Page Last Updated: 05/30/2021
- Studying and reviewing engineering (including information technology and operation technology), operational, and testing aspects of cybersecurity related to the Electric Power System.
- Developing and maintaining related standards, recommended practices and guides for such aspects.
- Coordinating with other technical committees, groups, societies and associations as required.
- Preparing and arranging for publication technical reports related to the Subcommittee’s scope.
- CIGRE Subcommittee: SC D2 Information Systems and Telecommunication
- IEC Technical Subcommittee: TC 57 Power Systems Managment and Associated Information Exchange
- IEEE Cybersecurity Initiative
- NIST Program: Cybersecurity for Smart Grid Systems
- North American Electric Reliability Corporation
- US-DHS Industrial Control Systems Cyber Emergency Response Team
- US-DOE: CYBERSECURITY FOR ENERGY DELIVERY SYSTEMS (CEDS) FACT SHEETS (Continuous Updates)
- US-DOE: Energy Sector Cybersecurity Framework Implementation Guidance (January 2015)
- NISTIR 7628r1: Guidelines for Smart Grid Cybersecurity (September 2014)
- US-DOE: Cybersecurity Procurement Language for Energy Delivery Systems (April 2014)
- NIST: Framework for Improving Critical Infrastructure Cybersecurity (February 2014)
- US-DOE: Cybersecurity Risk Managment Process Guideline (May 2012)
- US-DOE: Roadmap to Achieve Energy Delivery Systems Cybersecurity (September 2011)
- US-DOE: Vulnerability Analysis of Energy Delivery Control Systems (September 2011)
S1 WG: IEEE Std 1686 Standard for Intelligent Electronic Devices Cyber Security Capabilities
Chair: Marc Lacroix Vice-Chair: Eric Thibodeau
Scope: The standard defines the functions and features to be provided in intelligent electronic devices (IEDs) to accommodate cybersecurity programs. The standard addresses security regarding the access, operation, configuration, firmware revision and data retrieval from an IED. Confidentiality, integrity and availability of external interfaces of the IED is also addressed.
Status: Approved to go to Ballot.
S2 : IEEE Std 1711.1 Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links: Substation Serial Protection Protocol (SSPP)
Scope: This standard defines a cryptographic protocol to provide integrity, and optional confidentiality, for cybersecurity of Electrical Power System (EPS) serial links. It does not address specific applications or hardware implementations, and is independent of the underlying communications protocol.
S3 WG: IEEE Std 2030.102.1-2020 – IEEE Standard for Interoperability of Internet Protocol Security (IPsec) Utilized within Utility Control Systems
Scope: Specific configuration requirements within the relevant Internet Engineering Task Force (IETF) Request for Comments (RFC) for implementation of the Internet Protocol Security (IPsec) protocol suite within a utility control system are identified in this standard. It is not intended to be a comprehensive guide to implementing IPsec. Promoting interoperability between products developed by different vendors is the primary goal in developing this standard. Configuration parameters needed to support the establishment and sustained operation of an IPsec Virtual Private Network (VPN) tunnel between two devices which have implemented IPsec conforming to this standard are the focus of this standard. Minimizing configuration errors involving IPsec implementations within utility control systems is a secondary goal of this standard. Product agnosticism and applicability to any device (e.g., router, substation gateway, intelligent electronic device, etc.) is the intent of this standard, within the utility control system as the end user deems necessary for their unique system architecture.
S4 : IEEE Std 1711.2-2019 – IEEE Standard for Secure SCADA Communications Protocol (SSCP)
Scope: A cryptographic protocol to provide integrity with optional confidentiality for cyber security of substation serial links is defined in this standard. It does not address specific applications or hardware implementations and is independent of the underlying communications protocol.The elevated concern of cyber security throughout the power industry has created a need to protect communications to and from substations. This standard defines a cryptographic protocol known as Secure SCADA Communications Protocol (SSCP) that protects the integrity and, optionally, the confidentiality of asynchronous serial communications typically used by control system equipment. SSCP is primarily intended to protect serial SCADA communications, but can be applied to other serial communications, such as the maintenance ports of intelligent electronic devices. SSCP is independent of the underlying communications link and protocol (e.g., Modbus, DNP3, IEC 60870- 5), and is appropriate for serial communications over leased lines, dial-up lines, multi-drop links, radio, power line carrier, fiber optic, etc. SSCP is suitable for implementation in new equipment or for deployment in bump-in-the-wire devices retrofitting protection to existing systems.
