Security policy for substation automation

This document describes the recommended security policies for each of these roles. The policies cover:

  • Substation engineers configuring the equipment in the substation, including setting up the internal security measures
  • Other employees working at substations, but not configuring equipment
  • WAN network administrators configuring the perimeter firewalls
  • Team managers that need to enable the administrators and engineers to do their job securely
  • Security operations analysts responsible for coordinating vulnerability management and incident response
  • Procurement staff for buying new equipment with the right security capabilities

A concrete example policy is given aimed at each group. This policy is linked to the controls in ISO 27002. Guidance is given on implementing the example policy at a particular grid operator. The policies apply both to employees and contractors or service providers in the same role.

  • Version
  • March 29, 2019 Last Updated
  • 485.06 KB File Size
  • 1 File Count
  • October 8, 2018 Create Date
Login is required to download this document