kSIST FprEN IEC 63208:2025
(Main)Switchgear and controlgear and their assemblies for low voltage - Security aspects
Switchgear and controlgear and their assemblies for low voltage - Security aspects
IEC 63208:2025 This document applies to the main functions of switchgear and controlgear and their assemblies, called equipment, in the context of operational technology (OT 3.1.34). It is applicable to equipment with wired or wireless data communication means and their physical accessibility, within their limits of environmental conditions. It is intended to achieve the appropriate physical and cybersecurity mitigation against vulnerabilities to security threats.
This document provides requirements on the appropriate:
– security risk assessment to be developed including the attack levels, the typical threats, the impact assessment and the relationship with safety;
– levels of exposure of the communication interface and the determination of the equipment security level;
– assessment of the exposure level of the communication interfaces;
– assignment of the required security measures for the equipment;
– countermeasures for the physical access and the environment derived from ISO/IEC 27001;
– countermeasures referring to IEC 62443-4-2 with their criteria of applicability;
– user instructions for installation, operation and maintenance;
– conformance verification and testing, and – security protection profiles by family of equipment (Annex E to Annex I).
In particular, it focuses on potential vulnerabilities to threats resulting in:
– unintended operation, which can lead to hazardous situations;
– unavailability of the protective functions (overcurrent, earth fault, etc.);
– other degradation of main function.
It also provides guidance on the cybersecurity management with the:
– roles and responsibilities (Table 4);
– typical architectures (Annex A);
– use cases (Annex B);
– development methods (Annex C);
– recommendations to be provided to users and for integration into an assembly (Annex D);
– bridging references to cybersecurity management systems (Annex K).
This document does not cover security requirements for:
– information technology (IT);
– industrial automation and control systems (IACS), engineering workstations and their software applications;
– critical infrastructure or energy management systems;
– network device (communication network switch or virtual private network terminator), or
– data confidentiality other than for critical security parameters;
– design lifecycle management. For this aspect, see IEC 62443-4-1, ISO/IEC 27001 or other security lifecycle management standards.
Niederspannungsschaltgeräte und deren Niederspannungs-Schaltgerätekombinationen – Security Aspekte
Appareillages et ensembles d’appareillages basse tension - Aspects de sécurité
IEC 63208:2025 Le présent document s'applique aux fonctions principales des appareillages et ensembles d'appareillages, appelés équipements, dans le contexte de la technologie d'exploitation (OT, 3.1.34). Il s'applique aux équipements équipés de moyens de communication de données filaires ou sans fil, ainsi qu'à leur accessibilité physique, dans les limites de leurs conditions d'environnement. Il a pour objet d'assurer l'atténuation appropriée de la sécurité physique et de la cybersécurité contre les vulnérabilités aux menaces à la sécurité.
Le présent document fournit des exigences sur les aspects appropriés suivants:
– l'appréciation du risque pour la sécurité à élaborer, y compris les niveaux d'attaque, les menaces types, l'appréciation de l'impact et la relation à la sécurité humaine;
– les niveaux d'exposition de l'interface de communication et la détermination du niveau de sécurité de l'équipement;
– l'évaluation du niveau d'exposition des interfaces de communication;
– l'attribution des mesures de sécurité exigées pour l'équipement;
– les contre-mesures pour l'accès physique et l'environnement selon l'ISO/IEC 27001;
– les contre-mesures en référence à l'IEC 62443-4-2, avec leurs critères d'applicabilité;
– les instructions pour l'utilisateur concernant l'installation, le fonctionnement et la maintenance;
– la vérification et les essais de conformité; et
– les profils de protection de la sécurité par famille d'équipements (de l'Annexe E à l'Annexe I).
En particulier, il met l'accent sur les vulnérabilités potentielles aux menaces entraînant:
– un fonctionnement non souhaitable, qui peut conduire à des situations dangereuses;
– une indisponibilité des fonctions de protection (surintensité, défaut de terre, etc.);
– toute autre dégradation de la fonction principale.
Il fournit également des recommandations concernant le management de la cybersécurité, avec:
– les rôles et responsabilités (Tableau 4);
– les architectures types (Annexe A);
– les cas d'utilisation (Annexe B);
– les méthodes de développement (Annexe C);
– les recommandations à fournir aux utilisateurs et à intégrer à un ensemble (Annexe D);
– l'établissement de références aux systèmes de management de la cybersécurité (Annexe K).
