3.8 Cyber Security Issues Affecting Distribution
3.8.4 Cyber Security Standards
Some of the available cyber security standards that could be applicable to distribution systems and DER systems include the following :
- DOE / DHS Cybersecurity Capability Maturity Model for the Electricity Subsector
- DOE/NIST/NERC Electricity Subsector Cybersecurity Risk Management Process Guideline
- DOE / DHS Electric Sector Cybersecurity Risk Management Maturity Initiative
- IEC 62351 Parts 1-13 data and communications security (used for cyber security of IEC 61850, DNP3, and power system communication networks)
- IEC 62443 series on security for industrial process measurement and control (work in process based on ISA SP99)
- IEEE 802.11i wireless security (e.g. for WiFi)
- IETF cybersecurity RFCs, including RFC 5246 Transport Layer Security (TLS) (used on the Internet and many other networks)
- IETF RFC 6272 Internet Protocols for the Smart Grid (identifies RFCs used in the Smart Grid)
- ISO 27000 Information Security Standards (used by the international industries, including electric utilities)
- NERC Critical Infrastructure Protection (CIP) 002-009 (used for transmission systems, but may be useful for distribution systems)
- NIST SP 800-82 Guide to Industrial Control Systems (ICS) Security
- NISTIR 7628 Vol. 1 thru 3 Guidelines for Smart Grid Cyber Security
A more complete list can be found at http://iectc57.ucaiug.org/wg15public/default.aspx