ISMS Best Practice Guide

The objective of the member project for Information Security Management was to gather and share best practices for implementing and running an Information Security Management System (ISMS), so that ENCS members can adopt and benefit from these best practices. The output of this member project is the ISMS Best Practice Guide from ENCS which covers both ISO/IEC 27001 and ISO/IEC 27019. This zip file contains guides and templates which can help you establish your ISMS and help streamline existing systems. Unzip the files and read the documents within “0. How To Use The Best Practice Guide” to begin.


ISMS Key Findings

The objective of the member project for Information Security Management was to gather and share best practices for implementing and running an Information Security Management System (ISMS), so that ENCS members can adopt and benefit from these best practices. This word document gives the key findings from ENCS member experiences in implementing their ISMS and advice on how to avoid the pitfalls while establishing and maintaining an ISMS.


Member project substation automation - final deliverables

Package of the final deliverables from the member project on substation automation security.


Security roadmap for substation automation

Many grid operators are considering new use cases for substation automation, such as direct IEC 61850 communication between the control center and IEDs, remote configuration of IEDs, and collecting disturbance data directly from IEDs. These use cases do not fit in the security architecture developed in the ENCS member project on substation automation. A key measure in this architecture is that IEDs cannot be accessed directly from central systems. This document describes the new security functions that would be needed in IEDs to allow direct access and keep them secure in future use cases.


Security requirements for procuring HMI software

This document defines procurement requirements for application software for substation HMIs, based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.


Security requirements for procuring IEDs

This document defines procurement requirements for IEDs based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.


Security requirements for procuring substation gateways

This document defines procurement requirements for gateways used in high-voltage substations, based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.


Security market survey for substation automation

This document presents the results of a market survey of the security of substation automation equipment. The market survey was performed as part of the ENCS member project on substation automation security. The market survey has been used to define procurement requirements.


Improving the security of legacy substations

This whitepaper describes a strategy to improve the security of legacy substations to which not all the security measures in the security architecture for substation automation can be applied.


Security risk assessment for substation automation

This document presents a reference architecture and security risk assessment of high voltage substations. The risk assessments to supports the definition of security measures in the security architecture for substation automation. They are used to derive security requirements for gateways, IEDs, and HMI software, and to define a security policy for substation automation.

The risk assessment covers high voltage substations, including both transmission and transformer substations. It applies for both Distribution System Operators (DSOs) and Transmission System Operators (TSOs). The risk assessment aims to cover different generations of substations, from legacy to current and future designs. The risk assessment has been performed using the BowTie method.