SA-301-2019: Security requirements for substation gateways [PUBLIC]

This document defines procurement security requirements for gateways based on IEC 62443. It selects the requirements based on the security architecture and risk assessment from the ENCS member project. Moreover, where needed it further specifies and clarifies these requirements, and provides guidance on how they should be evaluated.

To get more secure equipment in future substations, it is important to set security requirements during procurement. Without good requirements, insecure equipment may be selected.

The IEC 62443 standard forms a good basis for defining security requirements. It includes technical security requirements for both systems (in IEC 6244333) and components (in IEC 6244342 ). These requirements are widely supported by vendors. Some are even beginning to certify against the standard using the IECEE scheme.

But the requirements in IEC 62443 are not yet tweaked to specific components in the electricity grid. IEC 62443 provides a large catalogue from which requirements need to be selected based on a risk assessment. Currently, vendors are selecting themselves which requirements they implement. Consequently, there may be large differences in the security of components from different vendors even when they are IEC 62443 compliant.

Moreover, some requirements in IEC 62443 are very generic, so that they can be interpreted in many ways. To have the same level of security from different components, these requirements may have to be further specified. In some cases, specific implementations need to be specified to allow for interoperability.

ENCS requirements intend to fill the current gaps in the IEC 62443 requirements by being more specific.