• Version
• Download 30
• File Size 485.06 KB
• File Count 1
• Create Date October 8, 2018
• Last Updated November 10, 2020

WP-010-2019: Security policy for substation automation

This document describes the recommended security policies for each of these roles. The policies cover:

• Substation engineers configuring the equipment in the substation, including setting up the internal security measures
• Other employees working at substations, but not configuring equipment
• WAN network administrators configuring the perimeter firewalls
• Team managers that need to enable the administrators and engineers to do their job securely
• Security operations analysts responsible for coordinating vulnerability management and incident response
• Procurement staff for buying new equipment with the right security capabilities

A concrete example policy is given aimed at each group. This policy is linked to the controls in ISO 27002. Guidance is given on implementing the example policy at a particular grid operator. The policies apply both to employees and contractors or service providers in the same role.

Attached Files