S5 WG: IEEE Std C37.240 – Standard Cybersecurity Requirements for Power System Automation, Protection and Control Systems
Chair: Steven Kunsman Vice-Chair: TW Cease
Scope: The standard provides technical requirements for power system cybersecurity. Based on sound engineering practices, requirements can be applied to achieve high levels of cybersecurity of power system automation, protection and control systems independent of voltage level or criticality of cyber assets.
S6 TF: IoT for connected home – Communication and cybersecurity requirements
Chair: Marc Lacroix Vice-Chair: James Formea
Scope: The study group presents a project for IoT connected home. Created a report describing the different use cases that make use of the Connected Homes concept, presents a security risk analysis and propose requirements for telecommunication (Volume, frequency, speed) and cybersecurity. Some possible guidelines for utility experts is included.
S7 WG: IEEE Std 2808 Standard for Function Designations used in Electrical Power Systems for Cyber Services and Cybersecurity
Chair: Nathan Wallace Vice-Chair: Mike Dood Secretary: Deepak Maragal
Scope: This standard applies to the definition of function designations for cyber related services, and cybersecurity controls and measures used to detect, identify, protect from, respond to, and recover from, security threats to electric power systems. These designations apply to the design, procurement, and operation of electric power systems. This standard also provides examples of how to represent systems using these designations.
S8 WG: IEEE Std 2658 Guide for Cybersecurity Testing in Electric Power Systems
Chair: Nathan Wallace Vice-Chair: Deepak Maragal
Scope: This document provides test guidance for cybersecurity controls used in electric power systems. The guide encompasses testing and verification of cybersecurity services, applications, and controls, including end-to-end testing.
S9 TF: Task Force on Utility IT-OT Cybersecurity Challenges in Roles and Terminology
Chair: Theo Laughner Vice-Chair: Brian Smith
Scope: Assess the IT-OT challenge in Utility Cybersecurity roles. Determine if a Task Force is required to create a report to assist in building organizational understanding and collaboration.
S10 TF: Utility & Municipality Challenges on Analyzing and Implementing Cybersecurity Standards and Best Practices
Chair: Jeff Pack Vice-Chair: Steve Mark
Scope: Assess the challenge in utilities & municipalities with limited resources on the applicability and relevance of the cybersecurity standards and create a report to assist summarizing the relevant cybersecurity standards.
S11 TF: Task Force on Roadmap Development of Cyber Security Services standard document
Chair: Theo Laughner Vice-Chair:
Scope: Develop a roadmap for activities that S Subcommittee should undertake related to communication security issues.
S12: IED Virtualization
S13 WG: Joint Work on IEEE Std 1547.3 Guide for Cybersecurity of DERs Interface with Electric Power Systems
Chair: Tony Johnson Vice-Chair: R. Benjamin Kazimier
Scope: To jointly develop 1547.3 with SCC21. This document provides guidelines for Cybersecurity of Distributed Energy Resources (DER) interconnection with Electric Power Systems (EPS).
S14: Study Group on HTTPS and TLS Exploration
Chair: Steve Kunsman Vice-Chair: Shashi Sastry
Scope: Develop a report on the implementation of TLS for usage in legacy (e.g. SCADA) and emerging (e.g. DER) power system applications.
S15: IEEE Guide for Securing Generic Object Oriented System Events (GOOSE) and Sampled Values (SV) Protocols of IEC 61850 using IEC 62351-6 and IEC 62351-9
Chair: Jay Anderson Vice-Chair: Shane Haveron Secretary: Dean Ouellette
Scope: This guide provides information for suppliers and implementors on applying security from the most recently published versions of IEC 62351-6 and IEC 62351-9 to GOOSE (IEC 61850-8-1), R-GOOSE (IEC 61850-8-1), SV (IEC 61869-9), or R-SV (IEC 61850-9-2) protocols.
S16: Study Group on Application of IDS and IPS to Electric Power Systems
Chair: Eugenio Carvalheira Vice-Chair: Eric Thibodeau
Scope: Create a report outlining IDS and IPS use in Electric Power Systems and determine the need to move forward with a PAR to create either a Standard or a Guide.