Security requirements

ENCS develops security requirements documents to help its members and grid operators run secure systems. These documents cover specific smart grid systems, including SCADA / EMS / (A)DMS, substation automation, distribution automation, smart metering and electric vehicle charging. The procurement requirements are publicly available, while the other documents (risk assessments, architecture documents, test plans) are restricted to ENCS members.

Grid operators and vendors can use these security requirements when building new systems or updating existing systems. The requirements are designed to be used with an information security management system and are aligned with the ISO/IEC 27000 standards. ENCS provides eight types of security requirement documents:

Security requirements catalog

A catalog of security requirements for procuring smart grid devices. It gathers all requirements from the different ENCS sets in a structured way.

SCADA / EMS / (A)DMS

The SCADA / EMS / (A)DMS security requirements cover the central systems used at control centers. They contain measures for the SCADA, EMS and (A)DMS applications, servers, workstations, and networks.

Electric vehicle charing

The electric vehicle (EV) charging requirements cover Charge Point Operator systems. They give measures for charging stations and central systems used to maintain and control them. They can be used by municipalities and provinces or others when procuring charging services.

The requirements have been developed together with ElaadNL. They hav been endorsed by E.DSO for smart grids.

The sensors requirements cover the security architecture for sensor systems, particularly those based on IoT technologies.

DER

The distributed energy resources (DER) requirements support grid operators and parties with roles in wind or solar systems in selecting and implementing technical security measures for distributed systems, wind farms, solar parks and their components.

Central Systems

The central systems requirements cover the security measures to protect engineering laptops.