DOCSLIB.ORG

IEC TC57 WG15 Status Report

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
IEC TC57 WG15 Status Report INTERNATIONAL ELECTROTECHNICAL COMMISSION IEC TC57 WG15 - Cybersecurity Status & Roadmap June, 2012 Frances Cleveland Convenor WG15 Mission and Scope of WG15 on Cybersecurity . Undertake the development of standards for security of the communication protocols defined by the IEC TC 57 . Specifically the IEC 60870-5 series, the IEC 60870-6 series, the IEC 61850 series, the IEC 61970 series, and the IEC 61968 series. Undertake the development of standards and/or technical reports on end-to-end security issues. WG15 Status June 2012 3 WG15 Members . 71 members . Participants from 20 countries . Argentina . Italy . Canada . Japan . China . Korea . Croatia . Norway . Czechoslovakia . Russia . Denmark . South Africa . Finland . Spain . France . Sweden . Germany . Switzerland . Great Britain . USA . Israel WG15 Status June 2012 4 IEC TC57 Architecture of Information Standards Distributed Energy Resources (DER ) Electric Vehicle Market System Back Office DER Generator IEC 61850-90-7, 8, 9, 10 Control Center A Control Center B DER Storage DMS EMS 61968 62325 Apps. Apps. IEC IEC IEC 61970 IEC 61968 420 - 7 - Communication Bus 61850 IEC IEC 61970 IEC 60870-6 SCADA TASE.2/ICCP IEC 62351 410 - 7 ) Cybersecurity - 3 102 104 - / DNP 61850 ( 5 - 101 CC - - IEC 61850 5 - 1815 SS 60870 Substations / Field Devices IEC 60870 IEEE IEC IEC 61850- Turbine and 90-5 electric systems Substation RTUs PMUs IEC 61850 Automation Systems Hydro systems IEC 60870-5-103 IEC 61850 Hydroelectric/ Gas SS-SS Turbine Power Plants Protection, Control, Metering IEC 61850 GOOSE, SV IEC 61850 Switchgear, Transformers, Instrumental Transformers WG15 Status June 2012 5 Mapping of TC57 Communication Standards to IEC 62351 Security Standards IEC TC57 Communication Standards IEC 62351 Security Standards IEC 62351 Part 1: Introduction IEC 60870-6: TASE.2 (ICCP) IEC 62351 Part 2: Glossary IEC 61850 over MMS IEC 62351 Part 3: Profiles including TCP/IP ) Based - Key : RBAC 9 IEC 61850 GOOSE & SV ( IEC 62351 Part 4: Profiles including MMS Role : Object Models 8 Part 7 Part IEC 60870-5-104 & DNP3 Part IEC 62351 Part 5: IEC 60870-5 & Derivatives Management 62351 62351 IEC 62351 Access Control IEC 60870-5-101 & Serial DNP3 for Network Management IEC 62351 Part 6: IEC 61850 Profiles IEC IEC IEC 62351 Part10: Security Architecture Guidelines for TC57 Systems WG15 Status June 2012 6 Status of IEC 62351 Parts IEC 62351 Part Release Date Activities (June 2012) Planned Release IEC/TS 62351-1: Introduction 2007 IEC/TS 62351-2: Glossary 2008 Review Report Amendment by http://std.iec.ch/terms/terms.nsf/ByPub?OpenView&Co pending mid 2013 unt=-1&RestrictToCategory=IEC%2062351-2 IEC/TS 62351-3: Security for profiles 2007 Updated document CDV by June 2012 including TCP/IP being finalized June IS Ed. 2 by June 2012 2013 IEC/TS 62351-4: Security for profiles 2007 including MMS IEC/TS 62351-5: Security for IEC 60870-5 and 2009 DTS as Ed. 2 TS Ed. 2 by Q3 derivatives 2012 IEC/TS 62351-6: Security for IEC 61850 2007 Updates planned but profiles not started IEC/TS 62351-7: Objects for Network 2010 Management IEC/TS 62351-8: Role-Based Access Control 2011 IEC/TS 62351-9: Key Management CD to be submitted June 2012 IEC/TS 62351-10: Security Architecture DTS sent to IEC – TS by Q3 2012 voting date 6-22-12 IEC/TS 62351-11: Security