WP-038-2021: Optional security requirements for RTUs and gateways
Since 2015, ENCS is providing to its members security requirements for procuring remote terminal units (RTUs) and gateways used in substation and distribution automation. The latest version of these requirements is SA/DA-301-2021: Security requirements for procuring RTUs and gateways. This document provides a baseline of security measures that most RTU and gateway vendors have implemented and that mitigate the risk that most grid operators have in their substation and distribution automation systems.
Some grid operators may want to have additional security features, not supported by the majority of vendors. They may want to mitigate additional risks specific to their situation. Or they may want to ensure that the RTUs and gateways are interoperable with their existing central systems.
This whitepaper contains three sets of optional security requirements that grid operators can use to procure RTUs or gateways with the following additional security features:
- Additional protection against physical attacks
- Support for centralized access control profiles to allow integration with specific access control technologies
- Support for automated key management
Grid operators can use these requirements to complement the baseline requirements in SA/DA-301-2021: Security requirements for procuring RTUs and gateways. It is expected that the requirements will be integrated in future version of the baseline when more vendors support them.
DA-201-2016: ENCS DA Reference Architecture
Reference architecture supporting the distribution automation requirements
DA-101-2016: ENCS DA Threat Assessment
Threat assessment supporting the distribution automation requirements
SA-302-2016: Protection Relay Security Requirements
security requirements for procuring protection relays
SA-301-2016: SA RTU Security Requirements
This catalog describes security requirements for procuring of secure distribution automation Remote Terminal Units (RTUs). The RTUs are a critical part in distribution automation systems because they act as access points in the substation and control the grid equipment.
The catalog describes: devices security, security requirements for end-to-end secured communication between the RTU and the central systems, and for processes the vendor should implement to keep the RTU secure during its lifecycle.
The requirements have been developed by ENCS in the member project on distribution automation security.
EV-301-2016: EV Charging Systems Security Requirements
This catalog describes security requirements for Electric Vehicle charging systems. Two sets of requirements are included:
First, a set of requirement for the procurement of Charge Point. This set includes requirements to make sure the Charge Point itself is secure, that it has all functionality needed to set up secure operational processes, that its Vendor takes measures to ensure its security throughout its lifecycle, and that measures are taken to assure that security measures have been implemented well.
Second, a set of requirements for secure communications between the Charge Point Operator (CPO) and Distribution System Operator (DSO). These requirements can be used as part of the security requirements when new server systems are procured or set up.
The definition of the requirements is based on the results of a Threat Assessment, which identified the threats and possible attacks related to EV charging systems. Each requirement is justified by one or more possible threats identified.
These requirements have been developed by the European Network for Cyber Security (ENCS) for ElaadNL. ElaadNL intends to use and promote the requirements as the basis for future development.
DA-301-2016: Distribution Automation RTU Security Requirements
This catalog describes security requirements for procuring secure distribution automation Remote Terminal Units (RTUs). The RTUs are a critical part in distribution automation systems because they act as access points in the substation and control the grid equipment.
The catalog describes: devices security, security requirements for end-to-end secured communication between the RTU and the central systems, and for processes the vendor should implement to keep the RTU secure during its lifecycle.
The requirements have been developed by ENCS in the member project on distribution automation security.