IEC 62351-6:2020

IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange –
Data and communication security –
Part 6: Security for IEC 61850
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange –

Data and communication security –

Part 6: Security for IEC 61850

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 33.200 ISBN 978-2-8322-8766-8

– 2 – IEC 62351-6:2020 © IEC 2020
CONTENTS
FOREWORD . 4
1 Scope and object . 6
1.1 Scope . 6
1.2 Namespace name and version . 6
1.3 Code Component distribution . 7
2 Normative references . 7
3 Terms, definitions and abbreviated terms . 8
3.1 Terms and definitions . 8
3.2 Abbreviated terms . 8
4 Security issues addressed by this document . 9
4.1 Operational issues affecting choice of security options . 9
4.2 Security threats countered . 9
4.3 Attack methods countered . 9
5 Correlation of IEC 61850 parts and IEC 62351 parts . 9
5.1 General . 9
5.2 IEC 61850-8-1 Profile for Client/Server communications . 10
5.2.1 General . 10
5.2.2 Control centre to substation . 11
5.2.3 Substation communications . 11
5.3 IEC 61850 security for profiles using VLAN IDs . 11
5.4 IEC 61850-8-2 for Client/Server communications . 11
5.5 Using OriginatorID for Client/Server Services. 11
6 Multicast Association Protocols . 12
6.1 General . 12
6.2 Replay Protection . 12
6.2.1 GOOSE replay protection . 12
6.2.2 Sampled Value replay protection . 16
7 Security for SNTP . 19
8 Layer 2 security for profiles for IEC 61850-8-1 GOOSE and IEC 61850-9-2
Sampled Value . 20
8.1 Overview of Ethertype (informative) . 20
8.2 Extended PDU . 20
8.2.1 General format of extended PDU . 20
8.2.2 Format of extension octets . 21
9 Substation configuration language extensions . 25
9.1 Service capability . 25
9.1.1 Access Point support security for GOOSE Publisher . 25
9.1.2 Access Point support security for SV Publisher . 25
9.1.3 Acces Point support security for GOOSE and SMV subscriber . 25
9.1.4 Server Access Point support security for TPAA . 26
9.1.5 Client Access Point support security for TPAA . 26
9.2 Publish with security enabled . 26
9.2.1 GOOSE . 26
9.2.2 SMV . 26
9.2.3 Key Policy and Management . 27
9.3 Use of Simulation . 27

10 Extension of LGOS and LSVS . 27
11 Conformance . 27
11.1 General conformance . 27
11.2 Conformance for implementations claiming IEC 61850-8-1 ISO 9506 profile
security . 28
11.2.1 General . 28
11.2.2 IEC 62351-4 TLS Conformity for ISO-9506 Client/Server Profile using

ACSE Authentication . 29
11.3 Conformance for implementations claiming VLAN profile security . 29
11.4 Conformance for implementations claiming SNTP profile security . 32
Bibliography . 33

Figure 1 – MMS Security Profiles . 10
Figure 2 – Replay Protection State Machine for GOOSE . 13
Figure 3 – Replay Protection State Machine for SV . 17
Figure 4 – General format of extended PDU . 20
Figure 5 – Definition of Reserved 1 . 20
Figure 6 – Calculated MAC Domain . 22
Figure 7 – AES-GCM application on the example of a L2 GOOSE/SV packet. . 23

Table 1 – Scope of application to standards . 6
Table 2 – Extract from IEC 61850-9-2 (Informative) . 16
Table 3 – Extension of the LGOS class . 27
Table 4 – Extension of the LSVS class . 27
Table 5 – Conformance table . 28
Table 6 – PICS for IEC 61850-8-1 ISO 9506 profile . 28
Table 7 – PICS for TLS IEC 61850-8-1 Client/Server using ACSE Authentication . 29
Table 8 – PICS for VLAN profiles . 30
Table 9 – IEC 61850-8-1 L2 GOOSE Security . 30
Table 10 – IEC 61850-9-2 L2 SMV Security . 31
Table 11 – IEC 61850-8-1 Routable GOOSE . 31
Table 12 – IEC 61850-9-2 Routable SMV . 32
Table 13 – PICS for SNTP profiles . 32

