributor.affiliationSchneider Electric
dc.contributor.authorJean-Luc, Batard
dc.contributor.authorLudovic, Lamberti
dc.contributor.authorMatthieu, Salles
dc.contributor.authorEric, Suptitz
dc.contributor.countryFrance
dc.contributor.countryFrance
dc.contributor.countryFrance
dc.contributor.countryFrance
dc.contributor.detailedauthorJean-Luc, Batard, Schneider Electric, France
dc.contributor.detailedauthorLudovic, Lamberti, Schneider Electric, France
dc.contributor.detailedauthorMatthieu, Salles, Schneider Electric, France
dc.contributor.detailedauthorEric, Suptitz , Schneider Electric, France
dc.date.accessioned2019-07-24T12:48:33Z
dc.date.available2019-07-24T12:48:33Z
dc.date.conferencedate3-6 June 2019
dc.date.issued2019-06-03
dc.description.abstractThis article provides some approach to ease definition and analysis of Cybersecurity requirement during Projects for Distributed Automation Equipments, while still taking into account Utility specificities. It is based on appropriate usage of IEC 62443 standard.Defining and analyzing a common Cybersecurity requirement referential is today a nightmare both for Utilities&PrivateCustomers (Hereafter referred to as "Customers") and for Monitoring&Control product suppliers. 1/ Situation as per todayCurrent usage for Request for projects consist most often in extracting from various standards and existing literature (whitepapers, local regulations,…) a list of requirements of different nature. In best case it is based on the output of a risk assessment process.Current standardization state has been significantly improved on the past years, and is still evolving. However there as still numerous limits (to be listed)… Resulting difficulties for actors are time&money consuming, and expand with the number of private referential2/ Proposed approach is based on leveraging functional requirements defined in IEC 62443, but also referring to the defined Security levels, enabling then to refer to consistent profiles rather than a dedicated list of functional requirements.Flexibility remains to adapt to each Customer specificities by selecting the most relevant security level.  This decision is based on Customer risk assessment, made according to ISO 27000 standard.In complement, specification should require that functional requirements from IEC 62443 are implemented in compliance to IEC 62351 serie.
dc.description.conferencelocationMadrid, Spain
dc.description.conferencenameCIRED 2019
dc.description.openaccessYes
dc.description.peerreviewedYes
dc.description.sessionDSO business environment enabling digitalization and energy transition
dc.description.sessionidSession 6
dc.identifier.isbn978-2-9602415-0-1
dc.identifier.issn2032-9644
dc.identifier.urihttps://cired-repository.org/handle/20.500.12455/728
dc.identifier.urihttp://dx.doi.org/10.34890/952
dc.language.isoen
dc.publisherAIM
dc.relation.ispartProc. of the 25th International Conference on Electricity Distribution (CIRED 2019)
dc.relation.ispartofseriesCIRED Conference Proceedings
dc.titleCybersecurity in Distribution Automation: approach for common referential leveraging Standardization
dc.title.number2086
dc.typeConference Proceedings
Files
Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
CIRED 2019 - 2086.pdf
Size:
445.62 KB
Format:
Adobe Portable Document Format