for XML Files NWIP – closing date 7-27-12 WG15 Status June 2012 7 Coordination with Other Security Activities . IEC TC57 WG15 has a Liaison A with IEC TC65C which will review and standardize the work of the ISA SP99 Security Standards . IEC TC57 WG15 has a Liaison D with the IEEE PES PSCC Security Subcommittee . Pending: . Liaison D with M/490 SGIS . Liaison D with UCAIug . Liaison ?? With ISO JTC 1 / SC 27 “IT Security” . Coordination: . NIST Cyber Security Working Group (CSWG) under NIST’s Smart Grid Interoperability Panel . NERC CIP 002-009 – WG15 has members who are very active with NERC security activities . Cigré D2.22 WG15 Status June 2012 8 TC57 Security (IEC 62351) Roadmap As of June 2012 Completed and Current Updates & New Work On-Going Work Coordination • Parts 1, 2, 3, 4, 5, 6, 7, & 8 • Part 9 Key Management, • IEC TC65C WG10 – finalized as TS Standards CD due June 2012 • ISA SP99 (Ed 1) • Part 10 Security • CIGRE D2.22 • Parts 9, 10, & 11 – in Architecture, TS expected process shortly • NIST CSWG • Parts 3 & 5 being updated • Part 11 Security for XML • M/490 SGIS to Ed 2 Files, just starting • IEC TC13 • ISO/IEC JTC 1 / SC 27 for ISO 27000 series 9 WG15 Status June 2012 Issues . Intellectual Property issues with certain cryptographic suites . Although we have cybersecurity experts, they are very busy . Cybersecurity is a very dynamic, rapidly changing field which is quite new for the power industry . Need rapid development of new standards and updates to existing standards . Need guidelines for end-to-security . Need both standards and technical reports . Need input from power system domain experts on security requirements WG15 Status June 2012 10 INTERNATIONAL ELECTROTECHNICAL COMMISSION Questions? Comments? .
Load more

Recommended publications
  • Integration Ecosystems Panel (Howard Self)
    Howard Self, ABB , Program Manager Smart Grid, May 10, 2017 GMLC Interoperability Technical Meeting © ABB June 6, 2017 | Slide 1 Utility Network Control Overview Transmission – 1970 - 1995 SCADA‪ Control Center Proprietary‪ Protocols Harris‪ 5000 CDC‪ I & II Conitel‪ 2020/3000 Telegyr‪ 6500/8979 Valmet‪ III & V PG&E‪ 2179 SES‪ 92 © ABB June 6, 2017 | Slide 2 Microprocessor Evolution(Integration Nightmare) 1988-1996, RS232,RS485 – 9600 Baud Relay/IEDs‪ Regulator‪ Controller RTU/Data‪ Concentrator GETAC‪ 2179‪ Incom‪ /Modbus ASCII Incom‪ Meter‪ IED PLC/Data‪ Concentrator SEL‪ ASCII Modbus/DNP‪ © ABB June 6, 2017 | Slide 3 The Birth of DNP3 1992-1994 through today o Open, non-proprietary o SBO (Select Before Operate) o Accurate Time Sync and Time Stamped Data o Quality flags, Internal Indications o Multiple Data Formats o Layer Separation (Link, transport, application) o Quiescent, Report-by-exception, polling o File transfer o UDP/TCP o Secure Authentication V2/V5 © ABB June 6, 2017 | Slide 4 The Need for Speed Inside the substation o Modbus Plus – 1 mb/s (Serial Taken ring) o Modbus TCP/IP – 10/100 mb/s o Profibus – 12mbs o DNP/IP – 10/100mbs o LON o UCA – 10/100 mb/s (Client/Server, Peer-to-peer) o IEC 61850 – 10/100 mb/s (Client/Server, Peer-to- peer, Sample measured Values) © ABB June 6, 2017 | Slide 5 Introduction UCA 2.0/IEC 61850 start-up UCA Project Origin: . Utility Communications Architecture (UCA) - enterprise-wide unified scheme to share all operating and management information . 1994 - EPRI member utilities called for common standard for IEDs in substations .
