WP-010-2019: Security policy for substation automation

Login is required to download this document
  • Version
  • Download 42
  • File Size 485.06 KB
  • File Count 1
  • Create Date October 8, 2018
  • Last Updated November 10, 2020

WP-010-2019: Security policy for substation automation

This document describes the recommended security policies for each of these roles. The policies cover:

  • Substation engineers configuring the equipment in the substation, including setting up the internal security measures
  • Other employees working at substations, but not configuring equipment
  • WAN network administrators configuring the perimeter firewalls
  • Team managers that need to enable the administrators and engineers to do their job securely
  • Security operations analysts responsible for coordinating vulnerability management and incident response
  • Procurement staff for buying new equipment with the right security capabilities

A concrete example policy is given aimed at each group. This policy is linked to the controls in ISO 27002. Guidance is given on implementing the example policy at a particular grid operator. The policies apply both to employees and contractors or service providers in the same role.

Attached Files

Security policy for substation automation.pdf