This document gives technical security requirements for substation automation systems. Grid operators can use the requirements when procuring a new substation automation system from a system integrator, or internally when designing and implementing a substation automation system. The requirements are based on the IEC 62443-3-3 standard.
Substations are being more and more automated. Not only are they remotely monitored and controlled through a SCADA system. But local protection functions are also being implemented in software.
The automation means that cyber-attacks can have a large impact. Through remote switching, it is possible to create blackouts. Attacks that can disable the software protection functions can lead to permanent damage to transformers, lines, and busbars, and endanger the safety of engineers.
This document provides a recommended set of security requirements at system level that allows the major security risks to be mitigated with current technology. It provides guidance on what technical measures to take to secure substation automation systems.
The requirements are based on the IEC 62443 standard. They have been selected from part IEC 62443-3-3: System security requirements and security. This standard is widely supported by manufacturers and grid operators, allowing the requirements to be more easily implemented.
The requirements have been designed to allow certification based on the new certification schemes being developed for IEC 62443. Together with the threat analysis for substation automation systems they form a profile for IEC 62443.