Centralized Security Management for Substation Automation and Protection
Today’s digital substation automation systems (DSAS) operators strive for seamless system integration.To accomplish this,substation information and control mechanisms are based on distributed intelligent electronic devices (IEDs),resulting in a wide range of functions and applications for data acquisition,control,and monitoring,as well as protection and communication.DSAS products and solutions feature scalable quantity structures,while offering a variety of interfaces and efficient operation on all levels,including remote operation of the grid.Consequently, the importance of cybersecurity in substation automation systems has significantly increased in the recent years, and continues to rise. The primary drivers of this trend are increased usage of interconnected automation components in the power grid, requirements of regulatory authorities for protecting the state’s critical infrastructure, and economic interests of the utilities to protect their business from non-technical losses caused by security incidents. To help DSAS operators address these requirements, needs and concerns, vendors of secondary equipment and software applications in substations have implemented security functions in substation controllers, protection relays and other field devices. However, due to the geographical and topological spread of DSAS on the one hand, and due to the emergence of sophisticated cyber-attacks such as state-sponsored advanced persistent threats (APTs) on the other, the management of the overall system security has become a huge challenge for the utilities. Administration of password policies, periodical baseline check for the deployed firmware/software versions, prevention and detection of unauthorized access to DSAS, and detecting changes in deployed device configurations and software configurations, are among the many aspects of the cybersecurity challenge that are causing the utilities to shift their focus from device-level security to end-to-end operational security. This paper offers details on the following DSAS cybersecurity aspects, and on the establishment of a centralized security management system which helps utilities to cope with the cybersecurity challenge: - consequences of the shift in focus towards operational security - implementation examples of security functions in the DSAS context - considerations for establishing a secure substation architecture to offer defense-in-depth - addressing vendor neutrality and interoperability in the area of cybersecurity by adopting standardization
Cyber Security Authentication Secure Communication Secure Substation Architecture Centralized Security Management Operational Security
H-J. HERRMANN C.BISALE
Siemens AG Germany
国际会议
国际大电网会议组织保护与自动化专业委员会年度会议暨学术研讨会
南京
英文
1-6
2015-09-20(万方平台首次上网日期,不代表论文的发表时间)