IEC TS 63208:2020
(Main)Low-voltage switchgear and controlgear - Security aspects
Low-voltage switchgear and controlgear - Security aspects
IEC TS 63208:2020 applies to the security related main functions of switchgear and controlgear during the whole lifecycle of the equipment. It is applicable to wired and wireless data communication means and the physical accessibility to the equipment, within its limits of environmental conditions.
This document is intended to develop awareness about security aspects and provides recommendations and requirements on the appropriate countermeasures against vulnerability to threats.
General Information
Standards Content (Sample)
IEC TS 63208 ®
Edition 1.0 2020-03
TECHNICAL
SPECIFICATION
colour
inside
Low-voltage switchgear and controlgear – Security aspects
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.
IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.
need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TS 63208 ®
Edition 1.0 2020-03
TECHNICAL
SPECIFICATION
colour
inside
Low-voltage switchgear and controlgear – Security aspects
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 29.130.20 ISBN 978-2-8322-8021-8
– 2 – IEC TS 63208:2020 © IEC 2020
CONTENTS
FOREWORD . 5
INTRODUCTION . 7
1 Scope . 8
2 Normative references . 8
3 Terms, definitions and abbreviated terms . 9
3.1 Terms and definitions . 9
3.2 Abbreviated terms . 12
4 General . 13
5 Security objectives . 13
6 Security lifecycle management . 13
6.1 General . 13
6.2 Security risk assessment . 14
6.3 Response to security risk . 15
6.4 Security requirement specification . 16
6.5 Important data . 16
6.6 System architecture . 16
6.6.1 Control system . 16
6.6.2 Levels of communication functionalities . 16
6.6.3 Levels of connectivity . 17
6.6.4 Control system exposure levels . 19
7 Security requirements . 20
7.1 General . 20
7.2 Cybersecurity aspects . 20
7.3 Physical access and environment . 21
7.4 Equipment requirement . 22
7.4.1 General . 22
7.4.2 Hardening . 22
7.4.3 Encryption techniques . 22
7.4.4 Embedded software robustness and integrity . 22
7.4.5 Denial of service . 23
7.4.6 Authentication of users . 23
7.4.7 Communication systems . 24
7.4.8 Wireless communication . 24
8 Instructions for installation, operation and maintenance . 24
9 Development and testing . 25
9.1 General development method . 25
9.2 Testing . 25
Annex A (informative) Cybersecurity and electrical system architecture . 26
A.1 General . 26
A.2 Typical architecture involving switchgear and controlgear and their assembly . 26
A.2.1 Building . 26
A.2.2 Manufacturing . 27
A.3 Security levels and product standards . 28
Annex B (informative) Use case studies . 29
B.1 General . 29
B.2 Use case 1 – Protection against malicious firmware upgrade of a circuit-
breaker . 29
B.3 Use case 2 – Protection against unauthorized access to electrical production
network . 30
B.4 Use case 3 – Protection against DDoS (distributed denial of service) attack
through insecure IoT devices . 31
B.5 Use case 4 – Protection against unauthorized access to the electrical
network using illegitimate device . 32
B.6 Use case 5 – Protection against malicious firmware upgrade of a sensor
(e.g. proximity switch), mounted in a machine wired-connected by IO-Link
interface . 34
B.7 Use case 6 – HMI: human machine interface – Protection against
unauthorized access to a simple sensor (mounted in a machine) – improper
parametrization . 35
B.8 Use case 7 – HMI: human machine interface – Protection against
unauthorized access to a complex sensor (mounted in a machine) –
improper parametrization . 36
B.9 Use case 8 – Protection against unauthorized access to a sensor (e.g.
proximity switch), mounted in a machine, connected by wireless
communication interface (WCI) . 38
Annex C (informative) Basic cybersecurity aspects . 40
C.1 General . 40
C.2 Identification and authentication . 40
C.3 Use control . 40
C.4 System integrity . 40
C.5 Data confidentiality . 41
C.6 Restricted data flow . 41
C.7 Timely response to events . 41
C.8 Resource availability . 41
Annex D (informative) Guidelines for users of switchgear and controlgear . 42
D.1 General . 42
D.2 Risk assessment and security planning . 42
D.2.1 Risk assessment . 42
D.2.2 Security plan . 42
D.3 Recommendations for design and installation of the system integrating
switchgear and controlgear . 43
D.3.1 General access control . 43
D.3.2 Recommendations for local access . 43
D.3.3 Recommendations for remote access . 44
D.3.4 Recommendations for firmware upgrades . 44
Bibliography . 45
Figure 1 – Example of physical interfaces of an embedded device in an equipment
which can be subject to an attack . 14
Figure 2 – Control system architecture with switchgear and controlgear . 17
Figure 3 – Control system connectivity level C3 . 18
Figure 4 – Control system connectivity level C4 . 18
Figure 5 – Control system connectivity level C5 . 19
Figure 6 – Switchgear and controlgear minimum security profile . 20
Figure 7 – Example of security instruction symbol . 25
– 4 – IEC TS 63208:2020 © IEC 2020
Figure A.1 – Building electrical architecture . 27
Figure A.2 – Industrial plants . 28
Table 1 – Typical threats. 14
Table 2 – Level of exposure of a control system . 19
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
LOW-VOLTAGE SWITCHGEAR AND CONTROLGEAR –
SECURITY ASPECTS
FOREWORD
1) The International Electrotechnical Commission
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.