M00000603
New product
ISO/IEC TR 27019 1st Edition, July 15, 2013 Information technology - Security techniques - Information security management guidelines based on ISO/IEC 27002 for process control systems specific to the energy utility industry
In stock
Warning: Last items in stock!
Availability date: 07/13/2021
Description / Abstract:
The scope of this guideline covers process control systems used
by the energy utility industry for controlling and monitoring the
generation, transmission, storage and distribution of electric
power, gas and heat in combination with the control of supporting
processes. This includes in particular the following systems,
applications and components:
-the overall IT-supported central and distributed process
control, monitoring and automation technology as well as IT systems
used for their operation, such as programming and parameterization
devices;
-digital controllers and automation components such as
control and field devices or PLCs, including digital sensor and
actuator elements;
-all further supporting IT systems used in the process
control domain, e.g. for supplementary data visualization tasks and
for controlling, monitoring, data archiving and documentation
purposes;
-the overall communications technology used in the process
control domain, e.g. networks, telemetry, telecontrol applications
and remote control technology;
-digital metering and measurement devices, e.g. for
measuring energy consumption, generation or emission values;
-digital protection and safety systems, e.g. protection
relays or safety PLCs;
-distributed components of future smart grid
environments;
-all software, firmware and applications installed on
above mentioned systems.
Outside the scope of this guideline is the conventional or
classic control equipment that is non-digital, i.e. purely
electro-mechanical or electronic monitoring and process control
systems. Furthermore, energy process control systems in private
households and other, comparable residential building installations
are outside the scope of this guideline.
Telecommunication systems and components used in the process
control environment are also not directly part of the scope of this
guideline. These are covered by the standard "ISO/IEC 27011:2008
Information technology – Security techniques – Information
security management guidelines for telecommunications organizations
based on ISO/IEC 27002". It is recommended that users of this
guideline should implement the measures defined in that standard
for the telecommunication systems and components used in the
process control environment.