iTeh Standards logo
EURUSD
Your shopping cart is empty.
CLC

EN 62351-9:2017

(Main)

Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

IEC 62351-9:2017(E) specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.

Energiemanagementsysteme und zugehöriger Datenaustausch - IT-Sicherheit für Daten und Kommunikation - Teil 9: Cyber security Schlüssel-Management für Stromversorgungsanlagen

Gestion des systèmes de puissance et échanges d’informations associés - Sécurité des communications et des données - Partie 9: Gestion de clé de cybersécurité des équipements de système de puissance

IEC 62351-9:2017 porte sur la gestion de clé cryptographique, c'est-à-dire sur la manière de générer, distribuer, révoquer et manipuler les certificats de clé publique et les clés cryptographiques pour protéger les données numériques et leurs communications. La manipulation des clés asymétriques (les clés privées et les certificats de clé publique, par exemple) et les clés symétriques pour les groupes (GDOI) font également partie du domaine d'application de la présente norme. La présente partie de l'IEC 62351 part du principe que d'autres normes ont déjà choisi le type de clés et la cryptographie qui seront utilisés, dans la mesure où les algorithmes de cryptographie et les supports de clé choisis sont en principe liés aux politiques de sécurité locales propres à une organisation et à la nécessité de satisfaire aux autres normes internationales. Le présent document spécifie donc uniquement les techniques de gestion de ces infrastructures de clé et de cryptographie sélectionnées. Il s'agit de définir les exigences et les technologies permettant d'assurer l'interopérabilité de la gestion de clé. La présente partie de l'IEC 62351 a pour objet de garantir l'interopérabilité entre les différents fournisseurs en spécifiant ou limitant les options de gestion de clé à utiliser. Le présent document part du principe que le lecteur comprend les principes de cryptographie et d'infrastructure à clés publiques.

Upravljanje elektroenergetskega sistema in pripadajoča izmenjava informacij - Varnost podatkov in komunikacij - 9. del: Upravljanje računalniške varnosti opreme napajalnih sistemov

Ta del standarda IEC 62351 določa upravljanje kriptografskih ključev, tj. načine ustvarjanja, porazdelitve, preklica in upravljanja potrdil za javne ključe ter kriptografskih ključev za varstvo digitalnih podatkov in povezanih komunikacij. Področje uporabe zajema ravnanje z asimetričnimi ključi (npr. zasebnimi ključi ali potrdili za javne ključe) in s simetričnimi ključi za skupine (GDOI).
Ta del standarda IEC 62351 predvideva, da so bile vrste ključev in kriptografija, ki bodo uporabljeni, v okviru drugih standardov že izbrani, kajti ti izbrani kriptografski algoritmi in gradiva ključev so običajno določeni v lokalnih varnostnih pravilnikih organizacije in na podlagi zahtev za zagotavljanje skladnosti z drugimi mednarodnimi standardi. Ta dokument tako določa zgolj načine upravljanja za te izbrane infrastrukture ključev in kriptografije. Cilj je določitev zahtev in tehnologij za doseganje interoperabilnosti upravljanja ključev.
Namen tega dela standarda IEC 62351 je zagotavljanje interoperabilnosti med različnimi ponudniki z določitvijo ali omejitvijo možnosti upravljanja ključev, ki bodo uporabljene. Ta dokument predvideva, da je bralec razume načela kriptografije in postopke PKI.

General Information

Status
Published
Publication Date
06-Jul-2017
Withdrawal Date
21-Jun-2020
ICS
33.200 - Telecontrol. Telemetering
Technical Committee
CLC/TC 57 - Power systems management and associated information exchange
Drafting Committee
IEC/TC 57 - IEC_TC_57
Current Stage
6060 - Document made available - Publishing
Start Date
07-Jul-2017
Completion Date
07-Jul-2017
Mandate
M/490 - Standardisation mandate to the European Standardisation Organisations (ESOs) to support European Smart Grid deployment
Ref Project
SIST EN 62351-9:2017 - Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

Relations

Replaced By
EN IEC 62351-9:2023 - Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
Effective Date
19-Jan-2021
EN 62351-9:2017 - BARVEEN 62351-9:2017 - BARVE
PreviousNext
Standard
EN 62351-9:2017 - BARVE
English language
88 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)


SLOVENSKI STANDARD
01-september-2017
8SUDYOMDQMHHOHNWURHQHUJHWVNHJDVLVWHPDLQSULSDGDMRþDL]PHQMDYDLQIRUPDFLM
9DUQRVWSRGDWNRYLQNRPXQLNDFLMGHO8SUDYOMDQMHUDþXQDOQLãNHYDUQRVWL
RSUHPHQDSDMDOQLKVLVWHPRY
Power systems management and associated information exchange - Data and
communications security - Part 9: Cyber security key management for power system
equipment
Ta slovenski standard je istoveten z: EN 62351-9:2017
ICS:
29.240.30 Krmilna oprema za Control equipment for electric
elektroenergetske sisteme power systems
35.030 Informacijska varnost IT Security
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD EN 62351-9
NORME EUROPÉENNE
EUROPÄISCHE NORM
July 2017
ICS 33.200
English Version
Power systems management and associated information
exchange - Data and communications security -
Part 9: Cyber security key management for power system
equipment
(IEC 62351-9 :2017)
Gestion des systèmes de puissance et échanges Energiemanagementsysteme und zugehöriger
d'informations associés - Sécurité des communications et Datenaustausch - IT-Sicherheit für Daten und
des données - Partie 9: Gestion de clé de cybersécurité des Kommunikation - Teil 9: Cyber security Schlüssel-
équipements de système de puissance Management für Stromversorgungsanlagen
(IEC 62351-9 :2017) (IEC 62351-9 :2017)
This European Standard was approved by CENELEC on 2017-06-22. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia,
Lithuania, Luxembourg, Malta, the Netherlands, Norway, Poland, Portugal, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden,
Switzerland, Turkey and the United Kingdom.

