IEC TC57 Security Standards for the Power System's Information Infrastructure - Beyond Simple Encryption

Communication protocols are one of the most critical parts of power system operations, responsible for retrieving information from field equipment and, vice versa, for sending control commands. Despite their key function, to-date these communication protocols have rarely incorporated any security measures, including security against inadvertent errors, power system equipment malfunctions, communications equipment failures, or deliberate sabotage. Since these protocols were very specialized, "security by obscurity" has been the primary approach. However, security by obscurity is no longer a valid concept. In particular, the electricity market is pressuring market participants to gain any edge they can. A tiny amount of information can turn a losing bid into a winning bid - or withholding that information from your competitor can make their winning bid into a losing bid. And the desire to disrupt power system operations can stem from simple teenager bravado to competitive gameplaying in the electrical marketplace to actual terrorism. This paper describes what the International Electrotechnical Council (IEC) is undertaking in TC57 WG15 on providing security for power system operations