IEC 62351
Encyclopedia
IEC 62351 is a standard developed by WG15 of IEC
TC57
. This is developed for handling the security of TC 57 series of protocols including IEC 60870-5
series, IEC 60870-6
series, IEC 61850 series, IEC 61970
series & IEC 61968
series. The different security objectives include authentication of data transfer through digital signatures, ensuring only authenticated access, prevention of eavesdropping
, prevention of playback and spoofing
, and intrusion detection.
International Electrotechnical Commission
The International Electrotechnical Commission is a non-profit, non-governmental international standards organization that prepares and publishes International Standards for all electrical, electronic and related technologies – collectively known as "electrotechnology"...
TC57
IEC TC 57
IEC Technical Committee 57 is one of the technical committees of the International Electrotechnical Commission .TC 57 is responsible for development of standards for information exchange for power systems and other related systems including Energy Management Systems, SCADA, distribution automation...
. This is developed for handling the security of TC 57 series of protocols including IEC 60870-5
IEC 60870-5
In electrical engineering and power system automation, the International Electrotechnical Commission 60870 standards define systems used for telecontrol . Such systems are used for controlling electric power transmission grids and other geographically widespread control systems...
series, IEC 60870-6
IEC 60870-6
IEC 60870 part 6 is one of the IEC 60870 set of standards which define systems used for telecontrol in electrical engineering and power system automation applications...
series, IEC 61850 series, IEC 61970
IEC 61970
The IEC 61970 series of standards deals with the application program interfaces for energy management systems . The series provides a set of guidelines and standards to facilitate:...
series & IEC 61968
IEC 61968
IEC 61968 is a series of standards under development that will define standards for information exchanges between electrical distribution systems. These standards are being developed by Working Group 14 of Technical Committee 57 of the IEC...
series. The different security objectives include authentication of data transfer through digital signatures, ensuring only authenticated access, prevention of eavesdropping
Eavesdropping
Eavesdropping is the act of secretly listening to the private conversation of others without their consent, as defined by Black's Law Dictionary...
, prevention of playback and spoofing
Spoofing attack
In the context of network security, a spoofing attack is a situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage.- Spoofing and TCP/IP :...
, and intrusion detection.
Standard Details
- IEC 62351-1 — Introduction to the standard
- IEC 62351-2 — Glossary of terms
- IEC 62351-3 — Security for any profiles including TCP/IP.
- TLSTransport Layer SecurityTransport Layer Security and its predecessor, Secure Sockets Layer , are cryptographic protocols that provide communication security over the Internet...
Encryption - Node Authentication
- Message Authentication
- TLS
- IEC 62351-4 — Security for any profiles including MMSManufacturing Message SpecificationManufacturing Message Specification is an international standard dealing with messaging system for transferring real time process data and supervisory control information between networked devices and/or computer applications. The standard is developed and maintained by the ISO Technical...
(e.g., ICCP-based IEC 60870-6IEC 60870-6IEC 60870 part 6 is one of the IEC 60870 set of standards which define systems used for telecontrol in electrical engineering and power system automation applications...
, IEC 61850, etc.).- Authentication for MMS
- TLS (RFC 2246)is inserted between RFC 1006 & RFC 793 to provide transport layer security
- IEC 62351-5 — Security for any profiles including IEC 60870-5IEC 60870-5In electrical engineering and power system automation, the International Electrotechnical Commission 60870 standards define systems used for telecontrol . Such systems are used for controlling electric power transmission grids and other geographically widespread control systems...
(e.g., DNP3DNP3DNP3 is a set of communications protocols used between components in process automation systems. Its main use is in utilities such as electric and water companies. Usage in other industries is not common. It was developed for communications between various types of data acquisition and control...
derivative)- TLS for TCP/IP profiles and encryption for serial profiles.
- IEC 62351-6 — Security for IEC 61850 profiles.
- VLAN use is made as mandatory for GOOSEGooseThe word goose is the English name for a group of waterfowl, belonging to the family Anatidae. This family also includes swans, most of which are larger than true geese, and ducks, which are smaller....
- RFC 2030 to be used for SNTP
- VLAN use is made as mandatory for GOOSE
- IEC 62351-7 — Security through network and system management.
- Defines Management Information BaseManagement information baseA management information base is a virtual database used for managing the entities in a communications network. Most often associated with the Simple Network Management Protocol , the term is also used more generically in contexts such as in OSI/ISO Network management model...
(MIBs) that are specific for the power industry, to handle network and system management through SNMP based methods.
- Defines Management Information Base
See also
- IEC TC 57IEC TC 57IEC Technical Committee 57 is one of the technical committees of the International Electrotechnical Commission .TC 57 is responsible for development of standards for information exchange for power systems and other related systems including Energy Management Systems, SCADA, distribution automation...
- List of IEC Technical Committees