Cybersecurity Subcommittee (S0)

S1 WG: IEEE Std 1686 Standard for Intelligent Electronic Devices Cyber Security Capabilities
Chair: Marc Lacroix    Vice-Chair: Eric Thibodeau
Scope: The standard defines the functions and features to be provided in intelligent electronic devices (IEDs) to accommodate cybersecurity programs. The standard addresses security regarding the access, operation, configuration, firmware revision and data retrieval from an IED. Confidentiality, integrity and availability of external interfaces of the IED is also addressed.
Status: Approved to go to Ballot.

Status: Active

S2 : IEEE Std 1711.1 Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links: Substation Serial Protection Protocol (SSPP)
Chair: Ed Cenzon Vice-Chair: Mike Dood
Scope: This standard defines a cryptographic protocol to provide integrity, and optional confidentiality, for cybersecurity of Electrical Power System (EPS) serial links. It does not address specific applications or hardware implementations, and is independent of the underlying communications protocol.

Status: Active

S3 WG: IEEE Std 2030.102.1-2020 – IEEE Standard for Interoperability of Internet Protocol Security (IPsec) Utilized within Utility Control Systems
Chair: Jim Bougie Vice-Chair: Marc Lacroix / James Formea
Scope: Specific configuration requirements within the relevant Internet Engineering Task Force (IETF) Request for Comments (RFC) for implementation of the Internet Protocol Security (IPsec) protocol suite within a utility control system are identified in this standard. It is not intended to be a comprehensive guide to implementing IPsec. Promoting interoperability between products developed by different vendors is the primary goal in developing this standard. Configuration parameters needed to support the establishment and sustained operation of an IPsec Virtual Private Network (VPN) tunnel between two devices which have implemented IPsec conforming to this standard are the focus of this standard. Minimizing configuration errors involving IPsec implementations within utility control systems is a secondary goal of this standard. Product agnosticism and applicability to any device (e.g., router, substation gateway, intelligent electronic device, etc.) is the intent of this standard, within the utility control system as the end user deems necessary for their unique system architecture.

Status: Inactive

S4 : IEEE Std 1711.2-2019 – IEEE Standard for Secure SCADA Communications Protocol (SSCP) 
Chair: Scott Mix Vice-Chair: Mark Hadley / James Formea
Scope: A cryptographic protocol to provide integrity with optional confidentiality for cyber security of substation serial links is defined in this standard. It does not address specific applications or hardware implementations and is independent of the underlying communications protocol.The elevated concern of cyber security throughout the power industry has created a need to protect communications to and from substations. This standard defines a cryptographic protocol known as Secure SCADA Communications Protocol (SSCP) that protects the integrity and, optionally, the confidentiality of asynchronous serial communications typically used by control system equipment. SSCP is primarily intended to protect serial SCADA communications, but can be applied to other serial communications, such as the maintenance ports of intelligent electronic devices. SSCP is independent of the underlying communications link and protocol (e.g., Modbus, DNP3, IEC 60870- 5), and is appropriate for serial communications over leased lines, dial-up lines, multi-drop links, radio, power line carrier, fiber optic, etc. SSCP is suitable for implementation in new equipment or for deployment in bump-in-the-wire devices retrofitting protection to existing systems.

Status: Inactive

S5 WG: IEEE Std C37.240 – Standard Cybersecurity Requirements for Power System Automation, Protection and Control Systems
Chair: Steven Kunsman Vice-Chair: TW Cease
Scope: The standard provides technical requirements for power system cybersecurity. Based on sound engineering practices, requirements can be applied to achieve high levels of cybersecurity of power system automation, protection and control systems independent of voltage level or criticality of cyber assets.

Status: Inactive

S6 TF: IoT for connected home – Communication and cybersecurity requirements
Chair: Marc Lacroix Vice-Chair: James Formea
Scope: The study group presents a project for IoT connected home. Created a report describing the different use cases that make use of the Connected Homes concept, presents a security risk analysis and propose requirements for telecommunication (Volume, frequency, speed) and cybersecurity. Some possible guidelines for utility experts is included.

Status: Inactive

S7 WG: IEEE Std 2808 Standard for Function Designations used in Electrical Power Systems for Cyber Services and Cybersecurity
Chair: Nathan Wallace Vice-Chair: Mike Dood Secretary: Deepak Maragal
Scope: This standard applies to the definition of function designations for cyber related services, and cybersecurity controls and measures used to detect, identify, protect from, respond to, and recover from, security threats to electric power systems. These designations apply to the design, procurement, and operation of electric power systems. This standard also provides examples of how to represent systems using these designations.

