IEC TC57 WG15 Status Report

INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 - Cybersecurity Status & Roadmap June, 2012

Frances Cleveland

Convenor WG15

Mission and Scope of WG15 on Cybersecurity

. Undertake the development of standards for security of the communication protocols defined by the IEC TC 57 . Specifically the IEC 60870-5 series, the IEC 60870-6 series, the IEC 61850 series, the IEC 61970 series, and the IEC 61968 series. . Undertake the development of standards and/or technical reports on end-to-end security issues.

WG15 Status June 2012 3 WG15 Members

. 71 members . Participants from 20 countries . Argentina . Italy . Canada . Japan . China . Korea . Croatia . Norway . Czechoslovakia . Russia . Denmark . South Africa . Finland . Spain . France . Sweden . Germany . Switzerland . Great Britain . USA . Israel WG15 Status June 2012 4 IEC TC57 Architecture of Information Standards

Distributed Energy Resources (DER )

Electric Vehicle Market System Back Office DER Generator

IEC 61850-90-7, 8, 9, 10 Control Center A

Control Center B

DER Storage EMS DMS Apps. Apps. IEC 61968 IEC 62325

IEC 61970 IEC 61968

Communication Bus

IEC 61850 - 7 420 IEC 61970

IEC 60870-6 SCADA TASE.2/ICCP

IEC 62351 Cybersecurity

101 / 104 - IEC 61850 - 7 410 5 -

SS - CC Substations / Field Devices IEC 61850 60870 IEEE 1815 ( DNP 3 ) IEC 60870 - 5 102

IEC 61850-

Turbine and 90-5 electric systems

Substation RTUs PMUs IEC 61850 Automation Systems

Hydro systems IEC 60870-5-103 IEC 61850

Hydroelectric/ Gas SS-SS

Turbine Power Plants Protection, Control, Metering IEC 61850

GOOSE, SV

IEC 61850

Switchgear, Transformers, Instrumental Transformers WG15 Status June 2012 5 Mapping of TC57 Communication Standards to IEC 62351 Security Standards

IEC TC57 Communication Standards IEC 62351 Security Standards

IEC 62351 Part 1: Introduction

IEC 60870-6: TASE.2 (ICCP) IEC 62351 Part 2: Glossary

IEC 61850 over MMS IEC 62351 Part 3: Profiles including TCP/IP

IEC 61850 GOOSE & SV IEC 62351 Part 4: Profiles including MMS

IEC 60870-5-104 & DNP3

IEC 62351 Part 5: IEC 60870-5 & Derivatives Management IEC 62351 Part 9 : Key Access Control ( RBAC ) IEC 60870-5-101 & Serial DNP3 for Network Management IEC 62351 Part 6: IEC 61850 Profiles IEC 62351 Part 8 : Role - Based IEC 62351 Part 7 Object Models

IEC 62351 Part10: Security Architecture Guidelines for TC57 Systems

WG15 Status June 2012 6 Status of IEC 62351 Parts

IEC 62351 Part Release Date Activities (June 2012) Planned Release IEC/TS 62351-1: Introduction 2007 IEC/TS 62351-2: Glossary 2008 Review Report Amendment by http://std.iec.ch/terms/terms.nsf/ByPub?OpenView&Co pending mid 2013 unt=-1&RestrictToCategory=IEC%2062351-2 IEC/TS 62351-3: Security for profiles 2007 Updated document CDV by June 2012 including TCP/IP being finalized June IS Ed. 2 by June 2012 2013 IEC/TS 62351-4: Security for profiles 2007 including MMS IEC/TS 62351-5: Security for IEC 60870-5 and 2009 DTS as Ed. 2 TS Ed. 2 by Q3 derivatives 2012 IEC/TS 62351-6: Security for IEC 61850 2007 Updates planned but profiles not started IEC/TS 62351-7: Objects for Network 2010 Management IEC/TS 62351-8: Role-Based Access Control 2011 IEC/TS 62351-9: Key Management CD to be submitted June 2012 IEC/TS 62351-10: Security Architecture DTS sent to IEC – TS by Q3 2012 voting date 6-22-12 IEC/TS 62351-11: Security for XML Files NWIP – closing date 7-27-12 WG15 Status June 2012 7 Coordination with Other Security Activities

. IEC TC57 WG15 has a Liaison A with IEC TC65C which will review and standardize the work of the ISA SP99 Security Standards . IEC TC57 WG15 has a Liaison D with the IEEE PES PSCC Security Subcommittee . Pending: . Liaison D with M/490 SGIS . Liaison D with UCAIug . Liaison ?? With ISO JTC 1 / SC 27 “IT Security” . Coordination: . NIST Cyber Security Working Group (CSWG) under NIST’s Smart Grid Interoperability Panel . NERC CIP 002-009 – WG15 has members who are very active with NERC security activities . Cigré D2.22

WG15 Status June 2012 8 TC57 Security (IEC 62351) Roadmap As of June 2012 Completed and Current Updates & New Work On-Going Work Coordination • Parts 1, 2, 3, 4, 5, 6, 7, & 8 • Part 9 Key Management, • IEC TC65C WG10 – finalized as TS Standards CD due June 2012 • ISA SP99 (Ed 1) • Part 10 Security • CIGRE D2.22 • Parts 9, 10, & 11 – in Architecture, TS expected process shortly • NIST CSWG • Parts 3 & 5 being updated • Part 11 Security for XML • M/490 SGIS to Ed 2 Files, just starting • IEC TC13

• ISO/IEC JTC 1 / SC 27 for ISO 27000 series

9 WG15 Status June 2012 Issues

. Intellectual Property issues with certain cryptographic suites . Although we have cybersecurity experts, they are very busy . Cybersecurity is a very dynamic, rapidly changing field which is quite new for the power industry . Need rapid development of new standards and updates to existing standards . Need guidelines for end-to-security . Need both standards and technical reports . Need input from power system domain experts on security requirements

WG15 Status June 2012 10 INTERNATIONAL ELECTROTECHNICAL COMMISSION

Questions? Comments?