– 4 – IEC 62351-6:2020 © IEC 2020
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION
EXCHANGE – DATA AND COMMUNICATION SECURITY –

Part 6: Security for IEC 61850

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of patent
rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62351-6 has been prepared by IEC technical committee 57: Power
systems management and associated information exchange.
The text of this International Standard is based on the following documents:
FDIS Report on voting
57/2234/FDIS 57/2258/RVD
Full information on the voting for the approval of this International Standard can be found in the
report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts of the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct understanding
of its contents. Users should therefore print this document using a colour printer.

– 6 – IEC 62351-6:2020 © IEC 2020
POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION
EXCHANGE – DATA AND COMMUNICATION SECURITY –

Part 6: Security for IEC 61850

1 Scope and object
1.1 Scope
This part of IEC 62351 specifies messages, procedures, and algorithms for securing the
operation of all protocols based on or derived from the IEC 61850 series. This document applies
to at least those protocols listed in Table 1.
Table 1 – Scope of application to standards
Number Name
IEC 61850-8-1 Communication networks and systems for power utility automation – Part 8-1: Specific
communication service mapping (SCSM) – Mappings to MMS (ISO/IEC 9506-1 and
ISO/IEC 9506-2) and to ISO/IEC 8802-3
IEC 61850-8-2 Communication networks and systems for power utility automation – Part 8-2: Specific
communication service mapping (SCSM) – Mapping to Extensible Messaging Presence
Protocol (XMPP)
IEC 61850-9-2 Communication networks and systems for power utility automation – Part 9-2: Specific
communication service mapping (SCSM) – Sampled values over ISO/IEC 8802-3
IEC 61850-6 Communication networks and systems for power utility automation – Part 6: Configuration
description language for communication in power utility automation systems related to
IEDs
The initial audience for this document is intended to be the members of the working groups
developing or making use of the protocols listed in Table 1. For the measures described in this
specification to take effect, they must be accepted and referenced by the specifications for the
protocols themselves. This document is written to enable that process.
The subsequent audience for this document is intended to be the developers of products that
implement these protocols.
Portions of this document may also be of use to managers and executives in order to understand
the purpose and requirements of the work.
1.2 Namespace name and version
This new clause is mandatory for any IEC 61850 namespace (as defined by part 7-1 of
IEC 61850 Edition 2).
The parameters which identify this new release of this namespace are:
• Namespace version: 2020
• Namespace revision: A
• Namespace name: “IEC 62351-6:2020A”
• Namespace release: 1
The table below provides an overview of all published versions of this namespace.

Edition Publication date Webstore Namespace
Edition 1.0 2020-? IEC 62351-6:2020 IEC 62351-6:2020

1.3 Code Component distribution
There is currently no code component scheduled for the code component downloading area.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies.
For undated references, the latest edition of the referenced document (including any
amendments) applies.
IEC 61850-6, Communication networks and systems for power utility automation – Part 6:
Configuration description language for communication in electrical substations related to IEDs
IEC 61850-7-3, Communication networks and systems for power utility automation – Part 7-3:
Basic communication structure – Common data classes
IEC 61850-8-1, Communication networks and systems for power utility automation –
Part 8-1: Specific communication service mapping (SCSM) – Mappings to MMS (ISO 9506-1
and ISO 9506-2) and to ISO/IEC 8802-3
IEC 61850-8-2, Communication networks and systems for power utility automation – Part 8-2:
Specific communication service mapping (SCSM) – Mapping to Extensible Messaging Presence
Protocol (XMPP)
IEC 61850-9-2, Communication networks and systems for power utility automation – Part 9-2:
Specific communication service mapping (SCSM) – Sampled values over ISO/IEC 8802-3
IEC TS 62351-1, Power systems management and associated information exchange – Data
and communications security – Part 1: Communication network and system security –
Introduction to security issues
IEC TS 62351-2, Power systems management and associated information exchange – Data
and communications security – Part 2: Glossary of terms
IEC 62351-4:2020, Power systems management and associated information exchange – Data
and communications security – Part 4: Profiles including MMS and derivatives
IEC 62351-9, Power systems management and associated information exchange – Data and
communications security – Part 9: Cyber security key management for power system equipment
ISO/IEC 13239, Information technology – Telecommunications and information exchange
between systems – High-level data link control (HDLC) procedures
ISO/IEC 9594-8 | Rec. ITU-T X.509: Information technology – Open Systems Interconnection –
The Directory: Public-key and attribute certificate frameworks
RFC 2104, HMAC: Keyed-Hashing for Message Authentication

