Last week Nozomi Networks had the privilege of hosting the first WG15 meeting of 2017. WG15 is part of IEC Technical Committee 57, which, for instance, created and maintains the IEC 61850 family of standards for substation architectures and the IEC 62351 standards for securing smart grid communications.
WG15 group is made up of ICS operators, SCADA engineers, security specialists, and networking experts from 90 organizations worldwide. It is responsible for establishing end-to-end cyber security standards for the world’s power system communication protocols. Members include ABB, Siemens, Schneider Electric, General Electric, Enel, IREQ, Nozomi Networks and others.
Last week’s meeting was the first of three check-in points scheduled this year to advance the development of protocols, architectures, and recommendations for secure-by-design industrial systems. A foundation of these systems is that they utilize end-to-end encrypted communications.
In the meeting, we moved forward several parts of the standard, including:
- An end-to-end security profile for MMS-based protocols
- A standardized manner of cyber security log collection from IEDs
- Several Deep Packet Inspection techniques that can be adopted for the encrypted channels of tomorrow’s architectures
It’s clear that to enable reliable operation of new power systems architectures, it’s important to standardize network monitoring and Deep Packet Inspection of encrypted communications. It’s a priority for WG15 members, and Nozomi Networks’ R&D, that we establish global standards that will strengthen the security of the world’s power systems.
As we closed last week’s meeting, the group is very close to having all key parts of the standard ready. Vendors are already implementing several of the new approaches. By year’s end we expect to have taken a significant step forward in our efforts to standardize and strengthen cyber security for critical power grid systems.