European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Avenue Marnix 17, B-1000 Brussels
© 2017 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
Ref. No. EN 62351-9:2017 E
European foreword
The text of document 57/1838/FDIS, future edition 1 of IEC 62351-9, prepared by IEC/TC 57 "Power
systems management and associated information exchange" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN 62351-9:2017.

The following dates are fixed:
(dop) 2018-03-22
• latest date by which the document has to be
implemented at national level by
publication of an identical national
standard or by endorsement
• latest date by which the national (dow) 2020-06-22
standards conflicting with the
document have to be withdrawn
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.

This document has been prepared under a mandate given to CENELEC by the European Commission
and the European Free Trade Association.

Endorsement notice
The text of the International Standard IEC 62351-9:2017 was approved by CENELEC as a European
Standard without any modification.
In the official version, for Bibliography, the following notes have to be added for the standards indicated:

IEC 62351-3 NOTE Harmonized as EN 62351-3.
Annex ZA
(normative)
Normative references to international publications
with their corresponding European publications

The following documents, in whole or in part, are normatively referenced in this document and are
indispensable for its application. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any amendments) applies.

NOTE 1 When an International Publication has been modified by common modifications, indicated by (mod), the relevant
EN/HD applies.
NOTE 2 Up-to-date information on the latest versions of the European Standards listed in this annex is available here:
www.cenelec.eu
Publication Year Title EN/HD Year

IEC/TS 62351-2 -  Power systems management and - -
associated information exchange - Data
and communications security -
Part 2: Glossary of terms
ISO/IEC 9594-8/ 2017 Information technology - Open Systems - -
Interconnection - The Directory -
Rec. ITU-T X.509 2016
Part 8: Public-key and attribute certificate
frameworks
ISO/IEC 9834-1/ 2012 Information technology - Procedures for - -
the operation of object identifier registration
Rec. ITU-T X.660 2011
authorities: General procedures and top
arcs of the international object identifier
tree
RFC 5246 -  The Transport Layer Security (TLS) - -
Protocol Version 1.2
RFC 5272 -  Certificate Management over CMS (CMC) - -
RFC 5934 -  Trust Anchor Management Protocol - -
(TAMP)
RFC 6407 -  The Group Domain of Interpretation - -
IETF RFC 6960 -  X.509 - Internet Public Key Infrastructure - -
Online Certificate Status Protocol - OCSP
RFC 7030 -  Enrolment over Secure Transport - -
SCEP IETF Draft, Simple Certificate Enrolment Protocol, draft-gutmann-scep-04.txt

IEC 62351-9 ®
Edition 1.0 2017-05
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange – Data and

communications security –
Part 9: Cyber security key management for power system equipment

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 33.200 ISBN 978-2-8322-4220-9

– 2 – IEC 62351-9:2017 © IEC 2017
CONTENTS
FOREWORD . 6
1 Scope . 8
2 Normative references . 8
3 Terms and definitions . 9
4 Abbreviations and acronyms . 14
5 Cryptographic applications for power system implementations . 15
5.1 Cryptography, cryptographic keys, and security objectives . 15
5.2 Types of cryptography . 16
5.3 Uses of cryptography . 16
5.3.1 Goals of cyber security . 16
5.3.2 Confidentiality . 17
5.3.3 Data integrity . 17
5.3.4 Authentication. 18
5.3.5 Non-repudiation . 18
5.3.6 Trust . 18
6 Key management concepts and methods in power system operations . 19
6.1 Key management system security policy . 19
6.2 Key management design principles for power system operations . 19
6.3 Use of Transport Layer Security (TLS) . 19
6.4 Cryptographic key usages . 19
6.5 Trust using a public-key infrastructure (PKI). 20
6.5.1 Registration authorities (RA) . 20
6.5.2 Certification authority (CA) . 20
6.5.3 Public-key certificates . 20
6.5.4 Attribute certificates . 21
6.5.5 Public-key certificate and attribute certificate extensions . 21
6.6 Trust via non-PKI self-signed certificates . 22
6.7 Authorization and validation lists . 22
6.7.1 General . 22
6.7.2 AVLs in non-constrained environments . 23
6.7.3 AVLs in constrained environments . 23
6.7.4 Use of self-signed public-key certificates in AVLs . 23
6.8 Trust via pre-shared keys. 23
6.9 Session keys . 24
6.10 Protocols used in trust establishment . 24
6.10.1 Certification request . 24
6.10.2 Trust Anchor Management Protocol (TAMP) . 24
6.10.3 Simple Certificate Enrolment Protocol (SCEP) . 24
6.10.4 Internet X.509 PKI Certificate Management Protocol (CMP) . 24
6.10.5 Certificate Management over CMS (CMC) . 25
6.10.6 Enrolment over Secure Transport (EST) . 25
6.10.7 Summary view on the different protocols . 25
6.11 Group keys . 26
6.11.1 Purpose of group keys . 26
6.11.2 Group Domain of Interpretation (GDOI) . 26
6.12 Key management lifecycle . 31