– 8 – IEC 62351-6:2020 © IEC 2020
RFC 5905, Network Time Protocol Version 4: Protocol and Algorithms Specification
RFC 8052, Group Domain of Interpretation (GDOI) Protocol Support for IEC 62351 Security
Services
NIST Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation
Galois/Counter Mode (GCM and GMAC)
3 Terms, definitions and abbreviated terms
3.1 Terms and definitions
For the purposes of this document, the terms and definitions given in IEC TS 62351-2 and
IEC 61850-2 apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1.1
electronic security perimeter
logical border surrounding a network interconnecting critical cyber assets
3.1.2
client
functional unit that establishes an association and issues requests and receives services from
a server.
3.1.3
server
functional unit that receives an association from a Client and provides services requested by
the Client
3.2 Abbreviated terms
ACSE Association Control Service Element
APDU Application Protocol Data Unit
ASDU Application Service Data Unit
ASN.1 Abstract Syntax Notation One
ESP Electronic Security Perimeter
GDOI Group Domain of Interpretation
GMAC Galois Message Authentication Code
GOOSE Generic Object Oriented Substation Event
GSE Generic Substation Events
HMAC Hashed Message Authentication Code
ICT IED Configuration Tool
IED Intelligent Electronic Device
KFA Key Delivery Assurance
KDC Key Distribution Centre
___________
Restricted to SNTP profile only.

MAC Message Authentication Code
SMV Sampled Measured Values
SCL Substation Configuration Language
SV Sampled Value
4 Security issues addressed by this document
4.1 Operational issues affecting choice of security options
For applications using Layer 2 IEC 61850-8-1 GOOSE and Layer 2 IEC 61850-9-2 Sampled
Value and requiring 3 ms response times, multicast configurations and low CPU overhead,
encryption is not recommended. Instead, the communication path selection process (e.g. the
fact that Layer 2 GOOSE and SV are supposed to be restricted to a logical substation LAN)
shall be used to provide confidentiality for information exchanges. However, this document does
define a mechanism for allowing confidentiality for applications where the 3 ms delivery criterion
is not a concern.
NOTE The actual performance characteristics of an implementation claiming conformance to this technical
specification is outside the scope of this document.
With the exception of confidentiality, this document sets forth a mechanism that allows co-
existence of secure and non-secure PDUs.
4.2 Security threats countered
See IEC TS 62351-1 for a discussion of security threats and attack methods.
If encryption is not employed, then the specific threats countered in this clause include:
• unauthorized modification (tampering) of information through message level authentication
of the messages.
If encryption is employed, then the specific threats countered in this clause include:
• unauthorized access to information through message level authentication and encryption of
the messages;
• unauthorized modification (tampering) or theft of information through message level
authentication and encryption of the messages.
• information disclosure is countered.
4.3 Attack methods countered
The following security attack methods are intended to be countered through the appropriate
implementation of the specifications/recommendations found within this document:
• man-in-the-middle: this threat will be countered through the use of a Message Authentication
Code mechanism specified within this document;
• tamper detection/message integrity: These threats will be countered through the algorithm
used to create the authentication mechanism as specified within this document;
• replay: this threat will be countered through the use of specialized processing state
machines specified within IEC 62351-4 and this document.
5 Correlation of IEC 61850 parts and IEC 62351 parts
5.1 General
There are four levels of interaction between the parts of the IEC 62351 series and parts of the
IEC 61850 series. This part is concerned with the:

