DA-301-2019: Security requirements for procuring DA RTUs [PUBLIC]

This document gives security requirements for procuring RTUs (remote terminal units) for use in distribution automation systems, including:

  • medium to low voltage transformer substations;
  • medium voltage transport substations;
  • automatic circuit recloser controllers applied to overhead distribution lines.

Grid operators are increasingly automating their medium voltage (MV) substations and lines with DAU. They use distribution automation (DA) systems to get power measurements to reliably integrate renewables and electric vehicles, and to remotely control the grid to recover from power outages more quickly.

The automation increases the possible impact of cyber-attacks. Many grid operators already have thousands of substations and lines automated. If attackers succeed in switching off power in a large part of those, it can take a lot of time to recover.

The requirements concern the interfaces to the distribution automation system and the users on these interfaces. The measures are aligned with ISO/IEC 27001:2013. They are designed to fit as much as possible into the processes and procedures already in place in the organizations, and to find the needed balance between the assured security level, feasibility by vendors and the operational impact.

This harmonized set of requirements allows grid operators to get secure automation equipment more cost-effectively, saving their time and effort in developing requirements, as they are already freely available. It has been ensured that the requirements are feasible, as they have been tested in a market survey as well as in previous tenders by other operators. Lastly, these requirements save on implementation costs, as vendors get a common baseline to aim at, and only need to implement the security requirements once and then implement updates in their product roadmap.

The security requirements for procuring RTUs are meant for new devices, not for legacy systems, although grid operators may analyze which systems can be upgraded, updated or patched, once more, without disrupting the processes and procedures already in place.

ENCS members can review the newest version of these requirements here.