IEC 62351

The IEC 62351 standard describes the standard for security in energy management systems and the associated data exchange. It describes measures to meet the four basic requirements for secure data communication / data processing :

• confidentiality
• Data integrity
• Authentication
• Undeniable

Overview of the individual standards

• IEC 62351-1 - Overview of the overall document IEC 62351 and introduction to the IT security aspects for the operation of power supply systems.
• IEC 62351-2 - Glossary of terms and abbreviations used.
• IEC 62351-3 - End-to-end protection of data traffic for TCP / IP-based connections by using TLS in accordance with RFC 5246 with required mutual authentication of client and server on the basis of X.509 certificates .
• IEC 62351-4 - Security measure for MMS-based protocols (e.g. ICCP-based IEC 60870-6 , IEC 61850 ) by securing the transport layer according to IEC 62351-3 and defining an authentication mechanism "SECURE" on the user layer for MMS associations using X.509 certificates.
• IEC 62351-5 - Security for IEC 60870-5 and derived protocols (e.g. IEC 60870-5-104 / IEC 60870-5-101 / DNP3 ) on the user layer by means of access authorization to critical resources of a substation using role based access restrictions RBAC and recording of security-relevant events in statistics.
• IEC 62351-6 - Security for the IEC 61850 protocol through the use of VLAN markings and X.509 signatures for GOOSE and SMV telegrams, as well as the use of authentication mechanisms for SNTP .
• IEC 62351-7 - Security through the use of network and system management tools to enable monitoring of the power grid infrastructure, e.g. B. using Management Information Base MIB definitions for IEDs, which provide manufacturer-independent relevant system information regarding the device and the communication lines via the SNMP protocol in a standardized way.
• IEC 62351-8 - Definition of methods for processing and managing access rights for users and services on the basis of a role-based access control system ( RBAC ). The identity information as well as the role name is stored in an access token (ASN.1 syntax) which, with the help of various transport mechanisms (X.509 certificates, X.509 attribute certificates, software tokens), is cryptographically secure between the systems is replaced. The central administration of the access data takes place via an LDAP system which enables access (PUSH / PULL mechanism) to the identity information of the communication partner. In addition, predefined standard roles are introduced and the access rights are defined in the context of IEC 61850 (e.g. listing of all objects in a "logical device").
• IEC 62351-9 - "Cyber ​​Security", the key management for power supply systems, deals with the correct and safe handling of security-critical parameters, e.g. B. Passwords, encryption keys and the entire life cycle of cryptographic information (registration, creation, distribution, installation, use, storage and removal). For asymmetric encryption methods, the handling of digital certificates (public / private key), the necessary infrastructure (PKI, X.509 certificates) and mechanisms with regard to various management aspects, e.g. B. Certificate request (SCEP, CMP), certificate revocation (CRL, OCSP) defined. When using symmetric keys (e.g. session keys), a mechanism for secure distribution based on GDOI [RFC6407] and IKEv2 [RFC7427] is presented.
• IEC 62351-10 - The standard explains security architectures for the entire IT infrastructure, with an additional focus on special security requirements from the field of power generation. Critical points in the communication architecture (e.g. substation control center, substation automation) are identified and suitable security mechanisms (e.g. data encryption, user authentication) are proposed. The application of the mechanism from IEC 62351 and proven standards from the IT sector (e.g. VPN tunnel, secure FTP, HTTPS) are combined in order to meet the security requirements.
• IEC 62351-11 - Security for XML files by embedding the original XML content in an XML container, which optionally enables encryption, X.509 signature for the authenticity of the XML data, creation time and access control for XML data.