EURUSD
Your shopping cart is empty.
SIST

SIST EN IEC 63208:2025

(Main)

Low-voltage switchgear and controlgear and their assemblies - Security requirements (IEC 63208:2025)

Low-voltage switchgear and controlgear and their assemblies - Security requirements (IEC 63208:2025)

IEC 63208:2025 This document applies to the main functions of switchgear and controlgear and their assemblies, called equipment, in the context of operational technology (OT 3.1.34). It is applicable to equipment with wired or wireless data communication means and their physical accessibility, within their limits of environmental conditions. It is intended to achieve the appropriate physical and cybersecurity mitigation against vulnerabilities to security threats.
This document provides requirements on the appropriate:
– security risk assessment to be developed including the attack levels, the typical threats, the impact assessment and the relationship with safety;
– levels of exposure of the communication interface and the determination of the equipment security level;
– assessment of the exposure level of the communication interfaces;
– assignment of the required security measures for the equipment;
– countermeasures for the physical access and the environment derived from ISO/IEC 27001;
– countermeasures referring to IEC 62443-4-2 with their criteria of applicability;
– user instructions for installation, operation and maintenance;
– conformance verification and testing, and – security protection profiles by family of equipment (Annex E to Annex I).
In particular, it focuses on potential vulnerabilities to threats resulting in:
– unintended operation, which can lead to hazardous situations;
– unavailability of the protective functions (overcurrent, earth fault, etc.);
– other degradation of main function.
It also provides guidance on the cybersecurity management with the:
– roles and responsibilities (Table 4);
– typical architectures (Annex A);
– use cases (Annex B);
– development methods (Annex C);
– recommendations to be provided to users and for integration into an assembly (Annex D);
– bridging references to cybersecurity management systems (Annex K).
This document does not cover security requirements for:
– information technology (IT);
– industrial automation and control systems (IACS), engineering workstations and their software applications;
– critical infrastructure or energy management systems;
– network device (communication network switch or virtual private network terminator), or
– data confidentiality other than for critical security parameters;
– design lifecycle management. For this aspect, see IEC 62443-4-1, ISO/IEC 27001 or other security lifecycle management standards.

Niederspannungsschaltgeräte und deren Niederspannungs-Schaltgerätekombinationen - Security Aspekte (IEC 63208:2025)

Appareillages et ensembles d'appareillages à basse tension - Exigences de sécurité (IEC 63208:2025)

IEC 63208:2025 Le présent document s'applique aux fonctions principales des appareillages et ensembles d'appareillages, appelés équipements, dans le contexte de la technologie d'exploitation (OT, 3.1.34). Il s'applique aux équipements équipés de moyens de communication de données filaires ou sans fil, ainsi qu'à leur accessibilité physique, dans les limites de leurs conditions d'environnement. Il a pour objet d'assurer l'atténuation appropriée de la sécurité physique et de la cybersécurité contre les vulnérabilités aux menaces à la sécurité.
Le présent document fournit des exigences sur les aspects appropriés suivants:
– l'appréciation du risque pour la sécurité à élaborer, y compris les niveaux d'attaque, les menaces types, l'appréciation de l'impact et la relation à la sécurité humaine;
– les niveaux d'exposition de l'interface de communication et la détermination du niveau de sécurité de l'équipement;
– l'évaluation du niveau d'exposition des interfaces de communication;
– l'attribution des mesures de sécurité exigées pour l'équipement;
– les contre-mesures pour l'accès physique et l'environnement selon l'ISO/IEC 27001;
– les contre-mesures en référence à l'IEC 62443-4-2, avec leurs critères d'applicabilité;
– les instructions pour l'utilisateur concernant l'installation, le fonctionnement et la maintenance;
– la vérification et les essais de conformité; et
– les profils de protection de la sécurité par famille d'équipements (de l'Annexe E à l'Annexe I).
En particulier, il met l'accent sur les vulnérabilités potentielles aux menaces entraînant:
– un fonctionnement non souhaitable, qui peut conduire à des situations dangereuses;
– une indisponibilité des fonctions de protection (surintensité, défaut de terre, etc.);
– toute autre dégradation de la fonction principale.
Il fournit également des recommandations concernant le management de la cybersécurité, avec:
– les rôles et responsabilités (Tableau 4);
– les architectures types (Annexe A);
– les cas d'utilisation (Annexe B);
– les méthodes de développement (Annexe C);
– les recommandations à fournir aux utilisateurs et à intégrer à un ensemble (Annexe D);
– l'établissement de références aux systèmes de management de la cybersécurité (Annexe K).
Le présent document ne fournit aucune exigence de sécurité en ce qui concerne:
– les technologies de l'information (TI);
– les systèmes d'automatisation et de commande industrielles (IACS, Industrial Automation And Control Systems), les postes de travail d'ingénierie
et leurs applications logicielles;
– les systèmes de management des infrastructures essentielles ou de l'énergie;
– les dispositifs de réseau (commutateur de réseau de communication ou terminaison de réseau privé virtuel); ou
– la confidentialité des données autre que pour les paramètres de sécurité critiques;
– la gestion du cycle de vie de la conception. Pour cet aspect, voir l'IEC 62443-4-1, l'ISO/IEC 27001 ou d'autres normes de gestion du cycle de vie de la sécurité.

