Secure Communications for OT

July 2023

The security of Operational Technology (OT) communications has been an issue for over 20 years and is becoming increasingly more important with the proliferation of Internet of Things (IoT) and Industrial IoT (IIoT) devices in OT. These devices use widely available and studied protocols, many riding on an Internet Protocol (IP) network, and use open communications methodologies including wireless and the Internet. In many cases, these protocols have been adapted from legacy protocols or implementations that assumed implicit security due to their proprietary nature and use of closed (non-public) communication networks. 

The Power System Communications and Cybersecurity Committee (PSCCC) of the PES is addressing the lack of OT cybersecurity by supporting the development of a number of IEEE Standards, Recommended Practices, and Guides to aid industry in securing their OT communications. These include wrapper protocols and new features added to existing protocols that can secure legacy protocols with minimal changes, as well as the development of new protocols that inherently include cybersecurity as part of their initial implementation. The PSCCC also is developing guidelines and recommended practices on how to apply cybersecurity approaches from other standards and recommendations (e.g., IPsec and IEC 62351) to existing communications; this is especially useful in cases where there are many options and configurations that can be confusing to non-cybersecurity staff implementing them.

Active Committees/Task Forces of Interest
  • To learn more & get involved, please check out the IEEE PES PSCCC website.
  • PSCCC-P0 Protocols and Architectures Subcommittee studies and reviews engineering, operational, and testing aspects of protocol and communication architecture requirements provided by other domains as they are applied and impact the Electric Power System.
  • PSCCC-S0 Cybersecurity Subcommittee studies and reviews engineering (including information technology and operation technology), operational, and testing aspects of cybersecurity related to the Electric Power System.
  • Both of these subcommittees and their working groups meet face-to-face three times per year (January, May, September) in conjunction with the Power System Relay and Control (PSRC) Committee; many working groups also hold intermediate web meetings.
IEEE Standards