– 10 – IEC 62351-6:2020 © IEC 2020
• Communication profile security regarding:
– IEC 61850-8-1 Application Profile for Client/Server communications.
– IEC 61850-8-2 Application Profile for Client/Server communications.
– IEC 61850-8-1 Layer 2 T-Profile for GOOSE/GSE
– IEC 61850-8-1 Layer 2 T-Profile for Multicast Sampled Values
– IEC 61850-8-1 Layer 3 Routable GOOSE and Sampled Values
• Configuration extensions required for configuration of the Application and Transport
communication profiles of concern. These extensions would impact IEC 61850-6.
• Object definitions, regarding security and identification, that are exposed at run-time as part
of the IEC 61850-8-1 and IEC 61850-8-2 object mappings.
• The binding of Originator ID values to authenticated peers for Client/Server services.
The scope of this document provides security specifications for use within an Electronic Security
Perimeter (ESP) and between ESPs.
5.2 IEC 61850-8-1 Profile for Client/Server communications
5.2.1 General
IEC 61850 implementations claiming conformance to this specification and declaring support
for the IEC 61850-8-1 profile utilizing TCP/IP and ISO 9506 (MMS) shall implement Clauses 5
and 6 of IEC 62351-4:2020.
IEC 61850-8-1 specifies the use of MMS within a substation. However, the scope of this
specification provides security specifications for use within the substation and external to the
substation (e.g. Control Centre to Substation).

Figure 1 – MMS Security Profiles
Figure 1 shows the security profiles for IEC 61850 Client/Server associations based upon
ISO/IEC 9506:
• Non-Secure: Implementations claiming conformance to this clause and Client/Server
capability shall support the ability to be configured without securing connections per
IEC 62351-4.
• TLS-Only: The use of TLS only is out-of-scope of this document. This profile may not provide
the ability to provide user level Role Based Access Control (RBAC) for all use cases.
• Compatibility (per IEC 62351-4): Client implementations claiming conformance shall support
the configuration and exchange of information utilizing ACSE Authentication per IEC 62351-
4 and TLS. The use of TLS is mandatory.
• End-to-End: The support for this security profile is optional. However, in future editions of
this standard, it is intended to make the support of this profile mandatory.
See Table 6 for a formal conformance statement.
5.2.2 Control centre to substation
IEC 62351-4 shall be used without any other additions.
5.2.3 Substation communications
The mandatory cipher suites are found in IEC 62351-4.
5.3 IEC 61850 security for profiles using VLAN IDs
For the IEC 61850 profiles specified that make use of VLAN IDs (e.g. IEC 61850-8-1 GOOSE,
and IEC 61850-9-2) profile security shall be provided as specified in Clause 8.
5.4 IEC 61850-8-2 for Client/Server communications
IEC 61850 implementations claiming conformance to this document and declaring support for
the IEC 61850-8-2 A-Profile for Client/Server communications shall implement the End-to-End
security mechanism as specified by IEC 62351-4.
IEC 61850-8-2 does not support ACSE therefore, the IEC 62351-4 security mechanism of ACSE
authentication (A-Profile) are not implemented or supported.
Additionally, IEC 61850-8-2 utilizes a T-Profile consisting of XMPP, which in turn controls TLS.
Therefore, the TLS security mechanisms, and cipher suites, specified in IEC 62351-4 are out-
of-scope for IEC 61850-8-2.
5.5 Using OriginatorID for Client/Server Services
There are several Common Data Classes (CDCs) defined in IEC 61850-7-3 and service tracking
functions that explicitly define the ability to provide information about the originator of the
control or service. The actual value representing the initiating entity in both IEC 61850-8-1 and
IEC 61850-8-2 is originatorID and is a 64-octet octetstring.
The use of certificate-based authentication and security provides a mechanism for providing
authoritative information regarding the originator. However, the size restriction of originatorID
is not large enough to provide exposure of the Issuer and Serial Number. Therefore,
implementations claiming conformance to this standard shall implement the optional
DataAttribute certIssuer in the instance to the IEC 61850-7-3 CDCs of: CST, BTS, UTS, LTS,
GTS, MTS, NTS, and STS.
The use of the value of the certIssuer Data Attribute follows:
• The value shall be a concatenation of the sequence of name values that may be present in
the Issuer field. If there is more than one name in the sequence, the concatenation token
shall be the “\” character, i.e. have a zero(0) length value if the client association is not
authenticated.
• Have the value of the X.509 Issuer Name for a client association that is authenticated.

