1 OVERVIEWIn the past, substation networks were traditionally isolated and the protocols and data formats used totransfer information between devices were often proprietary.For these reasons, the substation environment was very secure against cyber-attacks. The terms used forthis inherent type of security are:● Security by isolation (if the substation network is not connected to the outside world, it cannot beaccessed from the outside world).● Security by obscurity (if the formats and protocols are proprietary, it is very difficult to interpret them).The increasing sophistication of protection schemes, coupled with the advancement of technology and thedesire for vendor interoperability, has resulted in standardisation of networks and data interchange withinsubstations. Today, devices within substations use standardised protocols for communication. Furthermore,substations can be interconnected with open networks, such as the internet or corporate-wide networks,which use standardised protocols for communication. This introduces a major security risk making the gridvulnerable to cyber-attacks, which could in turn lead to major electrical outages.Clearly, there is now a need to secure communication and equipment within substation environments. Thischapter describes the security measures that have been put in place for our range of Intelligent ElectronicDevices (IEDs).Note:Cyber-security compatible devices do not enforce NERC compliance, they merely facilitate it. It is the responsibility ofthe user to ensure that compliance is adhered to as and when necessary.This chapter contains the following sections:Overview 275The Need for Cyber-Security 276Standards 277Cyber-Security Implementation 281Cyber-Security Settings 291MiCOM P747 Chapter 9 - Cyber-SecurityP747-TM-EN-1 275
