SA-201-2019: Security architecture for substation automation

Login is required to download this document
  • Version
  • Download 27
  • File Size 678.21 KB
  • File Count 1
  • Create Date October 5, 2018
  • Last Updated December 8, 2019

SA-201-2019: Security architecture for substation automation

This document proposes a security architecture for modern high voltage substations. The architecture has three layers of security defined based on the criticality of the assets:

  1. The first layer secure the substation perimeter to protect the monitoring and control capabilities. It ensures that only the control center can get measurements and switch equipment.
  2. The second layer secures the protection functions and interlockings within the substation from remote attacks. These functions most critical, as disabling them can lead to physical damage and safety risks.
  3. The third layer is protecting the engineering laptops against malware, so that attackers cannot use them to get into the substation.

These layers are designed to be strong enough to withstand professional attackers with high motivation and resources. They should provide protection against attacks such as those in Ukraine.

Attached Files

File
Security architecture for substation automation.pdf