IEC 62351-4 ® Edition 1.0 2018-11 INTERNATIONAL STANDARD
Total Page:16
File Type:pdf, Size:1020Kb
This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-80009703 IEC 62351-4 ® Edition 1.0 2018-11 INTERNATIONAL STANDARD colour inside Power systems management and associated information exchange – Data and communications security – Part 4: Profiles including MMS and derivatives ) en ( 1 1 - 2018 : 4 - 62351 IEC Copyright © IEC, 2018, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-80009703 THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright © 2018 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office Tel.: +41 22 919 02 11 3, rue de Varembé [email protected] CH-1211 Geneva 20 www.iec.ch Switzerland About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the latest edition, a corrigenda or an amendment might have been published. IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org The stand-alone application for consulting the entire The world's leading online dictionary of electronic and bibliographical information on IEC International Standards, electrical terms containing 21 000 terms and definitions in Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical iPad. Vocabulary (IEV) online. IEC publications search - webstore.iec.ch/advsearchform IEC Glossary - std.iec.ch/glossary The advanced search enables to find IEC publications by a 67 000 electrotechnical terminology entries in English and variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and CISPR. IEC Just Published - webstore.iec.ch/justpublished Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc details all new publications released. Available online and If you wish to give us your feedback on this publication or also once a month by email. need further assistance, please contact the Customer Service Centre: [email protected]. Copyright © IEC, 2018, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-80009703 IEC 62351-4 ® Edition 1.0 2018-11 INTERNATIONAL STANDARD colour inside Power systems management and associated information exchange – Data and communications security – Part 4: Profiles including MMS and derivatives INTERNATIONAL ELECTROTECHNICAL COMMISSION ICS 33.200 ISBN 978-2-8322-6262-7 Warning! Make sure that you obtained this publication from an authorized distributor. ® Registered trademark of the International Electrotechnical Commission Copyright © IEC, 2018, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-80009703 – 2 – IEC 62351-4:2018 © IEC 2018 CONTENTS FOREWORD ........................................................................................................................... 8 1 Scope ............................................................................................................................ 10 1.1 General ................................................................................................................. 10 1.2 Code components ................................................................................................. 11 2 Normative references .................................................................................................... 11 3 Terms, definitions and abbreviated terms ...................................................................... 12 3.1 General ................................................................................................................. 12 3.2 Terms and definitions ............................................................................................ 13 3.3 Abbreviated terms ................................................................................................. 16 4 Security issues addressed by this part of IEC 62351 ..................................................... 17 4.1 Communications reference models ....................................................................... 17 4.2 Security for application and transport profiles ....................................................... 18 4.3 Compatibility and native modes............................................................................. 19 4.4 Security threats countered .................................................................................... 19 4.4.1 General ......................................................................................................... 19 4.4.2 Threats countered in compatibility mode ........................................................ 20 4.4.3 Threats countered in native mode .................................................................. 20 4.5 Attack methods countered ..................................................................................... 20 4.5.1 General ......................................................................................................... 20 4.5.2 Attacks countered in compatibility mode ........................................................ 20 4.5.3 Attacks countered in native mode .................................................................. 20 4.6 Logging ................................................................................................................. 21 5 Specific requirements .................................................................................................... 21 5.1 Specific requirements for ICCP/IEC 60870-6-x communication stack .................... 21 5.2 Specific requirements for IEC 61850 ..................................................................... 22 6 Transport Security ......................................................................................................... 22 6.1 General ................................................................................................................. 22 6.2 Application of transport layer security (TLS) .......................................................... 22 6.2.1 General ......................................................................................................... 22 6.2.2 The TLS cipher suite concept ........................................................................ 23 6.2.3 TLS session resumption ................................................................................ 23 6.2.4 TLS session renegotiation ............................................................................. 23 6.2.5 Supported number of trust anchors ................................................................ 23 6.2.6 Public-key certificate size .............................................................................. 23 6.2.7 Evaluation period for revocation state of public-key certificates ..................... 23 6.2.8 Public-key certificate validation ...................................................................... 24 6.2.9 Security events handling ................................................................................ 24 6.3 T-security in an OSI operational environment ........................................................ 24 6.3.1 General ......................................................................................................... 24 6.3.2 TCP ports ...................................................................................................... 24 6.3.3 Disabling of TLS ............................................................................................ 25 6.3.4 TLS cipher suites support .............................................................................. 25 6.4 T-security in an XMPP operational environment .................................................... 26 7 Application layer security overview (informative)