IEEE Details Existing and Pending Cybersecurity Standards
Engineering360 News Desk | March 09, 2015The IEEE Standards Association has introduced several standards relating to cybersecurity, and plans to release more.
The first approved standard, “IEEE Standard for Ubiquitous Green Community Control Network: Security" was approved in October 2013, and supports improved security management functions for sustainable computing. It also includes security requirements, system security architecture definitions and a description of authentication and authorization.
The standard helps to avoid unintended data disclosures to the public and unauthorized access to resources, according to IEEE.
The second standard, “IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities," was approved in January 2013. It defines the functions and features to be integrated into intelligent electronic devices for critical infrastructure protection programs. The standard addresses access, operation, configuration, firmware revisions and data retrieval.
“IEEE Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links" is currently under development, and specifies a practice that can protect the integrity and confidentiality of communications over phone lines, radio waves and fiber optics. The standard could be applied when retrofitting existing systems or installed in new equipment.
The “IEEE Standard for Interoperability of Internet Protocol Security (IPsec) Utilized Within Utility Control Systems" is also under development, and promotes the security of control systems deployed by electric utilities with four steps.
Those steps are defining functional requirements based on needs, selecting open-source specifications to meet those requirements, developing interoperable configuration profiles for the specifications and testing and validating the configurations.
The proposed standard would allow for functionality to be applied at the device level on a case-by-case basis and offers guidelines that would make it easier for utilities to procure and implement secure systems, provide adequate security controls, and minimize efforts to configure devices that support cybersecurity functions.
One additional standard under development, “IEEE Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Security Amendment: Ethernet Data Encryption Devices" would assure secure communication over publicly accessible networks for which security has not already been defined.
More Resources:
