Owner of the document requires that the content be not remodified or redistributed.
Share |



Network Security Management for Transmission Systems
Author:
EPRI
Year:
2012
Abstract:

The electric power grid is increasingly dependent on information technology and telecommunication infrastructures., While great benefits will result from this influx of technology, a holistic and granular awareness of all elements of the information infrastructure supporting a control subsystem will be critical to ensure long term reliability and security. The management of this information infrastructure requires connectivity and analytics to support both IT and OT assets in a unified manner.
The objective of this report is to identify where network and system management (NSM) standards/technology are applicable and valuable to the bulk electric transmission system for enhanced wide area situational awareness, security, reliability and system confidence as network intelligence advances. It provides several “Use Cases” that are intended to identify the actors and objectives of a system’s solution set and to generate utility and vendor input on the challenges being tackled, solutions being addressed and effectiveness of the standardized solution work proposed. Given the increasing level of automation and Information and Communication Technologies (ICT) being deployed within the bulk electrical system, it is also necessary to discuss at a high level how new intelligence creates unforeseen challenges to grid operations which would be addressed by an NSM standard. Additionally, the International Electrotechnical Commission (IEC) 62351-7 standard for common information security objects is reviewed with feedback provided for the IEC Technical Committee (TC) 57 Working Group (WG) 15.
Finally, a series of next steps are proposed, with the objective of achieving a comprehensive use case based approach targeting the domain of substation control networks and other high-priority architectures. A key result will be the identification of additional monitoring objects for more advanced awareness of network and power devices, supporting the system’s ability to resolve root-cause issues with minimal human interaction or to provide a complete picture for effective human decision making. Some technologies such as multiservice communications using switched packet methods (i.e. Multiprotocol Label Switching) will require additional details of configuration and service level expectations in order to offer complete monitoring capabilities.

Document Type:
Technical paper
Source:
EPRI