Title :
Information Security for Electric Power Utilities (EPUs)—CIGRÉ Developments on Frameworks, Risk Assessment, and Technology
Author :
Ericsson, Göran N.
Author_Institution :
Svenska Kraftnat (Swedish Nat. Grid), Vallingby
fDate :
7/1/2009 12:00:00 AM
Abstract :
This paper deals with the important issue of proper treatment of information security for electric power utilities. It is based on the efforts of CIGRE Working Group (WG) D2.22 on ldquoTreatment of Information Security for Electric Power Utilities (EPUs)rdquo carried out between 2006 and 2008/2009. The WG produces a Technical Brochure (TB), where the purpose is to emphasize three main issues: security frameworks, risk assessment, and security technology. Here, guidance is given on different security frameworks based on an information security domain model. Also, baseline controls are treated. For risk assessment, a survey has been carried out. Only few commonalities, but several differences, have been found. Here, a methodology must be developed together with practical recommendations. For security technologies, guidance is given for deployment of different solutions, based on a logical diagram using different controls. Last, proposal on further work is given.
Keywords :
electricity supply industry; power engineering computing; power system control; power system security; risk management; CIGRE Working Group; cyber security; electric power utilities; information security domain model; logical diagram; power system control; risk assessment; Communication systems; ISO/IEC standard; IT security; SCADA; control systems; cyber security; information security; power system communications; power system control; power systems; risk assessment; security framework; security technology; substation automation;
Journal_Title :
Power Delivery, IEEE Transactions on
DOI :
10.1109/TPWRD.2008.2008470
