1、 IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems Sponsored by the Power System Relaying Committee and the Substations Committee IEEE 3 Park Avenue New York, NY 10016-5997 USA IEEE Power and Energy Society IEEE Std C37.240-2014 IEEE Std C37.240-2014
2、 IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems Sponsor Power System Relaying Committee and Substations Committee of the IEEE Power and Energy Society Approved 10 December 2014 IEEE-SA Standards Board Abstract: Cybersecurity measures require that
3、a balance be achieved between technical feasibility and economic feasibility and that this balance addresses the risks expected to be present at a substation. Further, cybersecurity measures must be designed and implemented in such a manner that access and operation to legitimate activities is not i
4、mpeded, particularly during times of emergency or restoration activity. This standard presents a balance of the above factors. Keywords: critical infrastructure protection, cybersecurity, electronic access, encryption, IEEE C37.240, remote access, password management, substations The Institute of El
5、ectrical and Electronics Engineers, Inc. 3 Park Avenue, New York, NY 10016-5997, USA Copyright 2015 by The Institute of Electrical and Electronics Engineers, Inc. All rights reserved. Published 30 January 2015. Printed in the United States of America. IEEE is a registered trademark in the U.S. Paten
6、t fitness for a particular purpose; non-infringement; and quality, accuracy, effectiveness, currency, or completeness of material. In addition, IEEE disclaims any and all conditions relating to: results; and workmanlike effort. IEEE standards documents are supplied “AS IS” and “WITH ALL FAULTS.” Use
7、 of an IEEE standard is wholly voluntary. The existence of an IEEE standard does not imply that there are no other ways to produce, test, measure, purchase, market, or provide other goods and services related to the scope of the IEEE standard. Furthermore, the viewpoint expressed at the time a stand
8、ard is approved and issued is subject to change brought about through developments in the state of the art and comments received from users of the standard. In publishing and making its standards available, IEEE is not suggesting or rendering professional or other services for, or on behalf of, any
9、person or entity nor is IEEE undertaking to perform any duty owed by any other person or entity to another. Any person utilizing any IEEE Standards document, should rely upon his or her own independent judgment in the exercise of reasonable care in any given circumstances or, as appropriate, seek th
10、e advice of a competent professional in determining the appropriateness of a given IEEE standard. IN NO EVENT SHALL IEEE BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO: PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF U
11、SE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE PUBLICATION, USE OF, OR RELIANCE UPON ANY STANDARD, EVEN IF ADVISED OF THE POSSIBILITY OF SU
12、CH DAMAGE AND REGARDLESS OF WHETHER SUCH DAMAGE WAS FORESEEABLE. Translations The IEEE consensus development process involves the review of documents in English only. In the event that an IEEE standard is translated, only the English version published by IEEE should be considered the approved IEEE s
13、tandard. Official statements A statement, written or oral, that is not processed in accordance with the IEEE-SA Standards Board Operations Manual shall not be considered or inferred to be the official position of IEEE or any of its committees and shall not be considered to be, or be relied upon as,
14、a formal position of IEEE. At lectures, symposia, seminars, or educational courses, an individual presenting information on IEEE standards shall make it clear that his or her views should be considered the personal views of that individual rather than the formal position of IEEE. Comments on standar
15、ds Comments for revision of IEEE Standards documents are welcome from any interested party, regardless of membership affiliation with IEEE. However, IEEE does not provide consulting information or advice pertaining to IEEE Standards documents. Suggestions for changes in documents should be in the fo
16、rm of a proposed change of text, together with appropriate supporting comments. Since IEEE standards represent a consensus of concerned interests, it is important that any responses to comments and questions also receive the concurrence of a balance of interests. For this reason, IEEE and the member
17、s of its societies and Standards Coordinating Committees are not able to provide an instant response to comments or questions except in those cases where the matter has previously been addressed. For the same reason, IEEE does not respond to interpretation requests. Any person who would like to part