IEC 62351-9:2017 © IEC 2017 – 3 –
6.12.1 Key management in the life cycle of an entity . 31
6.12.2 Cryptographic key lifecycle . 32
6.13 Certificate management processes . 34
6.13.1 Certificate management process . 34
6.13.2 Initial certificate creation . 34
6.13.3 Enrolment of an entity . 34
6.13.4 Certificate signing request (CSR) process . 36
6.13.5 Certificate revocation lists (CRLs) . 37
6.13.6 Online certificate status protocol (OCSP) . 38
6.13.7 Server-based certificate validation protocol (SCVP) . 41
6.13.8 Short-lived certificates . 41
6.13.9 Certificate renewal . 42
6.14 Alternative process for asymmetric keys generated outside the entity . 43
6.15 Key distribution for symmetric keys with different time frames . 44
7 General key management requirements . 44
7.1 Asymmetric and symmetric key management requirements . 44
7.2 Required cryptographic materials . 44
7.3 Public-Key certificates requirements . 45
7.4 Cryptographic key protection. 45
7.5 Use of existing security key management infrastructure . 45
7.6 Use of object identifiers . 45
8 Asymmetric key management . 45
8.1 Certificate generation and installation . 45
8.1.1 Private and public key generation and installation. 45
8.1.2 Private and public key renewal . 46
8.1.3 Random Number Generation . 46
8.1.4 Certificate policy . 46
8.1.5 Entity registration for identity establishment . 46
8.1.6 Entity configuration . 47
8.1.7 Entity enrolment . 47
8.1.8 Trust anchor information update . 48
8.2 Public-key certificate revocation . 49
8.3 Certificate validity . 49
8.3.1 Validity of certificates . 49
8.3.2 Certificate revocation . 50
8.3.3 Certificate revocation status checking . 50
8.3.4 Handling of authorization and validation lists (AVLs) . 50
8.4 Certificate expiration and renewal . 55
8.5 Secured Time Synchronization . 55
9 Symmetric key management . 56
9.1 Group based key management (GDOI) . 56
9.1.1 GDOI requirements . 56
9.1.2 Internet Key Exchange Version 1 (IKEv1) . 56
9.1.3 Phase 1 IKEv1 main mode exchange type 2 . 57
9.1.4 Phase 1/2 ISAKMP informational exchange type 5 . 60
9.1.5 Phase 2 GDOI GROUPKEY-PULL exchange type 32 . 62
9.1.6 GROUPKEY-PULL group key download exchange . 70
10 Connections to the IEC 62351 parts and other IEC documents . 71

– 4 – IEC 62351-9:2017 © IEC 2017
Annex A (normative) Protocol Implementation Conformance Statement (PICS) . 73
Annex B (informative) Random Number Generation (RNG) . 74
B.1 Random number generation types . 74
B.2 Deterministic random bit generators . 74
B.3 Non-deterministic random number generation . 75
B.4 Entropy sources . 75
Annex C (informative) Certificate enrolment and renewal flowcharts . 76
C.1 Certificate enrolment . 76
C.2 Certificate renewal . 76
Annex D (informative) Examples of certificate profiles. 78
Bibliography . 82

Figure 1 – Relationship between public-key certificates and attribute certificates . 21
Figure 2 – Group key management distribution . 26
Figure 3 – GDOI IKE Phase 1 – Authentication and securing communication channel . 27
Figure 4 – GDOI Pull Phase 2 . 28
Figure 5 – Key renewal triggered by the entities. 30
Figure 6 – Key management in product life cycle . 31
Figure 7 – Simplified certificate life cycle . 32
Figure 8 – Cryptographic key life cycle . 33
Figure 9 – Example of the SCEP entity enrolment and CSR process . 35
Figure 10 – Example of the EST entity enrolment and CSR process . 36
Figure 11 – CSR processing . 37
Figure 12 – Certificate revocation list . 38
Figure 13 – Overview of the online certificate status protocol (OCSP) . 39
Figure 14 – Diagram using a combination of CRL and OCSP processes . 40
Figure 15 – Call Flows for the Online Certificate Status Protocol (OCSP). 41
Figure 16 – Overview Server-Based Certificate Validation Protocol using OCSP
Backend . 41
Figure 17 – SCEP certificate renewal . 42
Figure 18 – EST certificate renewal/rekeying . 43
Figure 19 – Central certificate generation . 44
Figure 20 – IKEv1 (RFC 2409) main mode exchange with RSA digital signatures . 57
Figure 21 – IKEv1 main mode exchange and security association messages . 58
Figure 22 – IKEv1 main mode exchange: key exchange messages . 59
Figure 23 – IKEv1 Main Mode Exchange: ID authentication messages . 59
Figure 24 – IKEv1 HASH_I calculation . 60
Figure 25 – Phase 1 Informational Exchange . 61
Figure 26 – GD004FI GROUPKEY-PULL as define in RFC 6407 . 62
Figure 27 – GROUPKEY-PULL hash computations . 63
Figure 28 – GROUPKEY-PULL initial SA request exchange . 64
Figure 29 – RFC 6407 Identification Payload . 64
Figure 30 – ID_OID Identification Data . 65
Figure 31 – 61850_UDP_ADDR_GOOSE/SV ASN.1 BNF . 66