– 12 – IEC 62351-6:2020 © IEC 2020
• If the concatenated value is greater than 255 characters, the value shall be truncated to 255
characters.
• If the client association was not authenticated through the use of certificates, the length of
the certIssuer shall be zero(0) and therefore the value shall be NULL. All octets in the value
shall be initialized to 0.
Implementations claiming conformance to this standard shall also utilize the originatorID Data
Attribute as follows:
• If the certIssuer value is not NULL, the value of the X.509 certificate serial number shall be
used for the value for clients associations that have been authenticated by use of a
certificate. A certificate serial number is an encoded positive integer value. The encoded
value shall be copied into the originatorID value, not including the tag or length.
• If the certIssuer value is NULL, the value of the originatorID may be “unknown” with “u”
being the most significant octet of the value. Other values are a local issue.
6 Multicast Association Protocols
6.1 General
IEC 61850-8-1 and IEC 61850-9-2 specify two different application protocols that utilize the
IEC 61850 Multicast Association model. These are GSE (e.g. GOOSE) and Multicast Sampled
Values. These application protocols are mapped over two different T-Profile mappings.
The T-Profiles specified provide a Layer 2 and a Routable mapping of the application protocol.
The combination of the A-Profiles and T-Profiles are commonly referred to as as Layer 2 or
Routable (e.g. Layer 2 GOOSE or Routable GOOSE). This document specifies security
behaviours that are common regardless of the T-Profile and specific security protocol
extensions for the Layer 2 T-Profiles.
This clause specifies the expected behaviours for replay protection for both GOOSE and
Multicast Sampled Values regardless of the T-Profile utilized.
6.2 Replay Protection
Replay protection can be implemented for GOOSE and Sampled Value A-Profiles with or without
security extensions. The replay protection algorithms specified in the following clauses are for
subscribers claiming conformance to this part and therefore replay protection is to be
implemented regardless if the published GOOSE or Sampled Value APDU has security. The
replay protection algorithm is implemented by the subscriber
6.2.1 GOOSE replay protection
6.2.1.1 General
The normal GOOSE subscriber state machine in IEC 61850-8-1 does not detail how to transition
out-of-order state numbers (stNum) or sequence numbers (sqNum) should be received.
Implementations claiming conformance to this standard shall implement the state machine
shown in Figure 2. Additional security and replay checks may be implemented. For this clause,
the Application is defined as the GOOSE Subscriber function and not the actual process that
utilizes GOOSEData (per IEC 61850-7-2) in order to perform protection, etc.

