ISO/IEC 27019:2024-信息安全、网络安全和隐私保护-能源公用事业行业的信息安全控制-国家数字标准馆

现行 ISO/IEC 27019:2024

到馆提醒

收藏跟踪

购买正版

选择购买版本本服务由中国标准服务网提供

电子版

法语/电子版加密PDF格式/约1分钟可下载/有水印/要装插件FileOpen/电脑需联网/限制累计3台电脑共打印5次

¥ 1,324

电子版

英语/电子版加密PDF格式/约1分钟可下载/有水印/要装插件FileOpen/电脑需联网/限制累计3台电脑共打印5次

¥ 1,324

前往中国标准服务网获取更多购买信息

Information security, cybersecurity and privacy protection - Information security controls for the energy utility industry 信息安全、网络安全和隐私保护-能源公用事业行业的信息安全控制

发布日期： 2024-10-18

                本文件基于ISO/IEC 27002:2022，为能源公用事业行业提供信息安全控制，用于控制和监控电力、天然气、石油和热能的生产或发电、传输、储存和分配，以及控制相关的支持流程。这尤其包括以下内容:
-中央和分布式过程控制、监测和自动化技术以及用于其运行的信息系统，如编程和参数化装置；
-数字控制器和自动化部件，例如控制和现场设备或可编程逻辑控制器(PLC)，包括数字传感器和致动器元件；
-用于过程控制领域的所有其他支持信息系统，例如用于补充数据可视化任务和用于控制、监测、数据存档、历史记录、报告和文档目的；-过程控制领域中使用的通信技术，例如网络、遥测、远动应用和远程控制技术；
-高级计量基础设施(AMI)组件，例如智能电表；
-测量装置，例如用于排放值；
-数字保护和安全系统，例如保护继电器、安全PLC、紧急调速器机构；
-能源管理系统，例如用于分布式能源(DER)、充电基础设施以及用于私人家庭、住宅建筑或工业客户装置；
-智能电网环境的分布式组件，例如在能源网、私人家庭、住宅建筑或工业客户装置中；
-安装在上述系统上的所有软件、固件和应用程序，例如。g.配电管理系统（DMS）应用或停电管理系统（OMS）；
-存放上述设备和系统的任何处所；
-用于上述系统的远程维护系统。
本文件不适用于核设施的过程控制领域。IEC 63096涵盖了该领域。

This document provides information security controls for the energy utility industry, based on ISO/IEC 27002:2022, for controlling and monitoring the production or generation, transmission, storage and distribution of electric power, gas, oil and heat, and for the control of associated supporting processes. This includes in particular the following:
— central and distributed process control, monitoring and automation technology as well as information systems used for their operation, such as programming and parameterization devices;
— digital controllers and automation components such as control and field devices or programmable logic controllers (PLCs), including digital sensor and actuator elements;
— all further supporting information systems used in the process control domain, e.g. for supplementary data visualization tasks and for controlling, monitoring, data archiving, historian logging, reporting and documentation purposes;
— communication technology used in the process control domain, e.g. networks, telemetry, telecontrol applications and remote-control technology;
— Advanced metering infrastructure (AMI) components, e.g. smart meters;
— measurement devices, e.g. for emission values;
— digital protection and safety systems, e.g. protection relays, safety PLCs, emergency governor mechanisms;
— energy management systems, e.g. for distributed energy resources (DER), electric charging infrastructures, and for private households, residential buildings or industrial customer installations;
— distributed components of smart grid environments, e.g. in energy grids, in private households, residential buildings or industrial customer installations;
— all software, firmware and applications installed on above-mentioned systems, e.g. distribution management system (DMS) applications or outage management systems (OMS);
— any premises housing the abovementioned equipment and systems;
— remote maintenance systems for abovementioned systems.
This document does not apply to the process control domain of nuclear facilities. This domain is covered by IEC 63096.