Nizkonapetostne stikalne in krmilne naprave ter njihovi sestavi - Varnostne zahteve (IEC 63208:2025)

Ta dokument se uporablja za glavne funkcije stikalnih in krmilnih naprav ter njihovih sestavov, s skupnim imenom »oprema«, v kontekstu operativne tehnologije (OT 3.1.34). Uporablja se za opremo s sredstvi za žično ali brezžično podatkovno komunikacijo in njihovo fizično dostopnost v okviru omejitev okoljskih pogojev. Namenjen je doseganju ustreznega fizičnega in kibernetskega blaženja dovzetnosti za varnostne grožnje.
Ta dokument določa zahteve glede ustreznosti:
– ocene varnostnega tveganja, ki jo je treba razviti, vključno z ravnmi napadov, tipičnimi grožnjami, oceno vpliva in razmerjem do varnosti;
– ravni izpostavljenosti komunikacijskega vmesnika in določitve ravni varnosti opreme;
– ocene ravni izpostavljenosti komunikacijskih vmesnikov;
– dodelitve zahtevanih varnostnih ukrepov za opremo;
– protiukrepov za fizični dostop in okolje, izpeljanih iz standarda ISO/IEC 27001;
– protiukrepov, ki se navezujejo na standard IEC 62443-4-2, in njihovih kriterijev uporabnosti;
– navodil za uporabnike v zvezi z namestitvijo, delovanjem in vzdrževanjem;
– preverjanja in preskušanja skladnosti; ter
– varnostnih profilov po skupinah opreme (dodatki E do I).
Zlasti se osredotoča na morebitno dovzetnost za grožnje, ki povzroči:
– nenamerno delovanje, ki lahko povzroči nevarne situacije;
– nerazpoložljivost zaščitnih funkcij (nadtok, okvara ozemljitve itd.);
– drugo poslabšanje glavne funkcije.
Vsebuje tudi smernice za upravljanje kibernetske varnosti, ki vključujejo:
– vloge in odgovornosti (preglednica 4);
– značilne arhitekture (dodatek A);
– primere uporabe (dodatek B);
– razvojne metode (dodatek C);
– priporočila za uporabnike in za integracijo v sestav (dodatek D);
– sklice na sisteme upravljanja kibernetske varnosti (dodatek K).
Ta dokument ne zajema varnostnih zahtev za:
– informacijsko tehnologijo (IT);
– industrijsko avtomatizacijo in nadzorne sisteme (IACS), inženirske delovne postaje in njihove programske aplikacije;
– kritično infrastrukturo ali sisteme za upravljanje energije;
– omrežno napravo (stikalo komunikacijskega omrežja ali naprava za prekinitev navideznega zasebnega omrežja);
– zaupnost podatkov, razen za kritične varnostne parametre;
– upravljanje življenjskega cikla zasnove. V zvezi s tem glej standard IEC 62443-4-1, ISO/IEC 27001 ali druge standarde o upravljanju življenjskega cikla varnosti.
Ta dokument kot publikacija o varnosti izdelkov temelji na vodilu IEC 120.

General Information

Status
Published
Public Enquiry End Date
31-Oct-2024
Publication Date
12-Oct-2025
ICS
29.130.20 - Low voltage switchgear and controlgear
Technical Committee
SKA - Switchgear and control gear
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
08-Oct-2025
Due Date
13-Dec-2025
Completion Date
13-Oct-2025
Ref Project
EN IEC 63208:2025 - Low-voltage switchgear and controlgear and their assemblies - Security requirements
SIST EN IEC 63208:2025 - BARVESIST EN IEC 63208:2025 - BARVE
PreviousNext
Standard
SIST EN IEC 63208:2025 - BARVE
English language
131 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-november-2025
Nizkonapetostne stikalne in krmilne naprave ter njihovi sestavi - Varnostne
zahteve (IEC 63208:2025)
Low-voltage switchgear and controlgear and their assemblies - Security requirements
(IEC 63208:2025)
Niederspannungsschaltgeräte und deren Niederspannungs-Schaltgerätekombinationen -
Security Aspekte (IEC 63208:2025)
Appareillages et ensembles d'appareillages à basse tension - Exigences de sécurité
(IEC 63208:2025)
Ta slovenski standard je istoveten z: EN IEC 63208:2025
ICS:
29.130.20 Nizkonapetostne stikalne in Low voltage switchgear and
krmilne naprave controlgear
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN IEC 63208

