|
US$519.00 ยท In stock
Delivery: <= 5 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 37138-2018: Implementation guide for cyber security classified protection of electric power information system
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/T 37138-2018 | English | 519 |
Add to Cart
|
5 days [Need to translate]
|
Implementation guide for cyber security classified protection of electric power information system
| Valid |
GB/T 37138-2018
|
PDF similar to GB/T 37138-2018
Basic data | Standard ID | GB/T 37138-2018 (GB/T37138-2018) | | Description (Translated English) | Implementation guide for cyber security classified protection of electric power information system | | Sector / Industry | National Standard (Recommended) | | Classification of Chinese Standard | F07 | | Classification of International Standard | 35.240.50 | | Word Count Estimation | 26,215 | | Date of Issue | 2018-12-28 | | Date of Implementation | 2019-07-01 | | Issuing agency(ies) | State Administration for Market Regulation, China National Standardization Administration | GB/T 37138-2018: Implementation guide for cyber security classified protection of electric power information system
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Implementation guide for cyber security classified protection of electric power information system
ICS 35.240.50
F07
National Standards of People's Republic of China
Power Information System Security Level Protection Implementation Guide
Published on.2018-12-28
2019-07-01 implementation
State market supervision and administration
China National Standardization Administration issued
Content
Foreword III
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and Definitions 1
4 Level Protection Implementation Overview 2
4.1 Basic Principles 2
4.1.1 Structure Priority Principle 2
4.1.2 Joint Protection Principle 2
4.1.3 Security Controllable Principle 2
4.1.4 Stereoscopic Defense Principle 2
4.2 Roles and responsibilities 2
4.2.1 Power Information System Operation Unit 2
4.2.2 Power dispatching agency 3
4.2.3 Power Information System Security Service Agency 3
4.2.4 Power Information System Security Level Evaluation Agency 3
4.2.5 Power Information System Security Product Provider 3
4.2.6 Power Information System Supplier 3
4.2.7 Power Information System Design Unit 4
4.2.8 Administration 4
4.3 Basic activities implemented 4
5 Rating and filing 5
5.1 Process of grading and filing stage 5
5.2 Grading object analysis 5
5.2.1 Analysis of Power Information System 5
5.2.2 Rating object determination 6
5.3 Security protection level determination 7
5.3.1 Rating, review and approval 7
5.3.2 Forming a rating report 7
5.4 Rating results record 7
6 Assessment and evaluation 7
6.1 Process of Assessment and Evaluation 7
6.2 Ratings 9
6.2.1 Evaluation agency selection 9
6.2.2 Assessment preparation 9
6.2.3 Programme preparation 10
6.2.4 On-site assessment 10
6.2.5 Analysis and Reporting 11
6.3 Power Monitoring System Security Protection Assessment 12
6.3.1 Evaluation form selection 12
6.3.2 Evaluation preparation 12
6.3.3 Site assessment 13
6.3.4 Analysis and report preparation 13
7 Safety rectification 14
7.1 Process of safety rectification 14
7.2 Rectification plan development 14
7.3 Security rectification implementation 15
7.4 Safety rectification acceptance 16
8 Return 16
8.1 Process of the power information system return phase 16
8.2 Information Transfer, Staging and Clearance 16
8.3 Equipment Migration or Return 17
8.4 Clearing or Destroying Storage Media 17
Reference 19
Foreword
This standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Please note that some of the contents of this document may involve patents. The issuing organization of this document is not responsible for identifying these patents.
This standard was proposed by the National Energy Administration.
This standard is under the jurisdiction of the National Electricity Regulatory Standardization Technical Committee (SAC/TC296).
This standard was drafted. National Energy Administration Information Center, China Southern Power Grid Corporation, National Power Investment Corporation, China Three Gorges
Group Company, Global Energy Internet Research Institute Co., Ltd., Beijing Zhuozhi Netan Technology Co., Ltd., China Electric Power Research Institute
Limited Company, State Grid Electric Power Research Institute Co., Ltd., Guodian Nanjing Automation Co., Ltd., China Southern Power Grid Science Research Institute Limited Liability
Company, China Software Testing Center.
The main drafters of this standard. Liang Jianyong, Hu Hongsheng, Wang Baoxi, Chen Xuehong, Yin Yuqing, Li Huan, Ye Shichao, Tao Wenwei, Wang Jing, Li Shuzhao,
Zhang Wei, Mao Wei, Fang Lei, Zhao Ting, Jiao Anchun, Gao Yankun, Yu Xuejun, Li Ling, Liu Yuchen, Wu Guohua, Qin Xuejia, Ding Xiaoyu, Liu Wei, Zhang Min,
Yu Baokun, Zhang Wuyi, Xu Aidong, Chen Huajun, Meng Jiaxiao, Zhou Feng, Hao Xin.
Introduction
To standardize the process, content and method of power information system security level protection implementation, strengthen the security management of power information system, and prevent
The infringement of the power network system caused by cyber attacks, ensuring the safe and stable operation of the power system, and formulating according to relevant national and industry policies.
This standard.
In the process of implementing the network security level protection of the power information system, in addition to using this standard, it should also refer to it at different stages.
He works on standards for cyber security level protection.
Power Information System Security Level Protection Implementation Guide
1 Scope
This standard specifies the basic principles, roles and responsibilities of the implementation of the security level protection of power information systems, as well as grading and filing, evaluation and
Basic activities such as assessment, safety rectification, and return shipping.
This standard is applicable to the implementation of the safety level protection of power information systems.
2 Normative references
The following documents are indispensable for the application of this document. For dated references, only dated versions apply to this article.
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
GB/T 20984 Information Security Technology Information Security Risk Assessment Specification
GB/T 22239 Information Security Technology Information System Security Level Protection Basic Requirements
GB/T 25058 Information Security Technology Information System Security Level Protection Implementation Guide
GB/T 25069 Information Security Technology Terminology
3 Terms and definitions
The following terms and definitions as defined in GB/T 25069 and GB/T 25058 apply to this document.
3.1
Electric power information system electricpowerinformationsystem
An information system related to production control and management operations of power companies.
Note. According to various factors such as the responsibility unit of the information system, business type and business importance and physical location difference, it can be divided into management information system and power supervision.
Control system.
3.2
Management information system managementinformationsystem
An information system that supports the management and operation of power companies.
Note. Includes portal system, financial management system, human resource management system, etc.
3.3
Power monitoring system electricpowersupervisionandcontrolsystem
Computer and network technology-based business systems and smart devices for monitoring and controlling power production and supply processes, and as
Basic support for communication and data networks.
Note. including power data acquisition and monitoring system, energy management system, substation automation system, converter station computer monitoring system, power plant computer monitoring
Systems, distribution automation systems, microcomputer relay protection and safety automation devices, wide-area phasor measurement systems, load control systems, water-conditioning automation systems and
Water elevator level dispatching automation system, electric energy metering system, auxiliary control system of real-time power market, power dispatching data network, etc.
3.4
Production control area productioncontrolzone
A safety zone consisting of a power monitoring system with data acquisition and control functions, longitudinal connection using a dedicated network or dedicated channels.
Note. Generally include control area and non-control area.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 37138-2018_English be delivered?Answer: Upon your order, we will start to translate GB/T 37138-2018_English as soon as possible, and keep you informed of the progress. The lead time is typically 3 ~ 5 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GB/T 37138-2018_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 37138-2018_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|