Le présent document ne fournit aucune exigence de sécurité en ce qui concerne:
– les technologies de l'information (TI);
– les systèmes d'automatisation et de commande industrielles (IACS, Industrial Automation And Control Systems), les postes de travail d'ingénierie
et leurs applications logicielles;
– les systèmes de management des infrastructures essentielles ou de l'énergie;
– les dispositifs de réseau (commutateur de réseau de communication ou terminaison de réseau privé virtuel); ou
– la confidentialité des données autre que pour les paramètres de sécurité critiques;
– la gestion du cycle de vie de la conception. Pour cet aspect, voir l'IEC 62443-4-1, l'ISO/IEC 27001 ou d'autres normes de gestion du cycle de vie de la sécurité.
Stikalne in krmilne naprave ter njihovi sestavi za uporabo pri nizki napetosti - Varnostni vidiki
General Information
Standards Content (Sample)
SLOVENSKI STANDARD
oSIST prEN IEC 63208:2024
01-oktober-2024
Stikalne in krmilne naprave ter njihovi sestavi za uporabo pri nizki napetosti -
Varnostni vidiki
Switchgear and controlgear and their assemblies for low voltage - Security aspects
Appareillages et ensembles d’appareillages basse tension - Aspects de sécurité
Ta slovenski standard je istoveten z: prEN IEC 63208:2024
ICS:
29.130.20 Nizkonapetostne stikalne in Low voltage switchgear and
krmilne naprave controlgear
oSIST prEN IEC 63208:2024 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.
oSIST prEN IEC 63208:2024
oSIST prEN IEC 63208:2024
121/172/CDV
COMMITTEE DRAFT FOR VOTE (CDV)
PROJECT NUMBER:
IEC 63208 ED1
DATE OF CIRCULATION: CLOSING DATE FOR VOTING:
2024-08-30 2024-11-22
SUPERSEDES DOCUMENTS:
121/167/CD, 121/170/CC
IEC TC 121: SWITCHGEAR AND CONTROLGEAR AND THEIR ASSEMBLIES FOR LOW VOLTAGE
SECRETARIAT: SECRETARY:
France Mr Michaël LAHEURTE
OF INTEREST TO THE FOLLOWING COMMITTEES: HORIZONTAL FUNCTION(S):
TC 17, SC 22G, TC 23, TC 44, TC 65, TC 94, SC 121A, SC 121B
ASPECTS CONCERNED:
SUBMITTED FOR CENELEC PARALLEL VOTING NOT SUBMITTED FOR CENELEC PARALLEL VOTING
Attention IEC-CENELEC parallel voting
The attention of IEC National Committees, members of CENELEC,
is drawn to the fact that this Committee Draft for Vote (CDV) is
submitted for parallel voting.
The CENELEC members are invited to vote through the CENELEC
online voting system.
This document is still under study and subject to change. It should not be used for reference purposes.
Recipients of this document are invited to submit, with their comments, notification of any relevant patent rights of which they are aware
and to provide supporting documentation.
Recipients of this document are invited to submit, with their comments, notification of any relevant “In Some Countries” clauses to be
included should this proposal proceed. Recipients are reminded that the CDV stage is the final stage for submitting ISC clauses. (See
AC/22/2007 or NEW GUIDANCE DOC).
TITLE:
Switchgear and controlgear and their assemblies for low voltage – Security aspects
PROPOSED STABILITY DATE: 2028
NOTE FROM TC/SC OFFICERS:
electronic file, to make a copy and to print out the content for the sole purpose of preparing National Committee positions.
You may not copy or "mirror" the file or printed version of the document, or any part of it, for any other purpose without
permission in writing from IEC.
oSIST prEN IEC 63208:2024
121/172/CDV – 2 – IEC CDV 63208 © IEC 2024
CONTENTS
FOREWORD . 11
INTRODUCTION . 13
1 Scope . 15
2 Normative references . 16
3 Terms, definitions and abbreviated terms . 16
3.1 Terms and definitions . 16
3.2 Abbreviated terms . 22
4 General . 23
5 Security objectives . 23
6 Security lifecycle management . 24
6.1 General . 24
6.2 Security risk assessment . 26
6.2.1 General . 26
6.2.2 Relationship between safety and security . 27
6.2.3 Impact assessment . 28
6.2.4 Security risk assessment result . 28
6.3 Response to security risk . 28
6.4 Security requirement specification . 29
6.5 Roles and responsibilities . 29
6.6 Important data . 29
6.7 Control system architecture . 30
6.7.1 Control system . 30