NORME EUROPÉENNE
EUROPÄISCHE NORM October 2025
ICS 29.130.20
English Version
Low-voltage switchgear and controlgear and their assemblies -
Security requirements
(IEC 63208:2025)
Appareillages et ensembles d'appareillages à basse tension Niederspannungsschaltgeräte und deren Niederspannungs-
- Exigences de sécurité Schaltgerätekombinationen - Security Aspekte
(IEC 63208:2025) (IEC 63208:2025)
This European Standard was approved by CENELEC on 2025-09-26. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2025 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN IEC 63208:2025 E
European foreword
The text of document 121/221/FDIS, future edition 1 of IEC 63208, prepared by TC 121 "Switchgear
and controlgear and their assemblies for low voltage" was submitted to the IEC-CENELEC parallel
vote and approved by CENELEC as EN IEC 63208:2025.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2026-10-31
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2028-10-31
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national committee. A
complete listing of these bodies can be found on the CENELEC website.
Endorsement notice
The text of the International Standard IEC 63208:2025 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standard indicated:
IEC 60204-1:2016 NOTE Approved as EN 60204-1:2018
IEC 60364-1 NOTE Approved as HD 60364-1
IEC 60364-4-41 NOTE Approved as HD 60364-4-41
IEC 60364-4-43 NOTE Approved as HD 60364-4-43
IEC 60870-5 (series) NOTE Approved as EN 60870-5 (series)
IEC 60947-2 NOTE Approved as EN IEC 60947-2
IEC 60947-4-1 NOTE Approved as EN IEC 60947-4-1
IEC 60947-4-2 NOTE Approved as EN IEC 60947-4-2
IEC 60947-4-3 NOTE Approved as EN IEC 60947-4-3
IEC 60947-5-1 NOTE Approved as EN IEC 60947-5-1
IEC 60947-5-2 NOTE Approved as EN IEC 60947-5-2
IEC 60947-5-3 NOTE Approved as EN 60947-5-3
IEC 60947-5-5 NOTE Approved as EN 60947-5-5
IEC 60947-5-7 NOTE Approved as EN IEC 60947-5-7
IEC 60947-6-1 NOTE Approved as EN IEC 60947-6-1
IEC 60947-6-2 NOTE Approved as EN IEC 60947-6-2
IEC 61439-1:2020 NOTE Approved as EN IEC 61439-1:2021 (not modified)
IEC 61508-2 NOTE Approved as EN 61508-2
IEC 61439-2 NOTE Approved as EN IEC 61439-2
IEC 62061 NOTE Approved as EN IEC 62061
IEC 62264-1 NOTE Approved as EN 62264-1
IEC 62351 (series) NOTE Approved as EN IEC 62351 (series)
IEC 62351-5 NOTE Approved as EN IEC 62351-5
IEC 62351-6 NOTE Approved as EN IEC 62351-6
IEC 62351-8 NOTE Approved as EN IEC 62351-8
IEC 62351-9 NOTE Approved as EN IEC 62351-9
IEC 62443 (series) NOTE Approved as EN IEC 62443 (series)
IEC 62443-2-1 NOTE Approved as EN IEC 62443-2-1
IEC 62443-2-4 NOTE Approved as EN IEC 62443-2-4
IEC 62443-3-3:2013 NOTE Approved as EN IEC 62443-3-3:2019 (not modified)
IEC 62559-2:2015 NOTE Approved as EN 62559-2:2015 (not modified)
IEC/TR 63069 NOTE Approved as CLC IEC/TR 63069
IEC/TR 63201:2019 NOTE Approved as CLC IEC/TR 63201:2020 (not modified)
ISO/IEC 15408-1:2022 NOTE Approved as EN ISO/IEC 15408-1:2023 (not modified)
ISO/IEC 15408-2:2022 NOTE Approved as EN ISO/IEC 15408-2:2023 (not modified)
ISO/IEC 27000:2018 NOTE Approved as EN ISO/IEC 27000:2020 (not modified)
ISO/IEC 27002:2022 NOTE Approved as EN ISO/IEC 27002:2022 (not modified)
ISO/TS 14441:2013 NOTE Approved as CEN ISO/TS 14441:2013 (not modified)
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments)
applies.
NOTE 1  Where an International Publication has been modified by common modifications, indicated by (mod),
the relevant EN/HD applies.
NOTE 2  Up-to-date information on the latest versions of the European Standards listed in this annex is available
here: www.cencenelec.eu.
Publication Year Title EN/HD Year
IEC 60364-7-729 - Low-voltage electrical installations - Part 7- HD 60364-7-729 -
729: Requirements for special installations
or locations - Operating or maintenance
gangways
IEC 60947-1 2020 Low-voltage switchgear and controlgear - EN IEC 60947-1 2021
Part 1: General rules
IEC 61439-1 2020 Low-voltage switchgear and controlgear EN IEC 61439-1 2021
assemblies - Part 1: General rules
IEC 62443-3-2 2020 Security for industrial automation and EN IEC 62443-3-2 2020
control systems - Part 3-2: Security risk
assessment for system design
IEC 62443-4-1 2018 Security for industrial automation and EN IEC 62443-4-1 2018
control systems - Part 4-1: Secure product
development lifecycle requirements
IEC 62443-4-2 2019 Security for industrial automation and EN IEC 62443-4-2 2019
control systems - Part 4-2: Technical
security requirements for IACS components
IEC/TS 62443-6-2 2025 Security for industrial automation and - -
control systems - Part 6-2: Security
evaluation methodology for IEC 62443-4-2
ISO/IEC 27001 2022 Information security, cybersecurity and EN ISO/IEC 27001 2023
privacy protection - Information security
management systems - Requirements
+ A1 2024 + A1 2024
ISO/IEC 27005 2022 Information security, cybersecurity and EN ISO/IEC 27005 2024
privacy protection - Guidance on managing
information security risks
ISO/IEC 27402 2023 Cybersecurity - IoT security and privacy - - -
Device baseline requirements
IEC 63208 ®
Edition 1.0 2025-08
INTERNATIONAL
STANDARD
Low-voltage switchgear and controlgear and their assemblies - Security
requirements
ICS 29.130.20  ISBN 978-2-8327-0604-6