Figure 2 – Replay Protection State Machine for GOOSE
Figure 2 is relevant for GOOSE messages for which the subscriber has an active subscription
shall be configured through the use of SCL and an ICT. Other configuration mechanisms are
out-of-scope. Implementations claiming conformance to this clause shall maintain at least the
following internal state machine variables: last received stNum (lastRcvStNum); last received
sqNum (lastRcvSqNum); last received state change timestamp (lastRcvT); and an internal Time
Allowed to Live (intTAL) value. The states and their transitions are defined as follows:
1) The Non-Existent state represents the state when there is no GOOSE subscription.
2) Upon activating the subscription (e.g. power-up or subscription configuration), the state
machine will internally set the lastRcvStNum , lastRcvSqNum, lastRcvT, and intTAL to
invalid since no GOOSE message has been received and the state machine transitions to
the Wait for GOOSE Message state.
Upon receiving the subscribed GOOSE message, the subscriber shall transition to the
Security Checks state (State 3).
3) The processing in the Security Checks state is described in 6.2.1.2.
If the Subscriber has never received a key from the KDC, it shall pass the security check
for non-encrypted packets and perform a GROUP-PULL as defined by IEC 62351-9.
Subscribers receiving an encrypted GOOSE messages, and not having the key for the ID
conveyed in the GOOSE message shall transition to Security Check Failure and shall
perform a GROUP-PULL as defined by IEC 62351-9.
If the subscriber has been unable to receive keys prior to the expiration of the last key
delivered, it shall report an alarm indicating that key delivery has failed and that expired
keys are being assumed. It shall process packets whose keyID is the last key delivered.

– 14 – IEC 62351-6:2020 © IEC 2020
Upon delivery of an unknown keyID, while using an expired key, the subscriber shall
immediately perform a GROUP-PULL in order to synchronize keys.
If the security tests pass, the state machine shall transition to checking for replayed packets
(State 4).
If the security checks fail, the state machine shall transition to the Security Check Failure
Supervision Update state (State 9).
4) The Check for Replay state shall perform the procession in 6.2.1.3.
If no replay is detected, a transition to the Application Update State (State 5) shall occur.
If replay is detected, a transition to the Replayed Packet Supervision Update state (State
10) shall occur.
5) The “To Application” state shall decode the GOOSE packet. The decoded information shall
be delivered to the Application if decoded stNum is not equal to lastRcvStNum. It is a local
issue if a change of sqNum shall cause information to be delivered to the Application.
The values of lastRcvStNum and lastRcvSqNum shall be updated to the values decoded
from the GOOSE packet.
The state shall transition to State 6.
6) The intTAL value shall be set to a value related to the decoded Time Allowed to Live (TAL)
value. The Association Loss timeout shall also be reset to a locally determined value.
7) The supervision information shall be updated based upon the new packet information
received. See 6.2.1.4 for processing requirements.
Once the supervision information has been updated, a transition to State 8.
8) The value of intTAL shall be used to detect packet loss. The state shall start an expiration
time based upon the current value of intTAL.
If the value of intTAL is zero (e.g. expired), a transition to State 11 shall occur.
If subscribed for GOOSE packet is received, the state shall transition to State 3.
9) The supervision information shall be updated based upon the security check failure
information received. See 6.2.1.4 for processing requirements.
Once the supervision information has been updated, a transition to State 8. No reset or
setting of intTAL shall be performed.
10) The supervision information shall be updated based upon the replay detection information.
See 6.2.1.4 for processing requirements.
Once the supervision information has been updated, a transition to State 8. No reset or
setting of intTAL shall be performed.
11) This state is used to determine when a subscription is no longer active. It differs from the
packet loss detection in that it is a local issue.
Once it is decided that the subscription is no longer active, the state transitions to State 12.
12) The application shall be updated such that it is aware that the subscription is no longer
valid. The means through which this is performed is a local issue.
After the application is updated, the state shall transition to State 13.
13) The supervision information shall be updated based upon the loss of an active subscription
(e.g. LGOS.St shall change state). See 6.2.1.4 for processing requirements.
Once the supervision information has been updated, a transition to State 14.
14) The values lastRcvStNum, and lastRcvSqNum shall be set to invalid and a transition to
State 2 shall occur.
6.2.1.2 Security Check Protection Requirements
This subclause specifies the processing required for checking GOOSE security parameters.
• The subscriber shall check if the AuthenticationValue (see 8.2.2.1) is expected as
configured per IEC 61850-6 and the subscriber implements security.