IEC 62351-9:2017 © IEC 2017 – 5 –
Figure 32 – IPADDRESS ASN.1 BNF . 66
Figure 33 – Example IecUdpAddrPayload ASN.1 Data with DER Encoding . 67
Figure 34 – 61850_UDP_TUNNEL Payload ASN.1 BNF . 67
Figure 35 – 61850_ETHERNET_GOOSE/SV Payload ASN.1 BNF . 67
Figure 36 – RFC 6407 SA TEK Payload . 68
Figure 37 – IEC-61850 SA TEK Payload . 69
Figure 38 – GROUPKEY-PULL Key Download Exchange . 70
Figure 39 – IEC 62351 Part 9 relationship to other IEC 62351 parts . 71
Figure C.1 – Certificate enrolment . 76
Figure C.2 – Certificate renewal state machine . 77

Table 1 – KDC IKEv1 Requirements . 56
Table 2 – IEC 61850 Object IDs: Mandatory (m) and Optional (o) . 65
Table D.1 – Examples of operator public-key certificates . 79
Table D.2 – Examples of OEM certificates . 80
Table D.3 – Example of OCSP certificate . 81

– 6 – IEC 62351-9:2017 © IEC 2017
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 9: Cyber security key management for power system equipment

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62351-9 has been prepared by IEC technical committee 57: Power
systems management and associated information exchange.
The text of this International Standard is based on the following documents:
FDIS Report on voting
57/1838/FDIS 57/1853/RVD
Full information on the voting for the approval of this International Standard can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.

IEC 62351-9:2017 © IEC 2017 – 7 –
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
In this standard, the following print types are used:
– ASN.1 notions is presented in bold Courier New typeface;
– when ASN.1 types and values are referenced in normal text, they are differentiated from
normal text by presenting them in bold Courier New typeface.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 8 – IEC 62351-9:2017 © IEC 2017
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 9: Cyber security key management for power system equipment

1 Scope
This part of IEC 62351 specifies cryptographic key management, namely how to generate,
distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital
data and its communication. Included in the scope is the handling of asymmetric keys (e.g.
private keys and public-key certificates), as well as symmetric keys for groups (GDOI).
This part of IEC 62351 assumes that other standards have already chosen the type of keys
and cryptography that will be utilized, since the cryptography algorithms and key materials
chosen will be typically mandated by an organization’s own local security policies and by the
need to be compliant with other international standards. This document therefore specifies
only the management techniques for these selected key and cryptography infrastructures. The
objective is to define requirements and technologies to achieve interoperability of key
management.
The purpose of this part of IEC 62351 is to guarantee interoperability among different vendors
by specifying or limiting key management options to be used. This document assumes that
the reader understands cryptography and PKI principles.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC TS 62351-2, Power systems management and associated information exchange – Data
and communications security – Part 2: Glossary of terms
ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), Information technology – Open systems
interconnection – The Directory: Public-key and attribute certificate frameworks
ISO/IEC 9834-1:2012 | Rec. ITU-T X.660 (2011), Information technology – Procedures for the
operation of object identifier registration authorities: General procedures and top arcs of the
international object identifier tree
SCEP IETF Draft, Simple Certificate Enrolment Protocol, draft-gutmann-scep-04.txt
RFC 5246, The Transport Layer Security (TLS) Protocol Version 1.2
RFC 5272, Certificate Management over CMS (CMC)
RFC 5934, Trust Anchor Management Protocol (TAMP)
RFC 6407, The Group Domain of Interpretation

IEC 62351-9:2017 © IEC 2017 – 9 –
RFC 6960, X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP
RFC 7030, Enrolment over Secure Transport
3 Terms and definitions
For the purposes of this document, the terms and definitions given in IEC TS 62351-2 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1
asymmetric keys
two related keys, a public key and a private key, that are used to perform complementary
operations, such as encryption and decryption or signature generation and signature
verification
3.2
authorization and validation list
AVL
signed list containing information to an AVL entity about potential communications entities
and possible restrictions on the communications with such entities
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.9]
3.3
authorization and validation list entity
AVL entity
entity, when acting as a relying party, which is dependent on an AVL issued by a designated
authorizer
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.10]
3.4
authorizer
entity trusted by one or more entities operating as AVL entities to create, maintain and sign
authorization and validation lists
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.11]
3.5
certification path
ordered list of one or more public-key certificates, starting with a public-key certificate signed
by the trust anchor, and ending with the end-entity public-key certificate to be validated
Note 1 to entry: All intermediate public-key certificates, if any, are CA certificates in which the subject of the
preceding public-key certificate is the issuer of the following public-key certificate.
[SOURCE: ISO/IEC 9594-8:2017, 3.5.18 | Rec. ITU-T X.509 (2016), 3.5.21]