IEC 63208:2025-08(en)
IEC 63208:2025 © IEC 2025
CONTENTS
FOREWORD. 8
INTRODUCTION . 10
1 Scope . 12
2 Normative references . 13
3 Terms, definitions and abbreviated terms . 13
3.1 Terms and definitions . 13
3.2 Abbreviated terms . 19
4 General . 20
5 Security objectives . 20
6 Security lifecycle management . 20
6.1 General . 20
6.2 Security risk assessment . 22
6.2.1 General . 22
6.2.2 Relationship between safety and security . 23
6.2.3 Impact assessment . 24
6.2.4 Security risk assessment result . 24
6.3 Response to security risk . 24
6.4 Security requirement specification . 25
6.5 Roles and responsibilities . 25
6.6 Important data . 26
6.7 Control system architecture . 26
6.7.1 Control system . 26
6.7.2 Levels of communication functionalities . 26
6.7.3 Levels of connectivity . 28
6.7.4 Exposure levels of equipment . 30
6.7.5 Equipment security levels . 30
6.7.6 Security protection profile . 31
7 Security requirements . 32
7.1 General . 32
7.2 Physical access and environment . 32
7.2.1 PA – Physical access and environment requirement . 32
7.2.2 Physical access and environment rationale . 32
7.2.3 PA-e – Physical access and environment enhancement . 33
7.2.4 Physical access and environment typical implementation . 34
7.3 Equipment requirement . 34
7.3.1 General . 34
7.3.2 FR 1 – Identification and authentication control . 35
7.3.3 FR 2 – Use control . 39
7.3.4 FR 3 – System integrity . 44
7.3.5 FR 4 – Data confidentiality . 50
7.3.6 FR 5 – Restricted data flow . 51
7.3.7 FR 6 – Timely response to events . 51
7.3.8 FR 7 – Resource availability . 52
8 Instructions for installation, operation and maintenance . 55
8.1 User instruction requirement . 55
8.2 User instruction enhancement . 56
IEC 63208:2025 © IEC 2025
8.3 User instruction implementation . 56
9 Conformance verification and testing. 57
9.1 General . 57
9.2 Design documentation . 57
9.3 Physical access . 57
9.3.1 Verification of physical access and environment . 57
9.3.2 Verdict criterion . 57
9.3.3 Physical access and environment enhancement . 57
9.3.4 Verdict criterion . 57
9.4 FR 1 – Identification and authentication control . 57
9.4.1 CR 1.1 – Human user identification and authentication . 57
9.4.2 CR 1.2 – Software and equipment identification and authentication . 58
9.4.3 CR 1.5 – Authenticator management . 58
9.4.4 CR 1.7 – Strength of password-based authentication . 59
9.4.5 CR 1.8 – Public key infrastructure certificates . 59
9.4.6 CR 1.9 – Strength of public key-based authentication . 60
9.4.7 CR 1.10 – Authenticator feedback . 60
9.4.8 CR 1.11 – Unsuccessful login attempts . 60
9.4.9 CR 1.14 – Strength of symmetric key-based authentication . 61
9.5 FR 2 – Use control . 61
9.5.1 CR 2.1 – Authorisation enforcement . 61
9.5.2 CR 2.2 – Wireless use control . 61
9.5.3 EDR 2.4 – Mobile code . 62
9.5.4 CR 2.5 – Session lock . 62
9.5.5 CR 2.6 – Remote session termination . 62
9.5.6 CR 2.7 – Concurrent session control . 63
9.5.7 CR 2.8 – Auditable events . 63
9.5.8 CR 2.9 – Audit storage capacity . 63
9.5.9 CR 2.10 – Response to audit processing failures . 64
9.5.10 CR 2.11 – Timestamps . 64
9.5.11 CR 2.12 – Non-repudiation . 65
9.5.12 EDR 2.13 – Use of physical diagnostic and test interfaces . 65
9.6 FR 3 – System integrity . 65
9.6.1 CR 3.1 – Communication integrity . 65
9.6.2 EDR 3.2 – Protection from malicious code . 66
9.6.3 CR 3.3 – Security functionality verification . 66
9.6.4 CR 3.4 – Software and information integrity . 66
9.6.5 CR 3.5 – Input validation . 67
9.6.6 CR 3.6 – Deterministic output . 67
9.6.7 CR 3.7 – Error handling . 67
9.6.8 CR 3.8 – Session Integrity . 67
9.6.9 CR 3.9 – Protection of audit information . 68
9.6.10 EDR 3.10 – Support for updates . 68
9.6.11 EDR 3.11 – Physical tamper resistance and detection . 68
9.6.12 EDR 3.12 – Provisioning product supplier roots of trust . 69
9.6.13 EDR 3.13 – Provisioning asset owner roots of trust . 69
9.6.14 EDR 3.14 – Integrity of the boot process. 69
9.7 FR 4 – Data confidentiality . 70
9.7.1 CR 4.1 – Information confidentiality . 70
IEC 63208:2025 © IEC 2025
9.7.2 CR 4.3 – Use of cryptography . 70
9.8 FR 6 – Timely response to events . 70
9.8.1 CR 6.1 – Audit log accessibility . 70
9.9 FR 7 – Resource availability . 71
9.9.1 CR 7.1 – Denial of service protection . 71
9.9.2 CR 7.2 – Resource management . 71
9.9.3 CR 7.3 – Control system backup . 71
9.9.4 CR 7.4 – Control system recovery and reconstitution . 72
9.9.5 CR 7.6 – Network and security configuration settings . 72
9.9.6 CR 7.7 – Least functionality . 72
9.9.7 CR 7.8 – Control system inventory . 72
Annex A (informative) Cybersecurity and electrical system architecture . 74
A.1 General . 74
A.2 Typical architecture involving switchgear, controlgear and their assembly . 74
A.2.1 Building . 74
A.2.2 Manufacturing . 75
