This part of IEC 62351, which is a technical report, discusses cyber security recommendations and engineering\/operational strategies for improving the resilience of power systems with interconnected Distributed Energy Resources (DER) systems. It covers the resilience requirements for the many different stakeholders of these dispersed cyber-physical generation and storage devices, with the goal of enhancing the safety, reliability, power quality, and other operational aspects of power systems, particularly those with high penetrations of DER systems.<\/p>\n
The focus of this technical report is describing the impact of DER systems on power system resilience, and covers the cyber security and engineering strategies for improving power system resilience with high penetrations of DER systems.<\/p>\n
While recognizing that many other requirements exist for improving power system resilience, this technical report does not address general power system configurations, operations, manual power restoration activities or the many other non-DER-specific issues. For instance, power system reliability relies on well-coordinated protective relays, stable power system designs, and well-trained field crews, while control center cyber security relies on many best practices for communication network design and firewalls. However, this technical report only addresses the additional reliability and resilience issues caused by 3rd<\/sup>-party managed DER systems which may not be as well-secured or operated with the same reliability as the utility-managed power system.<\/p>\n This technical report discusses the resilience issues for cyber-physical DER systems interconnected with the power grid, building on the concepts and the hierarchical architecture described in the Smart Grid Interoperability Panel (SGIP) draft DRGS Subgroup B White Paper \u2013 Categorizing Use Cases in Hierarchical DER Systems 01-14-2014.docx<\/i> 2<\/sup> .<\/p>\n Power systems management and associated information exchange. Data and communications security – Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems<\/b><\/p>\nPDF Catalog<\/h4>\n
\n
\n PDF Pages<\/th>\n PDF Title<\/th>\n<\/tr>\n \n 4<\/td>\n CONTENTS <\/td>\n<\/tr>\n \n 8<\/td>\n FOREWORD <\/td>\n<\/tr>\n \n 10<\/td>\n INTRODUCTION <\/td>\n<\/tr>\n \n 11<\/td>\n Figures
Figure 1 \u2013 Smart grid resilience: intertwined IT cyber security and engineering strategies <\/td>\n<\/tr>\n\n 12<\/td>\n 1 Scope
2 Normative references <\/td>\n<\/tr>\n\n 13<\/td>\n 3 Terms and definitions <\/td>\n<\/tr>\n \n 14<\/td>\n 4 Abbreviations and acronyms <\/td>\n<\/tr>\n \n 15<\/td>\n 5 DER architectures and DER cyber-physical concepts
5.1 Resiliency challenge for power systems with DER systems <\/td>\n<\/tr>\n\n 16<\/td>\n 5.2 Five-level DER hierarchical architecture <\/td>\n<\/tr>\n \n 17<\/td>\n Figure 2 \u2013 Smart Grid Architecture Model (SGAM) <\/td>\n<\/tr>\n \n 18<\/td>\n Figure 3 \u2013 Five-level hierarchical DER system architecture <\/td>\n<\/tr>\n \n 19<\/td>\n 5.3 DER system interfaces <\/td>\n<\/tr>\n \n 20<\/td>\n 5.4 Resilience at different DER architectural levels <\/td>\n<\/tr>\n \n 21<\/td>\n 5.5 DER Systems as cyber-physical systems
5.5.1 Protecting cyber-physical DER systems
Figure 4 \u2013 Structure of use cases within the DER hierarchy <\/td>\n<\/tr>\n\n 22<\/td>\n 5.5.2 Cyber-physical threats <\/td>\n<\/tr>\n \n 23<\/td>\n 5.5.3 Resilience measures for cyber-physical systems
Figure 5 \u2013 Mitigations by engineering strategies and cyber security measures <\/td>\n<\/tr>\n\n 24<\/td>\n Tables
Table 1 \u2013 Examples of mitigations by engineering strategies and cyber security techniques
Table 2 \u2013 Engineering and cyber security data for managing the resilience of DER systems <\/td>\n<\/tr>\n\n 25<\/td>\n 6 Threats, vulnerabilities, and impacts on power system resilience
6.1 Threats \u2013 engineering and cyber
6.1.1 Physical and electrical threats \u2013 mostly but not entirely inadvertent
6.1.2 Cyber threats \u2013 inadvertent and deliberate <\/td>\n<\/tr>\n\n 28<\/td>\n 6.2 Vulnerabilities \u2013 engineering and cyber vulnerabilities
6.2.1 General
