Both IEEE and the National Electric Reliability Council NERC) are addressing standards for cyber security. For IEEE, a new standard under development is “Trial Use Standard for Cyber Security of Serial SCADA Links and IED Remote Access.” For NERC, the Board of Trustees recently adopted eight new cyber security standards that address asset identification, security management controls, personnel and training, perimeter security, systems security, incident reporting and response planning, and recovery plans.
According to Tobias Whitney, Practice Leader of Critical Infrastructure Protection, Burns & McDonnell, electronic sabotage, or cyber attack, can cause significant damage to electric power T&D, generation, and communications systems. He says, “Cyber attacks can damage substation and generator control equipment, and possibly cause widespread cascading outages that would adversely impact manufacturing production and vital services. Interoperable systems, especially systems using off-the-shelf software, such as Windows-based systems, are particularly vulnerable.”
Responding to industry interest in learning how to best avoid these electronic terrorist threats, the IEEE T&D Conference includes two sessions on cyber security: Super Session 4: Cyber Security of T&D Assets – How Vulnerable is Your System? and Tutorial: Security of Cyber Control Systems.
The Super Session 4 panel will present the scale of the problem, some case study examples, and the main measures and practices that the electric industry must consider and implement to reduce the risks. It will be chaired by Juan Torres, Sandia National Laboratories. Other panelists are: Hank Kenchington, National SCADA Test Bed, U.S. Dept. of Energy; Lynn Constantini, North American Electric Reliability Council; and Jason Stamp, Sandia National Laboratories.
The tutorial: Security of Cyber Control Systems, chaired by J. Weiss, KEMA, will familiarize participants with the need to strengthen the protection of the control systems now used against cyber threats. Addresseing SCADA systems, IEDs, and substation automation systems, the tutorial will identify major threats, outline practical suggestions to enhance security, and discuss actual case histories of control system impacts.
Super Session 4: Cyber Security of T&D Assets – How Vulnerable is Your System? Wednesday, May 24, 9:00 am – 12:00 pm. Tutorial: Security of Cyber Control Systems. Sunday, May 21, 1:00 pm – 5:00 pm.