Annex B (informative) Use case studies . 77
B.1 General . 77
B.2 Use case 1 – Protection against Denial of Service (DoS) attack . 78
B.3 Use case 2 – Protection against unauthorised modification of sensing device . 79
B.4 Use case 3 – Protection against unauthorised modification of wireless
equipment . 80
B.5 Use case 4 – Protection against threat actor remotely taking control of a
"managing" intelligent assembly . 81
Annex C (informative) Development methods of cybersecurity measures . 82
Annex D (informative) Security related instructions in the product documentation . 83
D.1 General . 83
D.2 Risk assessment and security planning . 83
D.2.1 Risk assessment . 83
D.2.2 Security plan . 83
D.3 Recommendations for design and installation of the system integrating
switchgear, controlgear and their assemblies . 84
D.3.1 General access control . 84
D.3.2 Recommendations for local access . 84
D.3.3 Recommendations for remote access . 85
D.3.4 Recommendations for firmware upgrades . 86
D.3.5 Recommendations for the end of life . 86
D.4 Instructions for an assembly . 86
Annex E (normative) Security protection profile of soft-starter and semiconductor
controller . 87
E.1 Introduction . 87
E.1.1 Security protection profile reference . 87
E.1.2 Target of evaluation overview . 87
E.1.3 General mission objectives . 88
E.1.4 Features . 88
E.1.5 Product usage . 88
E.1.6 Users . 88
E.2 Assumptions . 89
E.3 Conformance claims and conformance statement . 89
IEC 63208:2025 © IEC 2025
E.4 Security problem definition . 89
E.4.1 Critical assets of the environment . 89
E.4.2 ToE critical assets . 90
E.4.3 Threat modelFR 7 – Resource availability . 90
E.5 Security objectives . 91
E.6 Security requirements . 91
E.6.1 Security functional requirements . 91
E.6.2 Security assurance requirements . 91
Annex F (normative) Security protection profile of network connected motor starter . 92
F.1 Introduction . 92
F.1.1 Security protection profile reference . 92
F.1.2 Target of evaluation overview . 92
F.1.3 General mission objectives . 93
F.1.4 Features . 93
F.1.5 Product usage . 93
F.1.6 Users . 93
F.2 Assumptions . 94
F.3 Conformance claims and conformance statement . 94
F.4 Security problem definition . 94
F.4.1 Critical assets of the environment . 94
F.4.2 ToE critical assets . 95
F.4.3 Threat model . 95
F.5 Security objectives . 96
F.6 Security requirements . 96
F.6.1 Security functional requirements . 96
F.6.2 Security assurance requirements . 96
Annex G (normative) Security protection profile of circuit-breaker . 97
G.1 Introduction . 97
G.1.1 Security protection profile reference . 97
G.1.2 Target of evaluation overview . 97
G.1.3 General mission objectives . 98
G.1.4 Features . 98
G.1.5 Product usage . 98
G.1.6 Users . 98
G.2 Assumptions . 99
G.3 Conformance claims and conformance statement . 99
G.4 Security problem definition . 99
G.4.1 Critical assets of the environment . 99
G.4.2 ToE critical assets . 100
G.4.3 Threat model . 100
G.5 Security objectives . 101
G.6 Security requirements . 101
G.6.1 Security functional requirements . 101
G.6.2 Security assurance requirements . 101
Annex H (normative) Security protection profile of transfer switch equipment . 102
H.1 Introduction . 102
H.1.1 Security protection profile reference . 102
H.1.2 Target of evaluation overview . 102
H.1.3 General mission objectives . 103
IEC 63208:2025 © IEC 2025
H.1.4 Features . 103
H.1.5 Product usage . 103
H.1.6 Users . 103
H.2 Assumptions . 104
H.3 Conformance claims and conformance statement . 104
H.4 Security problem definition . 104
H.4.1 Critical assets of the environment . 104
H.4.2 ToE critical assets . 105
H.4.3 Threat model . 105
H.5 Security objectives . 106
H.6 Security requirements . 106
H.6.1 Security functional requirements . 106
H.6.2 Security assurance requirements . 107
Annex I (normative) Security protection profile for wireless controlgear with its
communication interface . 108
I.1 Introduction . 108
I.1.1 Security protection profile reference . 108
I.1.2 Target of evaluation overview . 108
I.1.3 General mission objectives . 109
I.1.4 Features . 109
I.1.5 Product usage . 109
I.1.6 Users . 109
I.2 Assumptions . 109
I.3 Conformance claims and conformance statement . 110
I.4 Security problem definition . 110
I.4.1 Critical assets of the environment . 110
I.4.2 ToE critical assets . 110
I.4.3 Threat model . 111
I.5 Security objectives . 111
I.6 Security requirements . 112
I.6.1 Security functional requirements . 112
I.6.2 Security assurance requirements . 112
Annex J (informative) Equipment requirements by level of exposure . 113
Annex K (informative) Bridging references to cybersecurity management systems . 115
Annex L (informative) Mapping of provisions to the essential cybersecurity
requirements of the European Cyber Resilient Act Annexes . 120
Bibliography . 123

