Confidentiality Levels

[ERelAlg]

After a meeting with Rado (from OPDE) and Semir (OPC/STA).

Context:

• OPDE

  • "OPDE Confidential" and "OPDE Secrets" are the current confidentiality levels.
  • These levels are defined after the security controls used to share the data. It is a non-trivial definition and they cannot provide it.
  • Four new levels will be used next year: "Normal", "High", "Very High" and "OPDE Confidential". The first three ones are taken from the GSP and the fourth is an edit of the "Very High" level.

• OPC/STA

  • "OPC/STA Confidential" is the only level that is used.
  • In principle, once the new definitions for OPDE are put in place and if it is ok for the OPDE team, we should be able to assimilate "OPC/STA Confidential" as "OPDE Very High".

Tasks for Eduardo:

• Speak with Daiga from ICT Solutions and obtain the new definitions of the confidentiality levels
• For now, we could include in the reference data the definition provided by Semir for "OPDE Confidential".
• Once I have the four levels, I will make OPC/STA Confidential == OPDE Very High

"OPDE Confidential" (by Semir): "Information/data which if disclosed to or modified by unauthorized persons, or subject to unplanned unavailability would cause either: substantial financial loss or substantial damage to the reputation or embarrassment to ENTSO-E; inability to deliver a critical service to the TSO community resulting in a loss of confidence; the breaking of any legal, regulatory or statutory laws or rules which could result in penalties or fines"