    [Show full text]
  • Author Information Only
    Cyber Security Practical considerations for implementing IEC 62351 Frank Hohlbaum, Markus Braendle, Fernando Alvarez ABB [email protected] Switzerland 1. Introduction Two trends are currently changing substation automation systems: IEC 61850 and the need for increased cyber security. IEC 61850 has gained global acceptance by both vendors as well as customers. Cyber security on the other hand has quickly become one of the most dominant topics for control systems in general and electrical utilities in particular. The combination of the two, securing IEC 61850 based communications, has been one of the goals of the recently published technical specification IEC 62351. In the authors‟ view IEC 62351 is overall a good starting point and will be the future standard to help secure IEC 61850 communication. However, there are some shortcomings of the current standard and some challenges that need to be addressed before IEC 62351 can be implemented and gain wide acceptance. This paper will highlight the challenge of addressing secure communication in the substation real-time environment, complying with the IEC 61850 real-time specifications. The major difficulties are to reach the performance defined in IEC 61850 for GOOSE and SV data with today‟s proposed technical specification defined for IEC 62351 part 6. In chapter 2, we will give a short overview about the structure of IEC 61850 as well as the detailed performance requirements for the various data types. Chapter 3 will present an introduction of the IEC 62351 standard including the used methods to secure the IEC 61850 communication. Chapter 4 will then show the major implementation issues of IEC 62351 part 6.
    [Show full text]
  • Preview - Click Here to Buy the Full Publication
    This is a preview - click here to buy the full publication IEC/TR 62351-10 ® Edition 1.0 2012-10 TECHNICAL REPORT colour inside Power systems management and associated information exchange – Data and communications security – Part 10: Security architecture guidelines INTERNATIONAL ELECTROTECHNICAL COMMISSION PRICE CODE X ICS 33.200 ISBN 978-2-83220-419-1 Warning! Make sure that you obtained this publication from an authorized distributor. ® Registered trademark of the International Electrotechnical Commission This is a preview - click here to buy the full publication – 2 – TR 62351-10 © IEC:2012(E) CONTENTS FOREWORD ........................................................................................................................... 4 INTRODUCTION ..................................................................................................................... 6 1 Scope ............................................................................................................................... 7 2 Normative references ....................................................................................................... 7 3 Terms, definitions and abbreviations ................................................................................ 7 3.1 Terms and definitions .............................................................................................. 7 3.2 Abbreviations .......................................................................................................... 7 4 Power systems – specifics and related
    [Show full text]
  • IEC 62351 Security Standards for the Power System Information Infrastructure
    IEC TC57 WG15: IEC 62351 Security Standards for the Power System Information Infrastructure Frances Cleveland, WG15 Convenor Xanthus Consulting International Contents 1. OVERVIEW: IEC TC57 WG15 SECURITY FOR POWER SYSTEM COMMUNICATIONS ................... 1 2. DUAL INFRASTRUCTURES: THE POWER SYSTEM AND THE INFORMATION SYSTEM .................. 2 3. WHY CYBERSECURITY? ............................................................................................................ 3 3.1 Legacy Approach: Security by Obscurity .......................................................................... 3 3.2 Smart Grid as Cyber-Physical Systems .............................................................................. 4 4. SECURITY CONCEPTS ............................................................................................................... 5 4.1 Security Threats ............................................................................................................... 5 4.2 Security Purposes ............................................................................................................ 5 4.3 Security Processes ........................................................................................................... 6 4.4 Security Planning ............................................................................................................. 7 4.5 Security Requirements .................................................................................................... 8 4.6 Security Attacks ..............................................................................................................
    [Show full text]
  • The Common Information Model CIM Mathias Uslar, Michael Specht, Sebastian Rohjans, Jörn Trefke, and José Manuel Vasquez González
    The Common Information Model CIM Mathias Uslar, Michael Specht, Sebastian Rohjans, Jörn Trefke, and José Manuel Vasquez González The Common Information Model CIM IEC 61968/61970 and 62325 – A Practical Introduction to the CIM ABC Authors Dr.-Ing. Mathias Uslar Dipl.Inf. Jörn Trefke OFFIS - Institut für Informatik OFFIS - Institut für Informatik Escherweg 2 Escherweg 2 26131 Oldenburg 26131 Oldenburg E-mail: uslar@offis.de E-mail: Joern.trefke@offis.de Dipl.-Inf. (FH) Michael Specht Dipl.-Wirt.Inf. José Manuel Vasquez González OFFIS - Institut für Informatik OFFIS - Institut für Informatik Escherweg 2 Escherweg 2 26131 Oldenburg 26131 Oldenburg E-mail: michael.specht@offis.de E-mail: jose.gonzalez@offis.de Dipl.-Inform. Sebastian Rohjans OFFIS - Institut für Informatik Escherweg 2 26131 Oldenburg E-mail: sebastian.rohjans@offis.de ISBN 978-3-642-25214-3 e-ISBN 978-3-642-25215-0 DOI 10.1007/978-3-642-25215-0 Library of Congress Control Number: 2011942873 c 2012 Springer-Verlag Berlin Heidelberg This work is subject to copyright. All rights are reserved, whether the whole or part of the mate- rial is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilm or in any other way, and storage in data banks. Dupli- cation of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer. Violations are liable to prosecution under the German Copyright Law. The use of general descriptive names, registered names, trademarks, etc.