Figure 1 – Standard landscape . 11
Figure 2 – Example of physical interfaces of an embedded device in an equipment
which can be subject to an attack . 22
Figure 3 – Example of relation between security and safety . 23
Figure 4 – Control system architecture with switchgear and controlgear . 27
Figure 5 – Control system connectivity level C1 . 28
Figure 6 – Control system connectivity level C2 . 28
Figure 7 – Control system connectivity level C3 . 28
Figure 8 – Control system connectivity level C4 . 29
Figure 9 – Control system connectivity level C5 . 29
IEC 63208:2025 © IEC 2025
Figure 10 – Structure of a security protection profile . 31
Figure 11 – Example of security instruction symbol . 56
Figure A.1 – Building electrical architecture . 75
Figure A.2 – Industrial plants . 76
Figure E.1 – Machinery control architecture . 87
Figure F.1 – Machinery control architecture . 92
Figure G.1 – Circuit-breaker in its environment . 97
Figure H.1 – Functional units of the transfer switch equipment . 102
Figure I.1 – Machinery control architecture . 108

Table 1 – Potential attack levels . 21
Table 2 – Typical threats . 21
Table 3 – Impact evaluation . 24
Table 4 – Roles related to security responsibilities . 25
Table 5 – Level of exposure of an equipment . 30
Table 6 – Equipment security level . 31
Table 7 – Physical access related requirement references . 33
Table 8 – Physical access enhancement related requirement references . 33
Table B.1 – List of actors . 77
Table B.2 – Base line requirement. 77
Table B.3 – Security problems of use cases . 77
Table E.1 – Security requirements for the critical assets of the environment . 89
Table E.2 – Security requirements for the critical assets . 90
Table E.3 – Security functional requirements . 91
Table F.1 – Security requirements for the critical assets of the environment . 95
Table F.2 – Security requirements for the critical assets . 95
Table F.3 – Security functional requirements . 96
Table G.1 – Security requirements for the critical assets of the environment . 100
Table G.2 – Security requirements for the critical assets . 100
Table G.3 – Security functional requirements . 101
Table H.1 – Security requirements for the critical assets of the environment. 105
Table H.2 – Security requirements for the critical assets . 105
Table H.3 – Security functional requirements . 106
Table I.1 – Security requirements for the critical assets of the environment . 110
Table I.2 – Security requirements for the critical assets . 111
Table I.3 – Security functional requirements . 112
Table J.1 – Equipment requirements by level of exposure . 113
Table K.1 – Useful security standards . 115
Table K.2 – Contribution of switchgear, controlgear and their assemblies to ISO and
IEC horizontal security framework . 117
Table K.3 – Mapping to other security framework . 118
Table K.4 – Requirements for IACS not relevant for switchgear, controlgear and their
assemblies . 118
IEC 63208:2025 © IEC 2025
Table K.5 – Requirements for IoT device not relevant for switchgear, controlgear and
their assemblies . 119
Table L.1 – Mapping to the essential cybersecurity requirements of the CRA Annex I . 120

IEC 63208:2025 © IEC 2025
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
Low-voltage switchgear and controlgear and their assemblies -
Security requirements
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as "IEC Publication(s)"). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN IEC 62683-2-2:2026(Main)
Low-voltage switchgear and controlgear - Product data and properties for information exchange - Engineering data - Part 2-2: Switchgear and controlgear assembly objects for building information modelling (IEC 62683-2-2:2025)
EN IEC 62683-2-2:2025

IEC 62683-2-2:2025 specifies the building information modelling (BIM) with the physical characteristics and technical services of low-voltage switchgear and controlgear assemblies to be used mainly for the construction phase of the building and also for delivering data for operation.
This document covers all types of assemblies covered by the IEC 61439 series which can be installed in a building.
Busbar trunking systems defined by IEC 61439-6 are under consideration for a next edition.
These BIM object models, registered in IEC CDD, are intended to supply the process defined by ISO 16739 series.
This document does not cover:
– the build-in components included within the assembly such as switchgear and controlgear,
– safety related control system of machinery,
– the detailed electrical and mechanical configuration of the assembly
– logistic information.

  • Standard
    33 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-5-7:2025(Main)
Low-voltage switchgear and controlgear - Part 5-7: Control circuit devices and switching elements - Proximity devices with analogue output (IEC 60947-5-7:2024)
EN IEC 60947-5-7:2025

IEC 60947-5-7:2024 states the requirements for proximity devices that correspond to the scope of IEC 60947-5-2:2019 with analog output (PDAO) and/or a digital output to transmit a corresponding digital value representing the detected sensing input. These devices can provide additional parameters.
This second edition cancels and replaces the first edition published in 2003. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) New structure;
b) Update and expansion of definitions on analog output properties;
c) Expanded performance requirements on analog output;
d) Update and new normative references;
e) Update of EMC requirements;
f) Harmonization with IEC 62828 series;
g) Harmonization with IEC 62683 and IEC 61987 definitions;
h) Harmonization with IEC 61131-2 requirements;
i) Update of the Annex A (former Annex G), Example of the determination of the conformity;
j) New Annex B, Overview tests and influence quantities;
k) New Annex C, Additional requirements for proximity switches with analog output incorporating a built-in communication interface complying with IEC 61131-9;
l) New Annex D, Main characteristics for proximity devices with analog output.

  • Standard
    49 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62626-1:2025(Main)
Low-voltage switchgear and controlgear enclosed equipment - Part 1: Additional requirements for enclosed switch-disconnectors in accordance with IEC 60947-3 - Isolation of electrical equipment during repair and maintenance work in specific applications (IEC 62626-1:2023)
EN IEC 62626-1:2025

IEC 62626-1:2023 is available as IEC 62626-1:2023 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.

