MiCOM P40 Agile P441, P442, P444
• Account management
• Monitoring
• An annual vulnerability assessment should be performed
Power utility responsibilities: Contribution:
To provide an incident response team and
have appropriate processes in place
Test procedures; We can provide advice and help on
testing.
Ports and services; Our devices can disable unused
ports and services
Security patch management; We can provide
assistance
Antivirus; We can provide advise and assistance
Account management; We can provide advice and
assistance
Monitoring; Our equipment monitors and logs access
3.1.7 CIP 008
CIP 008 requires that an incident response plan be developed, including the definition of an
incident response team, their responsibilities and associated procedures.
Power utility responsibilities:
To provide an incident response team and
have appropriate processes in place.
General Electric
cannot provide additional help with this
aspect.
3.1.8 CIP 009
CIP 009 states that a disaster recovery plan should be created and tested with annual drills.
Power utility responsibilities:
To implement a recovery plan
To provide guidelines on recovery plans and
backup/restore documentation
3.2 IEEE 1686-2007
IEEE 1686-2007 is an IEEE Standard for substation IEDs cyber security capabilities. It
proposes practical and achievable mechanisms to achieve secure operations.
The following features described in this standard apply to General Electric Px40 relays:
• Passwords are 8 characters long and can contain upper-case, lower-case, numeric
and special characters.
• Passwords are never displayed or transmitted to a user.
• IED functions and features are assigned to different password levels. The
assignment is fixed.
• Record of an audit trail listing events in the order in which they occur, held in a
circular buffer.
• Records contain all defined fields from the standard and record all defined function
event types where the function is supported.
• No password defeat mechanism exists. Instead a secure recovery password
scheme is implemented.
• Unused ports (physical and logical) may be disabled.
To Next Page
Loading...