    [Show full text]
  • BULETINUL STANDARDIZĂRII Publicaţie Oficială a Organismului Naţional De Standardizare
    BULETINUL STANDARDIZĂRII Publicaţie oficială a Organismului Naţional de Standardizare Noiembrie 2018 CUPRINS Direcţia Comercială Șef Serviciu: Eduard Laurențiu Ioan Redactare şi tehnoredactare: Serviciul Producţie STANDARDIZAREA NAŢIONALĂ ......................... 1 Management Informatic: Dumitriana Bănică, Standarde aprobate ������������������������������������������������������������������������ 1 Monica Marin, Ştefania Kraus Standarde anulate ���������������������������������������������������������������������������12 Standarde europene adoptate iniţial prin filă de confirmare sau notă de confirmare pentru care se publică versiunea română ������������������������21 Modificări în organizarea şi structura comitetelor tehnice �����������������������������������������������������������������������25 STANDARDIZAREA EUROPEANĂ ...................... 26 Standarde europene CEN aprobate �������������������������������������26 Standarde europene CENELEC aprobate �������������������������31 Standarde europene ETSI aprobate �������������������������������������33 Proiecte de standarde europene CEN supuse anchetei publice �������������������������������������������������������������47 Proiecte de standarde europene CENELEC supuse anchetei publice �������������������������������������������������������������51 Proiecte de standarde europene ETSI supuse anchetei publice �������������������������������������������������������������53 STANDARDIZAREA INTERNAŢIONALĂ ............. 54 Standarde internaţionale ISO aprobate �����������������������������54
    [Show full text]
  • Technical Iec Specification Ts 62351-1
    This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-568825 TECHNICAL IEC SPECIFICATION TS 62351-1 First edition 2007-05 Power systems management and associated information exchange – Data and communications security Part 1: Communication network and system security – Introduction to security issues Reference number IEC/TS 62351-1:2007(E) Copyright © IEC, 2007, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-568825 THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright © 2007 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office 3, rue de Varembé CH-1211 Geneva 20 Switzerland Email: [email protected] Web: www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC.
    [Show full text]
  • Technical Iec Specification Ts 62351-1
    This is a preview - click here to buy the full publication TECHNICAL IEC SPECIFICATION TS 62351-1 First edition 2007-05 Power systems management and associated information exchange – Data and communications security Part 1: Communication network and system security – Introduction to security issues PRICE CODE Commission Electrotechnique Internationale V International Electrotechnical Commission Международная Электротехническая Комиссия For price, see current catalogue This is a preview - click here to buy the full publication – 2 – TS 62351-1 © IEC:2007(E) CONTENTS FOREWORD...........................................................................................................................4 1 Scope and object..............................................................................................................6 1.1 Scope......................................................................................................................6 1.2 Object .....................................................................................................................6 2 Normative references .......................................................................................................7 3 Terms, definitions and abbreviations ................................................................................7 4 Background for information security standards .................................................................7 4.1 Rationale for addressing information security in power system operations...............7 4.2 IEC TC
    [Show full text]
  • Final Report Standards for Smart Grids
    Final report of the CEN/CENELEC/ETSI Joint Working Group on Standards for Smart Grids Final report of the CEN/CENELEC/ETSI Joint Working Group on Standards for Smart Grids Status: approved by the CEN/CENELEC/ETSI Joint Presidents Group (JPG) on 4 May 2011, subject to the formal approval by 2011-06-05 by the individual ESOs Final report of the CEN/CENELEC/ETSI Joint Working Group on Standards for Smart Grids Foreword < to be added> Final report of the CEN/CENELEC/ETSI Joint Working Group on Standards for Smart Grids Contents 1. Executive summary .................................................................................................................................. 6 2. Introduction ............................................................................................................................................... 8 2.1 Basic idea of smart grids ..................................................................................................................... 9 2.2 Current political background in Europe ............................................................................................. 11 2.3 Aim of a European standardization report ........................................................................................ 11 2.4 Standardization activities around the world ...................................................................................... 13 3. Description of the overall concept ....................................................................................................... 17 3.1