IEC 62626-1:2023 applies to enclosed switches-disconnectors with rated voltages up to 1 000 V AC for repair and maintenance work or cleaning work in load circuits. Devices within the scope of this document are switch-disconnectors in accordance with IEC 60947-3 with specific additional requirements. Enclosed switch-disconnectors in this document are suitable for isolation in accordance with the IEC 60947 series and are not equipped with means for remote control or automatic switching to avoid unexpected or accidental start. These devices are not used for operational switching, for example quick start and stop, jogging. This second edition cancels and replaces the first edition published in 2014. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) update of this document based on IEC 60947-1:2020.

  • Standard
    14 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 61095:2025(Main)
Electromechanical contactors for household and similar purposes (IEC 61095:2023)
EN IEC 61095:2025

IEC 61095:2023 is available as IEC 61095:2023 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.

IEC 61095:2023 applies to electromechanical air break contactors for household and similar purposes provided with main contacts intended to be connected to circuits the rated voltage of which does not exceed 440 V AC (between phases) with rated operational currents less than or equal to 63 A for utilization category AC-7a, and 32 A for utilization categories AC‑7b, AC‑7c and AC-7d (expressed in rated power), and rated conditional short-circuit current less than or equal to 6 kA. This third edition cancels and replaces the second edition published in 2009. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition:
a) addition of requirements for screwless terminals;
b) addition of requirements for the switching of LED lamps. Contactors for domestic and similar applications can be used for controlling lighting loads which is increasingly using LED lamp technology. A specific category for contactors is created: AC-7d. Requirements and tests are added to cover this market development, mainly for making and breaking and conventional operational performance;
c) addition of requirements for contactors with electronically controlled electromagnet. Household contactors with electronically controlled electromagnet are available for years on the market. To fully cover such device, requirements and tests are added, dealing mainly with operating limits, behaviour in abnormal conditions, breakdown of components, EMC tests, etc.
d) embedded software. More and more contactors are incorporating electronic circuits with embedded software. A reference is provided to guide the design of the software.

  • Standard
    146 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-4-1:2025(Main)
Low-voltage switchgear and controlgear - Part 4-1: Contactors and motor-starters - Electromechanical contactors and motor-starters (IEC 60947-4-1:2023)
EN IEC 60947-4-1:2025

IEC 60947-4-1:2023 is applicable to the following equipment:
- electromechanical contactors and starters including motor protective switching devices (MPSD and IMPSD);
- actuators of contactor relays;
- contacts dedicated exclusively to the coil circuit of the contactor or the contactor relay;
- dedicated accessories (e.g. dedicated wiring, dedicated latch accessory);
intended to be connected to distribution circuits, motors circuits and other load circuits, the rated voltage of which does not exceed 1 000 V AC or 1 500 V DC.
This fifth edition cancels and replaces the fourth edition published in 2018. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) objective in the scope;
b) instantaneous only motor protective switching device IMPSD (3.5.33);
c) kinds of equipment (5.2.1);
d) methods of overload protection of motors (5.2.6);
e) adoption of the AC-7d from IEC 61095:2023 (in 5.4.2);
f) separately mounted overload relay of a starter (in 5.7.3 b));
g) starter and contactor suitable for use downstream to basic drive module (6.1.2 w));
h) reference to IEC TS 63058 for environmental aspects (in 6.4);
i) wiring subject to movement (in 8.1.3);
j) use of voltage transient limiting device (8.1.18);
k) accessible parts subject to temperature limits (in 8.2.2.3);
l) reference to Annex X of IEC 60947-1:2020 for the co-ordination of MPSD with SCPD (8.2.5.4);
m) reference to IEC TR 63216 with different EMC environments (8.3.1);
n) reference to IEC TR 63201 for the embedded software design (8.4);
o) reference to IEC TS 63208 for cybersecurity aspects (8.5);
p) update and completion of the measurement method of the power consumption of the electromagnet (9.3.3.2.1.2);
q) update of Annex C including rational about AC-3e;
r) determination of the critical load current for photovoltaic applications (M.8.7).

  • Standard
    191 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-3:2021/A1:2025(Amendment)
Low-voltage switchgear and controlgear - Part 3: Switches, disconnectors, switch-disconnectors and fuse-combination units (IEC 60947-3:2020/AMD1:2025)
EN IEC 60947-3:2021/A1:2025
  • Amendment
    32 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-7-1:2025(Main)
Low-voltage switchgear and controlgear - Part 7-1: Ancillary equipment - Terminal blocks for copper conductors (IEC 60947-7-1:2025)
EN IEC 60947-7-1:2025

IEC 60947-7-1:2025 specifies requirements for terminal blocks and test disconnect terminal blocks according to Annex D with screw-type or screw-less-type clamping units primarily intended for industrial or similar use and to be fixed to a support to provide electrical and mechanical connection between copper conductors. It applies to terminal blocks intended to connect round copper conductors, with or without special preparation, having a cross-section between 0,05 mm2/30 AWG and 300 mm2/600 kcmil, intended to be used in circuits of a rated voltage not exceeding 1 000 V AC up to 1 000 Hz or 1 500 V DC. The tests on terminal blocks are made with AC or DC supply as required in relevant clauses of this document.
This fourth edition cancels and replaces the third edition published in 2009. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Scope extension for smaller conductor cross-sections;
b) Implementation of a contact pressure via insulation material (CoPI) test;
c) Introduction of new informative Annex E for larger cross-sections;
d) Reorganisation of all tables merged into two tables for electrical and mechanical values;
e) Implementation of AWG-sizes conductor types as an equivalent type of metric conductor with examples in Annex C;
f) Reorganisation of Annex D test disconnect terminal blocks to enhance readability;
g) Introduction of new informative Annex A for main characteristics of terminal blocks.