6.2.2 Power system vulnerabilities and attacks <\/td>\n<\/tr>\n\n 30<\/td>\n 6.2.3 Cyber security vulnerabilities and attacks <\/td>\n<\/tr>\n \n 32<\/td>\n 6.3 Risk management and mitigation techniques
6.3.1 Risk handling
Figure 6 \u2013 Security requirements, threats, and possible attacks <\/td>\n<\/tr>\n\n 33<\/td>\n 6.3.2 Risk mitigation categories <\/td>\n<\/tr>\n \n 34<\/td>\n Table 3 \u2013 Examples of mitigation categories for cyber-physical systems <\/td>\n<\/tr>\n \n 35<\/td>\n 6.4 Impacts on power system resilience
6.4.1 Safety impacts <\/td>\n<\/tr>\n\n 36<\/td>\n 6.4.2 Power outage impacts <\/td>\n<\/tr>\n \n 37<\/td>\n 6.4.3 Power quality impacts
6.4.4 Financial impacts <\/td>\n<\/tr>\n\n 38<\/td>\n 6.4.5 Regulatory and legal impacts
6.4.6 Environmental impacts
6.4.7 Goodwill and other \u201csoft\u201d impacts
6.5 DER stakeholders’ resilience responsibilities <\/td>\n<\/tr>\n\n 39<\/td>\n 6.6 Resilience Measures for DER systems to counter threats
6.6.1 General IT cyber security approach for DER systems <\/td>\n<\/tr>\n\n 40<\/td>\n 6.6.2 Resilience by engineering designs and operational strategies
7 Level 1 DER System resilience recommendations
7.1 General
7.2 Level 1 DER system: architecture <\/td>\n<\/tr>\n\n 41<\/td>\n Figure 7 \u2013 Level 1: Autonomous DER systems at smaller customer and utility sites <\/td>\n<\/tr>\n \n 42<\/td>\n 7.3 Level 1 DER system: vulnerabilities
7.3.1 General
7.3.2 Cyber vulnerabilities
7.3.3 Engineering design and development vulnerabilities <\/td>\n<\/tr>\n\n 43<\/td>\n 7.3.4 Deployment and operational vulnerabilities
7.4 Level 1 DER system: impacts <\/td>\n<\/tr>\n\n 45<\/td>\n Table 4 \u2013 Level 1 impact severities due to attacks and failures of autonomous DER systems <\/td>\n<\/tr>\n \n 46<\/td>\n 7.5 Level 1 DER system: resilience recommendations
7.5.1 General
7.5.2 Manufacturer: DER system design for resilience recommendations <\/td>\n<\/tr>\n\n 47<\/td>\n 7.5.3 Integrator and installer: DER setup for meeting resilience recommendations <\/td>\n<\/tr>\n \n 49<\/td>\n 7.5.4 Testing personnel: resilient DER system interconnection testing recommendations <\/td>\n<\/tr>\n \n 50<\/td>\n 7.5.5 DER user: access recommendations
7.5.6 ICT designers: requirements for local DER communications <\/td>\n<\/tr>\n\n 52<\/td>\n 7.5.7 Security managers: alarming, logging, and reporting cyber security recommendations
7.5.8 Maintenance personnel: resilience recommendations for maintenance, updating and re-testing, systems <\/td>\n<\/tr>\n\n 53<\/td>\n 7.5.9 Recommended coping actions during an attack or failure <\/td>\n<\/tr>\n \n 54<\/td>\n 7.5.10 Recommended recovery and analysis actions after an attack or failure
8 Level 2: Facilities DER energy management (FDEMS) resilience recommendations
8.1 Level 2 FDEMS: architecture <\/td>\n<\/tr>\n\n 55<\/td>\n Figure 8 \u2013 Level 2 FDEMS architecture <\/td>\n<\/tr>\n \n 56<\/td>\n 8.2 Level 2 FDEMS: Vulnerabilities
8.3 Level 2 FDEMS: Impacts <\/td>\n<\/tr>\n\n 57<\/td>\n Table 5 \u2013 Level 2 impact severities due to malicious attacks and failures of FDEMS <\/td>\n<\/tr>\n \n 58<\/td>\n 8.4 Level 2 FDEMS: Resilience recommendations
8.4.1 General
8.4.2 Manufacturer: Design of FDEMS resilience recommendations <\/td>\n<\/tr>\n\n 59<\/td>\n 8.4.3 Integrators and installer: FDEMS implementation for meeting resilience recommendations <\/td>\n<\/tr>\n \n 62<\/td>\n 8.4.4 Testing personnel: Resilient FDEMS testing recommendations
8.4.5 FDEMS users: Access recommendations <\/td>\n<\/tr>\n\n 63<\/td>\n 8.4.6 FDEMS ICT designers: Resilience recommendations <\/td>\n<\/tr>\n \n 65<\/td>\n 8.4.7 Security managers: Alarming, logging, and reporting recommendations
8.4.8 Maintenance personnel: Resilience recommendations for maintenance, updating and re-testing, systems <\/td>\n<\/tr>\n\n 66<\/td>\n 8.4.9 Recommended coping actions during an attack or failure <\/td>\n<\/tr>\n \n 67<\/td>\n 8.4.10 Recommended recovery and analysis actions after an attack or failure <\/td>\n<\/tr>\n \n 68<\/td>\n 9 Level 3: Third parties: Retail energy provider or aggregators resilience recommendations
9.1 Level 3: Third parties: ICT architecture <\/td>\n<\/tr>\n\n 69<\/td>\n 9.2 Level 3: Third parties: ICT vulnerabilities
