🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PD IEC TR 62351-90-3:2021

BSI PD IEC TR 62351-90-3:2021

$142.49

Power systems management and associated information exchange. Data and communications security – Guidelines for network and system management

Published By Publication Date Number of Pages
BSI 2021 26
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Category:

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This part of IEC 62351, which is a technical report, provides guidelines for efficiently handling both IT and OT data in terms of their monitoring, classification and correlations on them to deduce any possible useful outcomes about the state of the power system.

The convergence of information technologies (IT) and operational technologies (OT) refers to the integration of the systems, processes and data associated with the domains of IT and OT. This document provides guidelines for a comprehensive security monitoring for power grid components based on IT/OT convergent systems. The emphasis is about the development of a methodology and a set of recommendations for utility operators to build a general monitoring framework based on the analysis of the data collected from different IT and OT systems through network management, traffic inspection, and system activity readings. As such, the monitoring framework that this document introduces relies on the integration of management and logging information obtained using IEC 62351-7 and IEC 62351-14, respectively. Further systems and data sources from IT and OT would be considered such as the data obtained, for instance, through the IT network management using the Simple Network Management Protocol (SNMP), the passive network monitoring, and the functional characterization of control and automation processes.

This document’s recommendations include the implementation of data collection, filtering and correlation mechanisms. The development of data analytics algorithms is out of the scope of this document and would be left to utility operators and owners. Finally, applications of the general monitoring framework guidelines and recommendations are provided for different power grid environments, namely for IEC 61850 substations and for Distributed Energy Resources (DER) systems.

PDF Catalog

PDF Pages PDF Title
2 undefined
4 CONTENTS
5 FOREWORD
7 1 Scope
2 Normative references
8 3 Terms and definitions
4 Abbreviated terms and acronyms
9 5 Information collection, filtering and processing
5.1 IT/OT elements
10 5.2 Network and system monitoring tools
5.2.1 SNMP monitoring agents
5.2.2 IDS/IPS probes
11 5.2.3 Network and system management central platforms
Figure 1 – NSM/Cybersecurity overall architecture
12 5.3 Log management tools
5.3.1 Log collection architecture
13 5.3.2 Log agents
Figure 2 – A logging infrastructure
14 5.3.3 Log normalization
5.3.4 Security Information and Event Management (SIEM)
5.4 Other relevant data sources
15 6 Information correlation and presentation
6.1 Information selection and collection profiles
6.1.1 General
6.1.2 NSM and 62351-7
18 6.1.3 NSM and 61850-specific monitoring
6.1.4 NSM with other SNMP objects
19 6.1.5 Logs
20 6.2 Events, incidents and correlations
6.3 Security metrics (KPI)
21 6.4 Risk Management platforms
7 Monitoring use cases
7.1 General
7.2 Substation
22 7.3 DER systems
7.4 Large Hydro
7.5 Generation
8 Monitoring profiles for attack scenarios
8.1 General
8.2 Scenario: Malicious IED program change
23 8.3 Scenario: Unexpected 61850 Configuration
8.4 Scenario: Information gathering malware
24 Bibliography

Related products

BSI PD IEC TR 62351-90-3:2021
$142.49