This document gives security requirements that grid operators can use directly in their procurement documents for new Intelligent Electronic Devices (IEDs), used, for example, in substation automation systems.
Substations are being more and more automated. Not only are they remotely monitored and controlled through a SCADA system, but local protection functions are also being implemented in software.
The automation means that cyber-attacks can have a large impact. Through remote switching, it is possible to create blackouts. Attacks that can disable the software protection functions can lead to permanent damage to transformers, lines, and busbars; and endanger the safety of engineers.
To counter such threats, grid operators are improving the cyber-security of their substations. To help procure secure IEDs for new substation automation systems, this document provides a harmonized set of security requirements that can be used directly in their procurement documents.