6.7.2 Levels of communication functionalities . 30
6.7.3 Levels of connectivity . 32
6.7.4 Exposure levels of equipment . 34
6.7.5 Equipment security levels . 35
6.7.6 Security protection profile . 35
7 Security requirements . 36
7.1 General . 36
7.2 Physical access and environment . 36
7.2.1 PA – Physical access and environment requirement . 36
7.2.2 Physical access and environment rational. 37
7.2.3 PA-e – Physical access and environment enhancement . 37
7.2.4 Physical access and environment typical implementation. 38
7.3 Equipment requirement . 39
7.3.1 General . 39
7.3.1.1 Main functions . 39
7.3.1.2 Compensating countermeasure . 39
7.3.1.3 Security requirements for the equipment . 39
7.3.2 FR 1 – Identification and authentication control . 40
7.3.2.1 Purpose . 40
7.3.2.2 Rationale . 40
7.3.2.3 CR 1.1 – Human user identification and authentication . 40
7.3.2.4 CR 1.2 – Software and equipment identification and
authentication . 41
7.3.2.5 CR 1.5 – Authenticator management . 41
oSIST prEN IEC 63208:2024
IEC CDV 63208 © IEC 2024 – 3 – 121/172/CDV
7.3.2.6 CR 1.7 – Strength of password-based authentication . 41
7.3.2.7 CR 1.8 – Public key infrastructure certificates . 42
7.3.2.8 CR 1.9 – Strength of public key-based authentication . 42
7.3.2.9 CR 1.10 – Authenticator feedback . 42
7.3.2.10 CR 1.11 – Unsuccessful login attempts . 43
7.3.2.11 CR 1.14 – Strength of symmetric key-based authentication . 43
7.3.3 FR 2 – Use control . 43
7.3.3.1 Purpose . 43
7.3.3.2 Rationale . 43
7.3.3.3 CR 2.1 – Authorisation enforcement . 43
7.3.3.4 CR 2.2 – Wireless use control . 44
7.3.3.5 EDR 2.4 – Mobile code . 44
7.3.3.6 CR 2.5 – Session lock . 45
7.3.3.7 CR 2.6 – Remote session termination . 45
7.3.3.8 CR 2.7 – Concurrent session control . 46
7.3.3.9 CR 2.8 – Auditable events . 46
7.3.3.10 CR 2.9 – Audit storage capacity . 46
7.3.3.11 CR 2.10 – Response to audit processing failures . 47
7.3.3.12 CR 2.11 Timestamp . 47
7.3.3.13 CR 2.12 – Non-repudiation . 48
7.3.3.14 EDR 2.13 – Use of physical diagnostic and test interfaces . 48
7.3.4 FR 3 – System integrity . 48
7.3.4.1 Purpose . 48
7.3.4.2 Rationale . 48
7.3.4.3 CR 3.1 – Communication integrity . 49
7.3.4.4 EDR 3.2 – Protection from malicious code . 49
7.3.4.5 CR 3.3 – Security functionality verification . 50
7.3.4.6 CR 3.4 – Software and information integrity . 50
7.3.4.7 CR 3.5 – Input validation . 51
7.3.4.8 CR 3.6 – Deterministic output . 51
7.3.4.9 CR 3.7 – Error handling . 52
7.3.4.10 CR 3.8 – Session Integrity . 52
7.3.4.11 CR 3.9 – Protection of audit information . 52
7.3.4.12 EDR 3.10 – Support for Updates . 53
7.3.4.13 EDR 3.11 – Physical tamper resistance and detection . 53
7.3.4.14 EDR 3.12 – Provisioning product supplier roots of trust . 53
7.3.4.15 EDR 3.13 – Provisioning asset owner roots of trust . 54
7.3.4.16 EDR 3.14 – Integrity of the boot process . 54
7.3.5 FR 4 – Data confidentiality . 55
7.3.5.1 Purpose . 55
7.3.5.2 Rationale . 55
7.3.5.3 CR 4.1 – Information confidentiality. 55
7.3.5.4 CR 4.3 – Use of cryptography . 55
7.3.6 FR 5 – Restricted data flow. 55
7.3.7 FR 6 – Timely response to events . 56
7.3.7.1 Purpose . 56
7.3.7.2 Rationale . 56
7.3.7.3 CR 6.1 – Audit log accessibility . 56
7.3.8 FR 7 – Resource availability . 56
oSIST prEN IEC 63208:2024
121/172/CDV – 4 – IEC CDV 63208 © IEC 2024
7.3.8.1 Purpose . 56
7.3.8.2 Rationale . 56
7.3.8.3 CR 7.1 – Denial of service protection . 56
7.3.8.4 CR 7.2 – Resource management . 57
7.3.8.5 CR 7.3 – Control system backup . 58
7.3.8.6 CR 7.4 – Control system recovery and reconstitution . 58
7.3.8.7 CR 7.6 – Network and security configuration settings . 58
7.3.8.8 CR 7.7 – Least functionality . 59
7.3.8.9 CR 7.8 – Control system inventory . 60
8 Instructions for installation, operation and maintenance . 60
8.1 User instruction requirement . 60
8.2 User instruction enhancement . 60
8.3 User instruction implementation . 61
9 Conformance verification and testing . 61
9.1 General . 61
9.2 Design documentation . 61
9.3 Physical access . 61
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.