nach oben

e+i Elektrotechnik und Informationstechnik

Erschienen in:

27.01.2017 | Originalarbeiten

Smart grid security – an overview of standards and guidelines

verfasst von: Karl Christoph Ruland, Jochen Sassmannshausen, Karl Waedt, Natasa Zivic

Erschienen in: e+i Elektrotechnik und Informationstechnik | Ausgabe 1/2017

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

This paper gives a short overview about important guidelines and standards that set the focus on security in Smart Grids and industrial automation. The standards are described and compared regarding their scope of application within the Smart Grid and the focus of the standards. Beside the description of standards, some guidelines of major importance to the development of Smart Grids are described.

Vorheriger Artikel European provisions for cyber security in the smart grid – an overview of the NIS-directive

Nächster Artikel Tool support for data protection impact assessment in the smart grid

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

IEC 62351-1: Power systems management and associated information exchange – Data and communications security – Part 1: Communication network and system security – introduction to security issues.

IEC 62351-2: Power systems management and associated information exchange – Data and communications security – Part 2: Glossary of terms.

IEC 62351-3: Power systems management and associated information exchange – Data and communications security – Part 3: Profiles including TCP/IP.

IEC 62351-4: Power systems management and associated information exchange – Data and communications security – Part 4: Profiles including MMS.

Ruland, C., Sassmannshausen, J. (2015): Non-repudiation services for the MMS protocol of IEC 61850, security standardisation research. In L. Chen, S. Matsuo (Eds.) LNCS (Vol. 9497, pp. 70–85). Switzerland: Springer.

Ruland, C., Kang, N., Sassmannshausen, J. (2016): Rejuvenation of the IEC 61850 protocol stack for MMS. In IEEE international conference on smart grid communications (IEEE SmartGridComm 2016). Sydney, Australia, Nov 06–09.

IEC 62351-5: Power systems management and associated information exchange – Data and communications security – Part 5: Security for IEC 60870-5 and derivatives.

IEC 62351-6: Power systems management and associated information exchange – Part 6: Security for IEC 61850 profiles.

IEC 62351-8: Power systems management and associated information exchange – Data and communications security – Part 8. Role-based access control.

10.

IEC 62351-10: Power systems management and associated information exchange – Data and communications security – Part 10: Security architecture guidelines.

11.

IEC 62351-11: Power systems management and associated information exchange – Data and communications security – Part 11: Security for XML documents.

12.

IEC 62443-1-1: Industrial communication networks – Network and system security – Part 1-1: Terminology concepts and models.

13.

IEC 62443-2-1: Industrial communication networks – Network and system security – Part 2-1: Establishing an industrial automation and control system security program.

14.

IEC 62443-2-4: Security for industrial automation and control systems – Part 2-4: Security program requirements for IACS service providers.

15.

IEC 62443-3-3: Industrial communication networks – Network and system security – Part 3-3: System security requirements and security levels.

16.

IEC 62443-4-2: Security for industrial automation and control systems – Part 4-2: Technical security requirements for IACS components.

17.

ISO/IEC 27001:2013 Information technology – Security techniques – Information security management systems – Requirements.

18.

ISO/IEC 27002:2013 Information technology – Security techniques – Code of practice for information security controls.

19.

BDEW Bundesverband der Energie- und Wasserwirtschaft e.V.: White Paper – Requirements for secure control and telecommunication systems, March 2015. Available at https://www.bdew.de/internet.nsf/id/it-sicherheitsempfehlunge.

20.

ISO/IEC TR 27019:2013 Information technology – Security techniques – Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry.

21.

IEC/TR 62541-2:2010 OPC unified architecture – security model.

22.

ISO/IEC 27009:2016 Information technology – Security techniques – Sector-specific application of ISO/IEC 27001 – Requirements.

23.

NIST special publication 1108r3: NIST framework and roadmap for smart grid interoperability standards, Release 3.0, 2014.

24.

ISO/IEC 27036-1:2014 Information technology – Security techniques – Information security for supplier relationships – Overview and concepts.

25.

ISO/IEC 27036-2:2014 Information technology – Security techniques – Information security for supplier relationships – Requirements.

26.

ISO/IEC 27036-4:2016 Information technology – Security techniques – Information security for supplier relationships – Guidelines for security of cloud services.

27.

ISO/IEC 27034-2:2015 Information technology – Security techniques – Application security – Organization normative framework.

28.

ISO 55000-2:2014 Asset management – Management systems – Requirements.

29.

ISO/IEC 19770-1:2012 Information technology – Software asset management – Processes and tiered assessment of conformance.

30.

Waedt K., Ding Y., Gao Y., Xie X.: I&C modeling for cybersecurity analyses, 1st TÜV Rheinland China Symposium, Functional safety in nuclear and industrial applications, Shanghai, October 2015.

31.

IEC 62714-1:2014, Engineering data exchange format for use in industrial automation systems engineering – Automation markup language architecture and general requirements.

32.

HMG IA Standard No. 1:2009, technical risk assessment, issue No. 3.51.

33.

Bajramovic E., Waedt K., Gao Y., Parekh M.: Cybersecurity aspects in the I&C design of NPPs, INPPS, Istanbul, March 2016.

34.

Waedt K., Xie X., Gao Y., Ding Y.: Chipset level cybersecurity issues, 8th international workshop on application of FPGAs in NPPs, Shanghai, October 2015.

35.

The smart grid interoperability panel – cyber security working group – NISTIR 7628 guidelines for smart grid cyber security – August 2010. Available at http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf.

36.

CEN-CENELEC-ETSI: Smart grid coordination group. Smart grid information security. Report, November 2012. Available at http://ec.europa.eu/energy/sites/ener/files/documents/xpert_group1_security.pdf.

37.

North American electric reliability corporation: cyber security – BES cyber system categorization (CIP 002-5.1). Available at http://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx.

38.

Parker, Steven: Introduction to NERC CIP version 5. The power magazine. Available at http://www.powermag.com/introduction-to-nerc-cip-version-5/.

Titel: Smart grid security – an overview of standards and guidelines
verfasst von: Karl Christoph Ruland
Jochen Sassmannshausen
Karl Waedt
Natasa Zivic
Publikationsdatum: 27.01.2017
Verlag: Springer Vienna
Erschienen in: e+i Elektrotechnik und Informationstechnik / Ausgabe 1/2017
Print ISSN: 0932-383X
Elektronische ISSN: 1613-7620
DOI: https://doi.org/10.1007/s00502-017-0472-8

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Internationaler Motorenkongress/© [M] ATZlive | Chisnikov / Fotolia.com, Search Icon, Banner Hanser, Benedikt Bonnmann von Adesso/© Adesso, Teilzeit/© Fokussiert / stock.adobe.com, Hans-Joachim Lefeld/© Lucht Probst Associates GmbH, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade, chassis.tech plus 2023/© [M] ATZlive / TÜV SÜD PRODUCT SERVICE GMBH

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2017

Erratum zu: Schutz in Netzen mit leistungselektronischer Einspeisung – Betrachtungen zu Einflussgrößen auf die Distanzmessung von Distanzschutzgeräten

Kärntens Mobilitätsvision 2035

Die Bedeutung der elektrischen Energieversorgung für die Mobilität heute und morgen

Cyber Security für kritische Infrastrukturen

Energie und Mobilität – Bestandsaufnahme und Entwicklungen

European provisions for cyber security in the smart grid – an overview of the NIS-directive

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.