– If the AuthenticationValue is expected per configuration of the
GSEControl.securityEnable and there is no AuthenticationValue provided, this shall
result in a security check failure and no further security check processing will be
required.
– If there is no expected AuthenticationValue and a AuthenticationValue is provided, it
shall be processed as if there were no AuthenticationValue and the value shall
AuthenticationValue shall not be verified but shall not constitute a failure of the security
checks.
– If there is no expected AuthenticationValue and no AuthenticationValue is present this
shall not constitute a security check failure.
– If there is an AuthenticationValue and the subscriber does not support authentication
this shall not constitute a security check failure.
• If encryption is being utilized, the packet shall be decrypted.
If none of the security checks fail, the state machine shall transition to the next state.
6.2.1.3 Check for Replay State Processing Requirements
This clause specifies the processing required for checking for GOOSE packet replay.
• If the LPHD.Sim has transitioned to True, and the first simulated GOOSE has been
processed, there shall be no replay detected. This indicates a transition from processing
packets from a real publisher to process packets from a test set.
• If the LPHD.Sim has transitioned to False, and the first non-simulated GOOSE is being
processed, there shall be no replay detected. This indicates a transition from processing
simulated packets from a test set to processing packets from a real publisher.
• The subscriber shall check the timestamp (t) received in the GOOSE message versus
lastRcvT. The processing is:
– If the subscriber has an invalid value for lastRcvT, the subscriber shall update the value
of lastRcvT to the value of “T received in the GOOSE message.
– Otherwise, if the previous values of lastRcvT and lastRcvStNum were valid:
i) If the lastRcvStNum value is less than the received stNum, the subscriber shall check
that the value of “T received is no more than the local delivery deviation value older
or newer than the subscriber’s local time. If the value of “T is outside of this range,
this constitutes a failure and no further processing of the replay protection is needed
as it has already failed.
The use of delivery variance is a local issue.
• The subscriber shall check the stNum and sqNum received in the GOOSE message. The
processing is:
– If the subscriber has invalid states for lastRcvStNum and lastRcvSqNum the subscriber
state machine shall set the values to:
i) lastRcvStNum shall be set to the value of stNum received in the GOOSE packet.
ii) lastRcvSqNum shall be set to the value of sqNum received in the GOOSE packet.
No further replay checks are needed.
– If there are valid values for lastRcvStNum and lastRcvSqNum, the subscriber shall:
i) Determine if rollover of the sqNum was imminent. If the received stNum value is zero
(0) then the values of lastRcvStNum and lastRcvSqNum shall be updated with the
received stNum and sqNum values respectively.
No further replay checks are needed.
ii) If the received stNum is less than lastRcvStNum or sqNum is less than
lastRcvSqNum this could be caused by one of two factors:

– 16 – IEC 62351-6:2020 © IEC 2020
A packet replay or a multi-path delayed packet. In either case, the received GOOSE
shall not be provided to the application and the state machine shall behave as if the
packet was a replay. However, it will be a local issue if the Supervision state
classifies this occurrence as a replay.
6.2.1.4 Supervision Update State Processing Requirements
The Supervision Update State is a transient state and is used to represent the local updating
of LGOS, local logs, standardized security logs, proprietary network management MIBs, and
security event creation, as well as IEC 62351-7 standardized MIBs.
6.2.2 Sampled Value replay protection
6.2.2.1 General
IEC 61850-9-2 does not detail how to transition out-of-order message delivery should be
handled. In some cases, out-of-order delivery would not constitute replay and could just be
based upon multi-path delivery delays. Unlike GOOSE, Sampled Values does not have a state
number/sequence number construct available for use in replay protection. Therefore,
implementations claiming conformance to
...