– 10 – IEC 62351-9:2017 © IEC 2017
3.6
certificate signing request
CSR
request issued when a new certificate or renewal of a certificate is required
Note 1 to entry: When the generated CSR is submitted to a CA, the CA signs the CSR using its private key and
the CSR becomes the certificate.
[SOURCE: RFC 2986]
3.7
controllership
intersection of legal ownership, physical control, and logical control over a device or system,
in which the nature of any contractual agreements between ownership and control of the
device or system is not important in the context
3.8
cryptographic binding
use of one or more cryptographic techniques by a CKMS to establish a trusted association
between a key and selected metadata elements
[SOURCE: NIST SP 800-130]
3.9
cryptographic key management system
CKMS
system for the management (e.g., generation, distribution, storage, backup, archive, recovery,
use, revocation, and destruction) of cryptographic keys and their metadata
[SOURCE: NIST SP 800-130]
3.10
dataset
collection of data
3.11
digital signature
result of a cryptographic transformation of data that, when properly implemented, provides a
mechanism for verifying origin authentication, data integrity, and signatory non-repudiation
[SOURCE: FIPS 186]
3.12
entity
generic term that covers human users, automation systems, software applications,
communication nodes, field devices, and other types of assets
3.13
group controller/key server
GCKS
device that defines group policy and distributes keys for that policy
[SOURCE: RFC 3740]
IEC 62351-9:2017 © IEC 2017 – 11 –
3.14
group domain of interpretation
GDOI
domain that manages group security associations, which are used by IPsec and potentially
other data security protocols
Note 1 to entry: These security associations protect one or more key-encrypting keys (KEK), traffic-encrypting
keys (TEK), or data shared by group members. GDOI uses the notion of a group controller, which is used to
support the establishment of security associations between members of a group.
[SOURCE: RFC 6407]
3.15
group member
GM
authorized member of a secure group, sending and/or receiving IP packets related to the
group
3.16
hash function
(mathematical) function which maps data of arbitrary size into data of a fixed size called a
digest
Note 1 to entry: Approved hash functions satisfy the following properties:
1) One-Way. It is computationally infeasible to find any input that maps to any pre-specified output.
2) Collision Resistant. It is computationally infeasible to find any two distinct inputs that map to the same output.
[SOURCE: ISO/IEC 9598-8:2017 | Rec. ITU-T X.509 (2016), 3.5.36]
3.17
hash message authentication code
HMAC
cryptographic code used for authentication with symmetric keys and for data integrity
[SOURCE: RFC 2104]
3.18
key distribution centre
KDC
centre which, in an IEC 62351-9 context, provides a network service that supplies temporary
(symmetrical) session keys to predefined set of peers after successful authentication
Note 1 to entry: This is also known as Group Controller/Key Server (GCKS) (See GDOI).
3.19
message authentication code
MAC
cryptographic checksum on data that uses a symmetric key to detect both accidental and
intentional modification of the data
[SOURCE: SP 800-63; FIPS 201]
3.20
object identifier
ordered list of primary integer values from the root of the international object identifier tree to
a node, which unambiguously identifies that node
[SOURCE: ISO/IEC 9834-1:2012 | Rec. ITU-T X.660 (2011), 3.5.11]