Figure 9 \u2013 DER third parties: Retail energy provider or aggregators architecture <\/td>\n<\/tr>\n\n 70<\/td>\n 9.3 Level 3: Third parties: ICT impacts <\/td>\n<\/tr>\n \n 71<\/td>\n 9.4 Level 3: Third parties ICT: Resilience recommendations
9.4.1 Third party ICT designers: Resilience recommendations
Table 6 \u2013 Level 3 impact severities due to malicious attacks and failures of DER ICT <\/td>\n<\/tr>\n\n 73<\/td>\n 9.4.2 ICT users: Access recommendations <\/td>\n<\/tr>\n \n 74<\/td>\n 10 Level 4: Distribution operations analysis resilience recommendations
10.1 Level 4 DSO analysis: Architecture
Figure 10 \u2013 Distribution operations architecture <\/td>\n<\/tr>\n\n 75<\/td>\n 10.2 Level 4 DSO analysis: Vulnerabilities <\/td>\n<\/tr>\n \n 76<\/td>\n 10.3 Level 4 DSO analysis: Impacts <\/td>\n<\/tr>\n \n 77<\/td>\n Table 7 \u2013 Level 4 impact severities due to malicious attacks and failures of DMS or DERMS <\/td>\n<\/tr>\n \n 78<\/td>\n 10.4 Level 4 DSO analysis: Resilience recommendations
10.4.1 Resilient design of distribution grid equipment with DER systems
10.4.2 Resilience through DSO grid operations with DER systems <\/td>\n<\/tr>\n\n 79<\/td>\n 10.4.3 Resilience through power system analysis <\/td>\n<\/tr>\n \n 80<\/td>\n 10.4.4 Resilience by stakeholder training <\/td>\n<\/tr>\n \n 81<\/td>\n Annexes
Annex A (informative) NISTIR 7628 Smart Grid Catalog of Security Requirements
A.1 NISTIR 7628 families of security requirements
Table A.1 \u2013 NIST Smart Grid Security Requirements Families <\/td>\n<\/tr>\n\n 82<\/td>\n A.2 Detailed NISTIR 7626 Catalogue of Smart Grid Security Requirements
Table A.2 \u2013 Detailed NIST Catalogue of Smart Grid Security Requirements <\/td>\n<\/tr>\n\n 87<\/td>\n Annex B (informative) IT security guidelines
B.1 Overview of cyber security issues for DER systems
B.2 Security guidelines and policies across organizational boundaries <\/td>\n<\/tr>\n\n 89<\/td>\n B.3 User and device authentication <\/td>\n<\/tr>\n \n 91<\/td>\n B.4 Good practices for specifying and implementing cryptography <\/td>\n<\/tr>\n \n 92<\/td>\n B.5 Cryptographic methods <\/td>\n<\/tr>\n \n 93<\/td>\n B.6 Cryptography used for transport layer security on networks <\/td>\n<\/tr>\n \n 94<\/td>\n B.7 Wireless cryptography
B.8 Key management using Public Key Cryptography <\/td>\n<\/tr>\n\n 96<\/td>\n B.9 Multicast and group keys
B.10 Device and platform integrity
B.11 Resilient network configurations <\/td>\n<\/tr>\n\n 97<\/td>\n B.12 Network and system management (NSM)
B.13 Some additional cyber security techniques
B.14 Security testing procedures <\/td>\n<\/tr>\n\n 98<\/td>\n B.15 Security interoperability <\/td>\n<\/tr>\n \n 99<\/td>\n Annex C (informative) Mapping between IEC 62443-3-3, NISTIR 7628, and IEC TR 62351-12
C.1 Mapping table <\/td>\n<\/tr>\n\n 100<\/td>\n Table C.1 \u2013 Mapping between IEC\u00a062443-3-3, NISTIR 7628, and IEC\u00a0TR 62351-12 <\/td>\n<\/tr>\n \n 105<\/td>\n C.2 IEC\u00a0TR 62351-12 cyber security items not mapped to all guidelines <\/td>\n<\/tr>\n \n 106<\/td>\n Table C.2 \u2013 IEC\u00a062351-12 cyber security items not mapped to all guidelines <\/td>\n<\/tr>\n \n 108<\/td>\n Annex D (informative) Glossary of terms <\/td>\n<\/tr>\n \n 109<\/td>\n Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" \n\n
\n Published By<\/td>\n Publication Date<\/td>\n Number of Pages<\/td>\n<\/tr>\n \n BSI<\/b><\/a><\/td>\n 2016<\/td>\n 112<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":255415,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[2641],"product_tag":[],"class_list":{"0":"post-255412","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-bsi","8":"first","9":"instock","10":"sold-individually","11":"shipping-taxable","12":"purchasable","13":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/255412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/255415"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=255412"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=255412"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=255412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}