IEC 62351

IEC 62351 is a standard developed by WG15 of IEC TC57. This is developed for handling the security of TC 57 series of protocols including IEC 60870-5 series, IEC 60870-6 series, IEC 61850 series, IEC 61970 series & IEC 61968 series. The different security objectives include authentication of data transfer through digital signatures, ensuring only authenticated access, prevention of eavesdropping, prevention of playback and spoofing, and intrusion detection.

Standard details

  • IEC 62351-1 — Introduction to the standard
  • IEC 62351-2 — Glossary of terms
  • IEC 62351-3 — Security for any profiles including TCP/IP.
  • IEC 62351-4 — Security for any profiles including MMS (e.g., ICCP-based IEC 60870-6, IEC 61850, etc.).
  • IEC 62351-5 — Security for any profiles including IEC 60870-5 (e.g., DNP3 derivative)
    • TLS for TCP/IP profiles and encryption for serial profiles.
  • IEC 62351-6 — Security for IEC 61850 profiles.
  • IEC 62351-7 — Security through network and system management.
    • Defines Management Information Base (MIBs) that are specific for the power industry, to handle network and system management through SNMP based methods.
  • IEC 62351-8 — Role-based access control.
    • Covers the access control of users and automated agents to data objects in power systems by means of role-based access control (RBAC).
  • IEC 62351-9 — Key Management
    • Describes the correct and safe usage of safety-critical parameters, e.g. passwords, encryption keys.
    • Covers the whole life cycle of cryptographic information (enrollment, creation, distribution, installation, usage, storage and removal).
    • Methods for algorithms using asymmetric cryptography
    • A secure distribution mechanism based on GDOI and the IKEv2 protocol is presented for the usage of symmetric keys, e.g. session keys.
  • IEC 62351-10 — Security Architecture
    • Explanation of security architectures for the entire IT infrastructure
    • Identifying critical points of the communication architecture, e.g. substation control center, substation automation
    • Appropriate mechanisms security requirements, e.g. data encryption, user authentication
    • Applicability of well-proven standards from the IT domain, e.g. VPN tunnel, secure FTP, HTTPS
  • IEC 62351-11 — Security for XML Files
    • Embedding of the original XML content into an XML container
    • Date of issue and access control for XML data
    • X.509 signature for authenticity of XML data
    • Optional data encryption
gollark: It broke my terminal emulator. I shall use a faster one.
gollark: Benchmarking `tput setaf 2` vs Rust's `term` library...
gollark: <@116952546664382473>
gollark: How do I use tput to set colors? I need this for the benchmarking.
gollark: I'm setting up the benchmarking. Please wait.

See also

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.