– 12 – IEC 62351-9:2017 © IEC 2017
3.21
online certificate status protocol
OCSP
protocol that enables applications to determine the (revocation) state of an identified
certificate
Note 1 to entry: OCSP may be used to satisfy some of the operational requirements of providing more timely
revocation information than is possible with CRLs and may be used to obtain additional status information. An
OCSP client issues a status request to an OCSP responder and suspends acceptance of the certificate in question
until the responder provides a response.
[SOURCE: RFC 6960]
3.22
pre-shared key
PSK
secret which is shared in advanced between the two entities, such as software applications or
devices, to be able to authenticate themselves after establishing a secure connection
3.23
private key
(in a public-key cryptosystem) that key of an entity's key pair which is known only by that
entity
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.49]
3.24
public-key certificate
public key of an entity, together with some other information, rendered unforgeable by digital
signature with the private key of the CA which issued it
Note 1 to entry: A public-key certificate is often called an X.509 certificate or a digital certificate. However, such
terms are ambiguous, as they could also mean attribute certificates, which are also defined by ISO/IEC 9594-
8:2017 | Rec. ITU-T X.509 (2016).
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.57]
3.25
public-key cryptography standards
PKCS
specifications produced by RSA Laboratories in cooperation with secure systems developers
worldwide for the purpose of accelerating the deployment of public-key cryptography
[SOURCE: www.rsa.com]
3.26
random number generation
RNG
process used to generate an unpredictable series of numbers
Note 1 to entry: Each individual value is called random if each of the values in the total population of values has
an equal probability of being selected.
[SOURCE: NIST SP 800-57]
3.27
registration authority
those aspects of the responsibilities of a certification authority that are related to identification
and authentication of the subject of a public-key certificate to be issued by that certification
authority
IEC 62351-9:2017 © IEC 2017 – 13 –
Note 1 to entry: A registration authority may either be a separate entity or be an integrated part of the certification
authority.
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T Rec. X.509 (2016), 3.5.60]
3.28
relying party
entity that relies on the data in a public-key certificate in making decisions
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.61]
3.29
secret key
cryptographic key, used with a secret key cryptographic algorithm that is uniquely associated
with one or more entities and should not be made public
[SOURCE: FIPS 140-2]
3.30
security association
SA
relationship established between two or more entities to enable them to protect data they
exchange
[SOURCE: NIST IR 7298 Rev.1]
3.31
security strength
ability of the security technologies to make it infeasible for a would-be attacker to bypass or
subvert
Note 1 to entry: This is often measured in bits of security.
[SOURCE: NIST SP 800-130]
3.32
session key
in the context of symmetric encryption, key that is temporary or is used for a relatively short
period of time
[SOURCE: RFC 2828]
3.33
simple certificate enrolment protocol
SCEP
protocol supporting the secure issuance of certificates to network devices in a scalable
manner, using existing technologies whenever possible
Note 1 to entry: The protocol supports the following operations:
CA and RA public key distribution
Certificate enrolment
Certificate revocation
Certificate query
CRL query
[SOURCE: IETF Draft SCEP]
– 14 – IEC 62351-9:2017 © IEC 2017
3.34
symmetric key
cryptographic key that is used to perform both the cryptographic operation and its inverse, for
example to encrypt and decrypt, or to create a message authentication code and to verify the
code
[SOURCE: NIST SP 800-63]
3.35
trust
firm belief in the reliability and truth of information or in the ability and disposition of an entity
to act appropriately, within a specified context
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.2.1]
3.36
trust anchor
entity that is trusted by a relying party and used for validating public-key certificates in
certification paths
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.71]
3.37
trust anchor information
at least the: distinguished name of the trust anchor, associated public key, algorithm
identifier, public key parameters (if applicable), and any constraints on its use including a
validity period
Note 1 to entry: The trust anchor information may be provided as a self-signed CA-certificate or as a normal CA-
certificate (i.e., cross-certificate).
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.72]
3.38
trust anchor management protocol
TAMP
protocol used to manage a trust anchor store
[SOURCE: RFC 5934]
3.39
trust anchor store
trust anchor information collection at a relying party for one or more trust anchors
[SOURCE: ISO/IEC 9594-8:2017 | Rec. ITU-T X.509 (2016), 3.5.73]
4 Abbreviations and acronyms
Additional abbreviations and acronyms are listed in IEC TS 62351-2.
ASN.1 Abstract Syntax Notation One
AVL Authorization and Validation List
AVMP Authorization and Validation Management Protocol
CA Certification Authority
CASP Certification Authority Subscription Protocol
CKMS Cryptographic Key Management System

IEC 62351-9:2017 © IEC 2017 – 15 –
CIA Confidentiality, Integrity, and Availability
CMC Certificate Management over CMS
CM
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

CLC
EN IEC 62488-1:2025(Main)
Power line communication systems for power utility applications - Part 1: Planning of analogue and digital power line carrier systems operating over HV electricity grids
SIST EN IEC 62488-1:2025

IEC 62488-1:2025 applies to the planning of analogue (APLC), digital (DPLC) and hybrid analogue-digital (ADPLC) power line carrier communication systems operating over HV electric power networks. The object of this document is to establish the planning of the services and performance parameters for the operational requirements to transmit and receive data efficiently and reliably. Such analogue and digital power line carrier systems are used by the different electricity supply industries and integrated into their communication infrastructure using common communication technologies such as radio links, fibre optic and satellite networks This second edition cancels and replaces the first edition published in 2012. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Complete revision of this edition with respect to the previous edition with the main focus on planning of analogue and digital power line carrier systems operating over HV power networks; b) A general structure of a bidirectional point-to-multipoint APLC, DPLC or ADPLC link has been introduced; c) Introduction of a new approach for global frequency planning.

  • Standard
    108 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 61850-10:2013/A1:2025(Amendment)
Communication networks and systems for power utility automation - Part 10: Conformance testing
SIST EN 61850-10:2013/A1:2025
  • Amendment
    76 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 62746-4:2025(Main)
Systems interface between customer energy management system and the power management system - Part 4: Demand Side Resource Interface
SIST EN IEC 62746-4:2025

IEC 62746-4:2024 describes CIM profiles for Demand-Side Resource Interface and is based on the use case shown in Annex A of this document. Schemas associated with this document were generated using the CIM101 UML and leverages the Market package. This document defines profiles complimentary to other standards, namely those in IEC 61970, IEC 61968, and IEC 62325.