  • Standard
    55 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-9-2:2025(Main)
Low-voltage switchgear and controlgear - Part 9-2: Active arc-fault mitigation systems - Optical-based internal arc-detection and mitigation devices (IEC 60947-9-2:2021)
EN IEC 60947-9-2:2025

This document covers internal arc-fault control devices, hereinafter referred to as IACD, which
are intended to:
- detect internal arc-faults in low-voltage switchgear and controlgear assemblies, by
processing (at a minimum) the optical effect of an internal arc-fault, and
- operate mitigation device (either external or combined)
in order to minimize the effects of the internal arc-fault (see Figure 1).
For the purpose of this document the terms "light" or "optical" covers more than visible spectra.
They may cover also, for example, infrared or ultraviolet electromagnetic radiations (see
Annex D).
For combined-type IACD, this document is considered in addition to the relevant product
standard for internal arc-fault mitigation devices (IARD per IEC TS 63107:2020). Compliance
to the relevant product standard is mandatory and cannot be claimed by testing to this document
alone.
NOTE 1 Low-voltage switchgear and controlgear assemblies are usually described by IEC 61439 series.
[Figure 1]
Therefore, this document covers the following:
- internal arc-fault control device (stand-alone, multifunction or combined);
- one or more associated sensor(s) used to detect optical effect of the internal arc-fault;
- sensor(s), sensing another physical effect, to confirm the fault;
- associated or combined mitigation device.
An IACD is not intended to trigger under normal operation of low-voltage switchgear and
controlgear (i.e. absence of internal arc-fault), including normal arcing associated with
operation of disconnecting and switching devices.
This document only covers the following methods:
- optical detection of the light caused by an internal arc-fault;
- optional confirmation of internal arc-fault by line current measurement.
Many different conductive materials could be used in LV assemblies (e.g. steel, copper,
aluminium). Nevertheless, tests specified in this document are deemed to represent the most
critical and challenging conditions for arc-detection and cover all combinations of conductive
materials.
NOTE 2 Compared to other materials (e.g. steel, aluminium), copper leads to a lower optical radiation energy.
The rated voltage of the assembly in which an IACD is installed does not exceed 1 000 V AC.
Such devices are designed to be operated and maintained by skilled persons only.
This document does not cover:
- DC internal arc-fault detection and control;
- overcurrent relays;
- AFDD (arc-fault detection devices) as defined by IEC 62606;
- guidance on installation within assemblies;
NOTE 3 The integration of an IACD into an assembly is described in IEC TS 63107.
- use with additional measures needed for installation and operation within explosive
atmospheres. These are given in IEC 60079 series documents;
- requirements for embedded software and firmware design rules; for this subject, the
manufacturer is responsible for taking additional safety measures;
NOTE 4 IEC TR 63201 describes rules for firmware and embedded software development preventing errors in
software.
- cybersecurity aspects; for this subject, the manufacturer is responsible for taking additional
safety measures;
NOTE 5 See IEC TS 63208.
- mobile applications.
NOTE 6 Even when addressing internal arc-fault mitigation devices, this document does not supersede any other
relevant product standard (e.g. IEC 60947-2 or IEC 60947-9-1).
NOTE 7 DC arcing fault phenomena are under consideration. Further investigation is needed to comprehend DC
arcing phenomena and required sensing.

  • Standard
    90 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 60947-5-1:2025(Main)
Low-voltage switchgear and controlgear - Part 5-1: Control circuit devices and switching elements - Electromechanical control circuit devices (IEC 60947-5-1:2024)
EN IEC 60947-5-1:2025

IEC 60947-5-1:2024 applies to control circuit devices and switching elements intended for controlling, signalling, interlocking, etc., of switchgear and controlgear.
It applies to control circuit devices having a rated voltage not exceeding 1 000 V AC (at a frequency not exceeding 1 000 Hz) or 600 V DC.
This fifth edition cancels and replaces the fourth edition published in 2016. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) update of the scope structure and exclusions;
b) requirements for control circuits;
c) update of the normal service conditions (e.g. shock and vibration);
d) update of information and marking requirements including environmental information requirements referencing IEC TS 63058:2021;
e) update of the constructional requirements and the corresponding tests considering safety aspects (e.g. artificial optical radiation, security aspects, limited energy source, stored charge energy circuit);
f) update of the EMC requirements according to the generic documents;
g) new requirements for reed contact magnetic switches in Annex D;
h) requirements for class II circuit devices achieved by double or reinforced insulation in Annex F;
i) update of pull-out tests in Annex G;
j) information requirements for audible signalling device in Annex J;
k) insertion of new Annex O.

  • Standard
    136 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 61439-5:2023/AC:2025(Corrigendum)
Low-voltage switchgear and controlgear assemblies - Part 5: Assemblies for power distribution in public networks (IEC 61439-5:2023/COR1:2025)
EN IEC 61439-5:2023/AC:2025-02
  • Corrigendum
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day