18、icipate in revisions to an IEEE standard is welcome to join the relevant IEEE working group. Comments on standards should be submitted to the following address: Secretary, IEEE-SA Standards Board 445 Hoes Lane Piscataway, NJ 08854 USA Laws and regulations Users of IEEE Standards documents should con
19、sult all applicable laws and regulations. Compliance with the provisions of any IEEE Standards document does not imply compliance to any applicable regulatory requirements. Implementers of the standard are responsible for observing or referring to the applicable regulatory requirements. IEEE does no
20、t, by the publication of its standards, intend to urge action that is not in compliance with applicable laws, and these documents may not be construed as doing so. Copyrights IEEE draft and approved standards are copyrighted by IEEE under U.S. and international copyright laws. They are made availabl
21、e by IEEE and are adopted for a wide variety of both public and private uses. These include both use, by reference, in laws and regulations, and use in private self-regulation, standardization, and the promotion of engineering practices and methods. By making these documents available for use and ad
22、option by public authorities and private users, IEEE does not waive any rights in copyright to the documents. Photocopies Subject to payment of the appropriate fee, IEEE will grant users a limited, non-exclusive license to photocopy portions of any individual standard for company or organizational i
23、nternal use or individual, non-commercial use only. To arrange for payment of licensing fees, please contact Copyright Clearance Center, Customer Service, 222 Rosewood Drive, Danvers, MA 01923 USA; +1 978 750 8400. Permission to photocopy portions of any individual standard for educational classroom
24、 use can also be obtained through the Copyright Clearance Center. Updating of IEEE Standards documents Users of IEEE Standards documents should be aware that these documents may be superseded at any time by the issuance of new editions or may be amended from time to time through the issuance of amen
25、dments, corrigenda, or errata. An official IEEE document at any point in time consists of the current edition of the document together with any amendments, corrigenda, or errata then in effect. Every IEEE standard is subjected to review at least every ten years. When a document is more than ten year
26、s old and has not undergone a revision process, it is reasonable to conclude that its contents, although still of some value, do not wholly reflect the present state of the art. Users are cautioned to check to determine that they have the latest edition of any IEEE standard. In order to determine wh
27、ether a given document is the current edition and whether it has been amended through the issuance of amendments, corrigenda, or errata, visit the IEEE-SA Website at http:/ieeexplore.ieee.org/xpl/standards.jsp or contact IEEE at the address listed previously. For more information about the IEEE SA o
28、r IEEEs standards development process, visit the IEEE-SA Website at http:/standards.ieee.org. Errata Errata, if any, for all IEEE standards can be accessed on the IEEE-SA Website at the following URL: http:/standards.ieee.org/findstds/errata/index.html. Users are encouraged to check this URL for err
29、ata periodically. Patents Attention is called to the possibility that implementation of this standard may require use of subject matter covered by patent rights. By publication of this standard, no position is taken by the IEEE with respect to the existence or validity of any patent rights in connec
30、tion therewith. If a patent holder or patent applicant has filed a statement of assurance via an Accepted Letter of Assurance, then the statement is listed on the IEEE-SA Website at http:/standards.ieee.org/about/sasb/patcom/patents.html. Letters of Assurance may indicate whether the Submitter is wi
31、lling or unwilling to grant licenses under patent rights without compensation or under reasonable rates, with reasonable terms and conditions that are demonstrably free of any unfair discrimination to applicants desiring to obtain such licenses. Essential Patent Claims may exist for which a Letter o
32、f Assurance has not been received. The IEEE is not responsible for identifying Essential Patent Claims for which a license may be required, for conducting inquiries into the legal validity or scope of Patents Claims, or determining whether any licensing terms or conditions provided in connection wit
33、h submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory. Users of this standard are expressly advised that determination of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsibility.