  • Standard
    76 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 61850-6:2010/A2:2025(Amendment)
Communication networks and systems for power utility automation - Part 6: Configuration description language for communication in power utility automation systems related to IEDs
SIST EN 61850-6:2010/A2:2025
  • Amendment
    94 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61968-9:2024(Main)
Enterprise business function interfaces for utility operations - Part 9: Interfaces for meter reading and control
SIST EN IEC 61968-9:2024

IEC 61968-9:2024 specifies the information content of a set of message types that can be used to support many of the business functions related to meter reading and control. Typical uses of the message types include meter reading, controls, events, customer data synchronization and customer switching. Although intended primarily for electrical distribution networks, IEC 61968-9 can be used for other metering applications, including non-electrical metered quantities necessary to support gas and water networks. The purpose of this document is to define a standard for the integration of metering systems (MS), which includes traditional manual systems, and (one or two-way) automated meter reading (AMR) systems, and meter data management (MDM) systems with other enterprise systems and business functions within the scope of IEC 61968. The scope of this document is the exchange of information between metering systems, MDM systems and other systems within the utility enterprise. The specific details of communication protocols those systems employ are outside the scope of this document. Instead, this document will recognize and model the general capabilities that can be potentially provided by advanced and/or legacy meter infrastructures, including two-way communication capabilities such as load control, dynamic pricing, outage detection, distributed energy resource (DER) control signals and on-request read. In this way, this document will not be impacted by the specification, development and/or deployment of next generation meter infrastructures either through the use of standards or proprietary means. The focus of IEC 61968-9 is to define standard messages for the integration of enterprise applications, these messages may be directly or indirectly related to information flows within a broader scope. Examples would include messaging between head end systems and meters or PAN devices. The various components described later in this document will typically fall into either the category of a metering system (MS) head end, an MDM or other enterprise application (e.g. OMS, DRMS, CIS). The capabilities and information provided by a meter reading and meter data management systems are important for a variety of purposes, including (but not limited to) interval data, time-based demand data, time-based energy data (usage and production), outage management, service interruption, service restoration, quality of service monitoring, distribution network analysis, distribution planning, demand response, customer billing and work management. This standard also extends the CIM (Common Information Model) to support the exchange of meter data. This third edition cancels and replaces the second edition published in 2013. This edition constitutes a technical revision. Please see the foreword of IEC 61968-9 for further details.

  • Standard
    359 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61970-457:2024(Main)
Energy management system application program interface (EMS-API) - Part 457: Dynamics profile
SIST EN IEC 61970-457:2024

IEC 61970-457:2024 specifies a standard interface for exchanging dynamic model information needed to support the analysis of the steady state stability (small-signal stability) and/or transient stability of a power system or parts of it. The schema(s) for expressing the dynamic model information are derived directly from the CIM, more specifically from IEC 61970-302. The scope of this document includes only the dynamic model information that needs to be exchanged as part of a dynamic study, namely the type, description and parameters of each control equipment associated with a piece of power system equipment included in the steady state solution of a complete power system network model. Therefore, this profile is dependent upon other standard profiles for the equipment as specified in IEC 61970-452: CIM static transmission network model profiles, the topology, the steady state hypothesis and the steady state solution (as specified in IEC 61970-456: Solved power system state profiles) of the power system, which bounds the scope of the exchange. The profile information described by this document needs to be exchanged in conjunction with IEC 61970-452 and IEC 61970-456 profiles’ information to support the data requirements of transient analysis tools. IEC 61970-456 provides a detailed description of how different profile standards can be combined to form various types of power system network model exchanges. This document supports the exchange of the following types of dynamic models: • standard models: a simplified approach to exchange, where models are contained in predefined libraries of classes interconnected in a standard manner that represent dynamic behaviour of elements of the power system. The exchange only indicates the name of the model along with the attributes needed to describe its behaviour. • proprietary user-defined models: an exchange that would provide users the ability to exchange the parameters of a model representing a vendor or user proprietary device where an explicit description of the model is not described in this document. The connections between the proprietary models and standard models are the same as described for the standard models exchange. Recipient of the data exchange will need to contact the sender for the behavioural details of the model. This document builds on IEC 61970-302, CIM for dynamics which defines the descriptions of the standard dynamic models, their function block diagrams, and how they are interconnected and associated with the static network model. This type of model information is assumed to be pre-stored by all software applications hence it is not necessary to be exchanged in real-time or as part of a dynamics model exchange. This second edition cancels and replaces the first edition published in 2021. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) The majority of issues detected in IEC 61970-302:2018 and fixed in IEC 61970-302:2022 led to update of this document; b) IEEE 421.5-2016 on Excitation systems is fully covered; c) IEEE turbine report from 2013 was considered and as a result a number of gas, steam and hydro turbines/governors are added; d) IEC 61400-27-1:2020 on wind turbines is fully incorporated; e) WECC Inverter-Based Resource (IBR) models, Hybrid STATCOM models and storage models are added; f) The user defined models approach was enhanced in IEC 61970-302:2022 adding a model which enables modelling of a detailed dynamic model. This results in the creation of two additional pr

  • Standard
    780 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 61970-302:2024(Main)
Energy management system application program interface (EMS-API) - Part 302: Common information model (CIM) dynamics
SIST EN IEC 61970-302:2024