    [Show full text]
  • Technical Specification Iec Ts 62351-4
    This is a preview - click here to buy the full publication TECHNICAL IEC SPECIFICATION TS 62351-4 First edition 2007-06 Power systems management and associated information exchange – Data and communications security – Part 4: Profiles including MMS PRICE CODE Commission Electrotechnique Internationale P International Electrotechnical Commission Международная Электротехническая Комиссия For price, see current catalogue This is a preview - click here to buy the full publication – 2 – TS 62351-4 © IEC:2007(E) CONTENTS FOREWORD...........................................................................................................................3 1 Scope and object..............................................................................................................5 1.1 Scope......................................................................................................................5 1.2 Object .....................................................................................................................5 2 Normative References ......................................................................................................5 3 Terms and definitions .......................................................................................................6 4 Security issues addressed by this technical specification..................................................6 4.1 Security for application and transport profiles..........................................................6 4.2 Security threats countered.......................................................................................7
    [Show full text]
  • Technical Report
    This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-571910 IEC/TR 62357-1 ® Edition 1.0 2012-10 TECHNICAL REPORT colour inside Power systems management and associated information exchange – Part 1: Reference architecture (E) :2012 1 - 62357 /TR IEC Copyright © IEC, 2012, Geneva, Switzerland. All rights reserved. Sold by SIS under license from IEC and SEK. No part of this document may be copied, reproduced or distributed in any form without the prior written consent of the IEC. This preview is downloaded from www.sis.se. Buy the entire standard via https://www.sis.se/std-571910 THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright © 2012 IEC, Geneva, Switzerland All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local IEC member National Committee for further information. IEC Central Office Tel.: +41 22 919 02 11 3, rue de Varembé Fax: +41 22 919 03 00 CH-1211 Geneva 20 [email protected] Switzerland www.iec.ch About the IEC The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes International Standards for all electrical, electronic and related technologies. About IEC publications The technical content of IEC publications is kept under constant review by the IEC.
    [Show full text]
  • Smart Grid Why Standards?
    International Smart Grid Standardization Hype, Competition of Standards or useful cooperation? Dr. Rolf Apel EPCC’11 Altea (Spain) May 2011 © Siemens AG 2011. All rights reserved Smart Grid Why standards? . Market: Standards build global markets E.g. Harmonization of Smart Metering to build European market . Politics: Public stimulus packages support standards US: Standards are the base for ARRA Smart Grid projects (5’’$) EU: Mandate 411 to harmonize Smart Metering . Technology: Communication is key area for standards Communication and data models need to be standardized to allow the development of new applications . Unprecedented Speed of standardization efforts Standardization organizations have picked up the topic at top speed E.g. NIST, M441 Mandate, etc. Page 2 May 2011 Dr. Rolf Apel © Siemens AG 2011. All rights reserved Regional differences? Drivers for Smart Grid Regional differences Topics: Market comm., Metering, Home & Building, Demand Response, EV, Security (privacy etc.) Criteria: regulated Evidence: different standards referenced in studies and different national and regional regulation Likely consensus Topics: Architecture, Communication, Common Data Models, DER, RES Criteria: Interoperability, non-regulated Evidence: Set of Core Standards (e.g. IEC TC 57) identified across studies Page 3 May 2011 Dr. Rolf Apel © Siemens AG 2011. All rights reserved International Activities . JWG Smart Grid . DKE, VDE „German . European Technology platform standardization roadmap E- FutuRed – Spanish Electrical Grid Platform; Smart Energy“ Grids-Roadmap Austria; Electricity Networks Strategy BMWI Uslar et al „Investigation of Group (UK) etc. standardization for BMWi-project E-Energy“ . Smart Metering EU-Mandate M/441 . BDI „Internet of Energy“ . Electrical vehicle Mandate – M/461 . Smart Grid EU Mandate – M/490 .
    [Show full text]