DA-201-2019: Security architecture for distribution automation systems

This document provides a recommended security architecture for DA systems. The architecture can act as a blueprint for system integrators and the departments maintaining the system. Measures are chosen for the entire system, as this is usually more effective than choosing measures per component. It should be used as a reference by grid operators who are seeking to implement the RTU procurement requirements as suggested by ENCS. The architecture is intended to be used together with an information security management system (ISMS) based on ISO/IEC 27001:2013 or similar. Each subsection gives the relevant technical security measures to meet an objective in the ISO/IEC 27001 Annex A.

The distribution automation security architecture covers the central maintenance systems and field devices placed in the medium voltage grids, including in:

  • Medium to low voltage transformer substations
  • Medium voltage transport substations
  • Automatic circuit recloser controllers applied to overhead distribution lines

The architecture includes the interfaces of the DA system and the users on these interfaces. The architecture does not include the internal working on the infrastructure and makes no assumptions on it. The supervisory control and data acquisition (SCADA) system is out of scope. It is considered as an external system accessing the distribution automation system.

  • Version
  • December 23, 2019 Last Updated
  • 590.68 KB File Size
  • 1 File Count
  • October 16, 2019 Create Date
Login is required to download this document