IEC 61970-302:2024 specifies a Dynamics package which contains part of the CIM to support the exchange of models between software applications that perform analysis of the steady-state stability (small-signal stability) or transient stability of a power system as defined by IEEE / CIGRE, Definition and classification of power system stability IEEE/CIGRE joint task force on stability terms and definitions. The model descriptions in this document provide specifications for each type of dynamic model as well as the information that needs to be included in dynamic case exchanges between planning/study applications. The scope of the CIM Dynamics package specified in this document includes: • standard models: a simplified approach to describing dynamic models, where models representing dynamic behaviour of elements of the power system are contained in predefined libraries of classes which are interconnected in a standard manner. Only the names of the selected elements of the models along with their attributes are needed to describe dynamic behaviour. • proprietary user-defined models: an approach providing users the ability to define the parameters of a dynamic behaviour model representing a vendor or user proprietary device where an explicit description of the model is not provided by this document. The same libraries and standard interconnections are used for both proprietary user-defined models and standard models. The behavioural details of the model are not documented in this document, only the model parameters. • A model to enable exchange of models’ descriptions. This approach can be used to describe user defined and standard models. • A model to enable exchange of simulation results. This second edition cancels and replaces the first edition published in 2018. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) The majority of issues detected in IEC 61970-302:2018 are addressed; b) IEEE 421.5-2016 on Excitation systems is fully covered; c) The IEEE turbine report from 2013 was considered and as a result a number of gas, steam and hydro turbines/governors are added; d) IEC 61400-27-1:2020 on wind turbines is fully incorporated; e) WECC Inverter-Based Resource (IBR) models, Hybrid STATCOM models and storage models are added; f) The user defined models are enhanced with a model which enables modelling of detailed dynamic model; g) A model to enable exchange of simulation results is added; h) The work on the HVDC models is not complete. The HVDC dynamics models are a complex domain in which there are no models that are approved or widely recognised on international level, i.e. there are only project-based models. At this stage IEC 61970-302:2022 only specifies some general classes. However, it is recognised that better coverage of HVDC will require a further edition of this document; i) Models from IEEE 1547-2018 "IEEE Standard for Interconnection and Interoperability of Distributed Energy Resources with Associated Electric Power Systems Interfaces" are added. j) Statements have been added to certain figures, tables, schemas, and enumerations throughout the document that indicate that they are reproduced with the permission of the UCA International User Group (UCAIug). These items are derived from the CIM.

  • Standard
    894 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN 60870-5-104:2006/A1:2016/AC:2023-09(Corrigendum)
Telecontrol equipment and systems - Part 5-104: Transmission protocols - Network access for IEC 60870-5-101 using standard transport profiles
SIST EN 60870-5-104:2007/A1:2017/AC:2024
  • Corrigendum
    3 pages
    English and French language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 62351-3:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
SIST EN IEC 62351-3:2023

IEC 62351-3:2023 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize Transport Layer Security when cyber-security is required. This may relate to SCADA and telecontrol protocols, but also to additional protocols if they meet the requirements in this document. IEC 62351-3 specifies how to secure TCP/IP-based protocols through constraints on the specification of the messages, procedures, and algorithms of Transport Layer Security (TLS) (TLSv1.2 defined in RFC 5246, TLSv1.3 defined in RFC 8446). In the specific clauses, there will be subclauses to note the differences and commonalities in the application depending on the target TLS version. The use and specification of intervening external security devices (e.g., "bump-in-the-wire") are considered out-of-scope. In contrast to previous editions of this document, this edition is self-contained in terms of completely defining a profile of TLS. Hence, it can be applied directly, without the need to specify further TLS parameters, except the port number, over which the communication will be performed. Therefore, this part can be directly utilized from a referencing standard and can be combined with further security measures on other layers. Providing the profiling of TLS without the need for further specifying TLS parameters allows declaring conformity to the described functionality without the need to involve further IEC 62351 documents. This document is intended to be referenced as a normative part of other IEC standards that have the need for providing security for their TCP/IP-based protocol exchanges under similar boundary conditions. However, it is up to the individual protocol security initiatives to decide if this document is to be referenced. The document also defines security events for specific conditions, which support error handling, security audit trails, intrusion detection, and conformance testing. Any action of an organization in response to events to an error condition described in this document are beyond the scope of this document and are expected to be defined by the organization’s security policy. This document reflects the security requirements of the IEC power systems management protocols. Should other standards bring forward new requirements, this document may need to be revised. This second edition cancels and replaces the first edition published in 2014, Amendment 1:2018 and Amendment 2:2020. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Inclusion of the TLSv1.2 related parameter required in IEC 62351-3 Ed.1.2 to be specified by the referencing standard. This comprises the following parameter: • Mandatory TLSv1.2 cipher suites to be supported. • Specification of session resumption parameters. • Specification of session renegotiation parameters. • Revocation handling using CRL and OCSP. • Handling of security events. b) Inclusion of a TLSv1.3 profile to be applicable for the power system domain in a similar way as for TLSv1.2 session.

  • Standard
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Standard
    52 pages
    English language
    sale 10% off
    e-Library read for
    1 day
CLC
EN IEC 62351-9:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
SIST EN IEC 62351-9:2023

IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used. This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles. The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as: • IEC 62351-3 for TLS by profiling the TLS options • IEC 62351-4 for the application layer end-to-end security • IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101/104 and IEEE 1815 (DNP3) The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP. This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy. In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided. This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Certificate components and verification of the certificate components have been added; b) GDOI has been updated to include findings from interop tests; c) GDOI operation considerations have been added; d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC/IEEE 61850-9-3 Power Profile; e) Cyber security event logging has been added as well as the mapping to IEC 62351-14; f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added.

  • Standard
    147 pages
    English language
    sale 10% off
    e-Library read for
    1 day