Status: Active

S8 WG: IEEE Std 2658 Guide for Cybersecurity Testing in Electric Power Systems
Chair: Nathan Wallace Vice-Chair: Deepak Maragal
Scope: This document provides test guidance for cybersecurity controls used in electric power systems. The guide encompasses testing and verification of cybersecurity services, applications, and controls, including end-to-end testing.

Status: Active

S9 TF: Task Force on Utility IT-OT Cybersecurity Challenges in Roles and Terminology
Chair: Theo Laughner Vice-Chair: Brian Smith
Scope: Assess the IT-OT challenge in Utility Cybersecurity roles. Determine if a Task Force is required to create a report to assist in building organizational understanding and collaboration.

Status: Inactive

S10 TF: Utility & Municipality Challenges on Analyzing and Implementing Cybersecurity Standards and Best Practices
Chair: Jeff Pack Vice-Chair: Justin Turner
Scope: Assess the challenge in utilities & municipalities with limited resources on the applicability and relevance of the cybersecurity standards and create a report to assist summarizing the relevant cybersecurity standards.

Status: Active

S11 TF: Task Force on Roadmap Development for S0 Subcommittee
Chair: Dan Goodlett  Vice-Chair: Larry Collier
Scope: Develop a roadmap for activities that S Subcommittee should undertake related to communication security issues.

Status: Active

S12: IED Virtualization 
Chair: Marc Lacroix Vice-Chair: Bill Dickerson
Scope:

Status: Inactive

S13 WG: Joint Work on IEEE Std 1547.3 Guide for Cybersecurity of DERs Interface with Electric Power Systems
Chair: Tony Johnson Vice-Chair: R. Benjamin Kazimier
Scope: To jointly develop 1547.3 with SCC21. This document provides guidelines for Cybersecurity of Distributed Energy Resources (DER) interconnection with Electric Power Systems (EPS).

Status: Inactive

S14: Study Group on HTTPS and TLS Exploration
Chair: Scott Lee Vice-Chair:
Scope: Develop a report on the implementation of TLS for usage in legacy (e.g. SCADA) and emerging (e.g. DER) power system applications.

Status: Active

S15: IEEE Guide for Securing  Generic Object Oriented System Events (GOOSE) and Sampled Values (SV) Protocols of IEC 61850 using IEC 62351-6 and IEC 62351-9
Chair: Jay  Anderson Vice-Chair: Shane Haveron   Secretary: Dean Ouellette
Scope: This guide provides information for suppliers and implementors on applying security from the most recently published versions of IEC 62351-6 and IEC 62351-9 to GOOSE (IEC 61850-8-1), R-GOOSE (IEC 61850-8-1), SV (IEC 61869-9), or R-SV (IEC 61850-9-2) protocols.

Status: Active

S16 TF: Application of IDS and IPS to Electric Power Systems
Chair: Eugenio Carvalheira Vice-Chair: Eric Thibodeau
Scope: Create a report outlining IDS and IPS use in Electric Power Systems and determine the need to move forward with a PAR to create either a Standard or a Guide.

Status: Active

S17: Task Force on Use of SBOM in the Energy Sector
Chair: Eric Thibodeau Vice-Chair: Marc LaCroix
Scope: This report summarizes the current efforts by external entities for the use of SBOM in EPS. Further, it will attempt to identify gaps in current efforts in order to provide guidance for future work to the subcommittee. The report is targeting SBOM solely, excluding other types of BOM.

Status: Active

S18 (joint with PSRC I47): IEEE Standard Common Format for Documenting IED Firmware or Software Changes and Confirming their Transmittal (COMFIRM) – Review and determine need of revision of IEEE C37.231 ‐ 2006 ‐ IEEE Recommended Practice for Microprocessor‐Based Protection Equipment Firmware Control
Chair: Eric Thibodeau / Milton Quinteros Vice-Chair: Marc Lacroix
Scope: This report summarizes the current efforts by external entities for the use of SBOM in EPS. Further, it will attempt to identify gaps in current efforts in order to provide guidance for future work to the subcommittee. The report is targeting SBOM solely, excluding other types of BOM.

Status: Active

S19: Review of DNP3 SAv6 and AMP
Chair: Andrew West Vice-Chair:
Scope:

Status: Active