34、 Further information may be obtained from the IEEE Standards Association. Copyright 2015 IEEE. All rights reserved. viParticipants At the time this IEEE standard was completed, the Substations Committee H13 and C10 Working Group had the following membership: Sam Sciacca, Power System Relaying Commit
35、tee H13 Working Group Chair Tim Tibbals, Substations Committee C10 Working Group Chair Ed Cenzon Cathrine Dalton Michael Dood Ronald Farquharson Michael Fauchon John Galanos Didier Giarratano Bob Haberman Randy Hamilton Richard Harada Chris Huntley Anthony Johnson Steven Kunsman Marc LaCroix Theo La
36、ughner Richard Liposchak Craig Preuss Neil Saia Sam Sciacca Stephen Thompson Tim Tibbals Alex Wang Solveig Ward Murty Yalla The following members of the individual balloting committee voted on this standard. Balloters may have voted for approval, disapproval, or abstention. William Ackerman Satish A
37、ggarwal Ali Al Awazi Steven Alexanderson Jay Anderson John Banting David Bassett Philip Beaumont Robert Beresh Oscar Bolado James Bougie Sheila Brown Gustavo Brunello William Byrd Paul Cardinal Suresh Channarasappa Robert Christman Stephen Conrad James Cornelison Luis Coronado Randall Crellin Ratan
38、Das Kevin Donahoe Gary Donner Michael Dood Douglas Dorr Randall Dotson Ernest Duckworth Dan Dwyer Kenneth Fodero Fredric Friend Adam Gauci Frank Gerleve Jeffrey Gilbert Mietek Glinkowski Jalal Gohari Roman Graf Randall Groves David Harris Roger Hedding Hamidreza Heidarisafa Werner Hoelzl Jerry Hohn
39、David Horvath Chris Huntley David Ingram Ronald Jarrett Brian Johnson Lars Juhlin Innocent Kamwa Piotr Karocki Bogdan Kasztenny Yuri Khersonsky James Kinney Hermann Koch Joseph L. Koepfinger Jim Kulchisky Saumen Kundu Steven Kunsman George Kyle Chung-Yiu Lam Raluca Lascu Theo Laughner Otto Lynch Bru
40、ce Mackie Pierre Martin David Mazur John McDonald Sujeet Mishra Jeffery Mizener Jose Morales Adi Mulawarman Jerry Murphy R. Murphy Bruce Muschlitz Michael Newman Charles Ngethe Joe Nims Gary Nissen Lorraine Padden Bansi Patel Ulrich Pohl Bogdan Popescu Craig Preuss John Randolph Michael Roberts Char
41、les Rogers Thomas Rozek Bartien Sayogo Thomas Schossig Sam Sciacca Douglas Seely Devki Sharma Mark Simon David Singleton Veselin Skendzic Jerry Smith John Spare Scott Sternfeld Tyler Stinson Gary Stoedter William Taylor John Tengdin David Tepen Eric Thibodeau Vincent Tume Demetrios Tziouvaras Joe Uc
42、hiyama Dmitri Varsanofiev John Vergis Jane Verner Ilia Voloh John Wang Solveig Ward Kenneth White Philip Winston Richard Young Shuhui Zhang Daidi Zhong When the IEEE-SA Standards Board approved this standard on 10 December 2014, it had the following membership: John Kulick, Chair Jon Walter Rosdahl,
43、 Vice Chair Richard H. Hulett, Past Chair Konstantinos Karachalios, Secretary Peter Balma Farooq Bari Ted Burse Clint Chaplin Stephen Dukes Jean-Philippe Faure Gary Hoffman Michael Janezic Jeffrey Katz Joseph L. Koepfinger* David J. Law Hung Ling Oleg Logvinov T. W. Olsen Glenn Parsons Ron Petersen
44、Adrian Stephens Peter Sutherland Yatin Trivedi Phil Winston Don Wright Yu Yuan *Member Emeritus Also included are the following nonvoting IEEE-SA Standards Board liaisons: Richard DeBlasio, DOE Representative Michael Janezic, NIST Representative Patrick Gibbons IEEE-SA Content Production and Managem
45、ent Erin Spiewak IEEE-SA Technical Program Operations Copyright 2015 IEEE. All rights reserved. vii Introduction This introduction is not part of IEEE Std C37.240-2014, IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems. This document provides technic
46、al requirements for substation cybersecurity. It presents sound engineering practices that can be applied to achieve high levels of cybersecurity of automation, protection, and control systems independent of voltage level or criticality of cyber assets. Cybersecurity includes trust and assurance of
47、data in motion, data at rest, and incident response. Copyright 2015 IEEE. All rights reserved. viii Contents 1. Overview 1 1.1 Scope . 1 1.2 Reason . 1 2. Normative references 2 3. Acronyms and abbreviations 3 4. Use of this standard 4 5. Description of cybersecurity . 4 5.1 Problem statements from
48、utilities and operational challenges . 4 5.2 Components of interest 5 5.3 High-level security goals . 6 6. Cybersecurity requirements 7 6.1 High level requirements and priorities for interface categories . 7 6.2 System communications components 9 6.3 Functional Requirements 12 6.4 User authenticatio
49、n and authorization 14 6.5 Data-in-motion protection 21 6.6 Configuration management 21 6.7 Security event auditing and analysis/incident response 22 6.8 Security testing .24 Copyright 2015 IEEE. All rights reserved. ix IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems IMPORTANT NOTICE: IEEE Standards documents are not intended to ensure safety, security, health, or environmental protection, or ensure against interference with or from other devices or networks. Implementers of IEEE Standards documents are responsible for det
