This part of IEC 62351 specifies messages, procedures and algorithms for securing the operation of all protocols based on or derived from IEC 60870-5: Telecontrol equipment and systems – Transmission protocols. This Technical Specification applies to at least those protocols listed in Table 1.

Table 1 – Scope of application to standards

The initial audience for this Technical Specification is intended to be the members of the working groups developing the protocols listed in Table 1. For the measures described in this specification to take effect, they must be accepted and referenced by the specifications for the protocols themselves. This document is written to enable that process.

The subsequent audience for this specification is intended to be the developers of products that implement these protocols.

Portions of this specification may also be of use to managers and executives in order to understand the purpose and requirements of the work.

This part of IEC/TS 62351 focuses only on application layer authentication and security issues arising from such authentication. Other security concerns – in particular, protection from eavesdropping or man-in-the-middle attacks through the use of encryption – are considered to be outside the scope. Encryption may be added through the use of this specification with other specifications.

This document is organized working from the general to the specific, as follows:

Clauses 2 through 4 provide background terms, definitions, and references.
Clause 5 describes the problems this specification is intended to address.
Clause 6 describes the mechanism generically without reference to a specific protocol.
Clauses 7 and 8 describe the mechanism more precisely and are the primary normative part of this specification.
Clause 9 describes a few particular implementation issues that are special cases.
Clause 10 describes the requirements for other standards referencing this specification.
Clause 11 describes the Protocol Implementation Conformance Statement (PICS) for this mechanism.

Unless specifically labelled as informative or optional, all clauses of this specification are normative.

PDF Catalog

PDF Pages	PDF Title
4	CONTENTS
8	FOREWORD
10	1 Scope and object Tables Table 1 – Scope of application to standards
11	2 Normative references
12	3 Terms and definitions
13	4 Abbreviated terms 5 Problem description (informative) 5.1 Overview of clause 5.2 Specific threats addressed 5.3 Design issues 5.3.1 Overview of subclause 5.3.2 Asymmetric communications
14	5.3.3 Message-oriented 5.3.4 Poor sequence numbers or no sequence numbers 5.3.5 Limited processing power 5.3.6 Limited bandwidth 5.3.7 No access to authentication server
15	5.3.8 Limited frame length 5.3.9 Limited checksum 5.3.10 Radio systems 5.3.11 Dial-up systems 5.3.12 Variety of protocols affected
16	5.3.13 Differing data link layers 5.3.14 Long upgrade intervals 5.3.15 Remote sites 5.3.16 Multiple users 5.3.17 Unreliable media 5.4 General principles 5.4.1 Overview of subclause 5.4.2 Authentication only
17	5.4.3 Application layer only 5.4.4 Generic definition mapped onto different protocols 5.4.5 Bi-directional 5.4.6 Challenge-response 5.4.7 Pre-shared keys as default option 5.4.8 Backwards tolerance
18	5.4.9 Upgradeable 5.4.10 Perfect forward secrecy 5.4.11 Multiple users and auditing 6 Theory of operation (informative) 6.1 Overview of clause 6.2 Narrative description 6.2.1 Basic concepts
19	6.2.2 Initiating the challenge 6.2.3 Replying to the challenge
20	6.2.4 Authenticating 6.2.5 Authentication failure 6.2.6 Aggressive mode 6.2.7 Changing keys Table 2 – Summary of symmetric keys used
21	Table 3 – Summary of asymmetric keys used (optional)
24	6.2.8 Security statistics 6.3 Example message sequences 6.3.1 Overview of subclause Figures Figure 1 – Overview of interaction between Authority and stations
25	6.3.2 Challenge of a Critical ASDU Figure 2 – Example of successful Challenge of Critical ASDU Figure 3 – Example of failed Challenge of Critical ASDU
26	6.3.3 Aggressive Mode 6.3.4 Initializing and changing Session Keys Figure 4 – Example of a successful Aggressive Mode Request Figure 5 – Example of a failed Aggressive Mode Request
27	Figure 6 – Example of Session Key initialization and periodic update
28	Figure 7 – Example of communications failure followed by Session Key change
29	Figure 8 – Example of successful User Status and Update Key Change
30	6.4 State machine overview Figure 9 – User changes controlling stations
31	Figure 10 – Major state transitions for controlling station authentication
32	Figure 11 – Major state transitions for controlled station authentication
33	Figure 12 – Major state transitions for controlling station Update Key change
34	7 Formal specification 7.1 Overview of clause 7.2 Message definitions 7.2.1 Distinction between messages and ASDUs Figure 13 – Major state transitions for controlled station Update Key change
35	7.2.2 Challenge message Table 4 – Challenge message
37	7.2.3 Reply message Table 5 – Reply message
38	7.2.4 Aggressive Mode Request message Table 6 – Data Included in the MAC Value calculation Table 7 – Aggressive Mode Request message
39	Table 8 – Data Included in the MAC Value calculation in Aggressive Mode
40	7.2.5 MAC := OS8i[1..8i]; i:=specified by MALKey Status Request message 7.2.6 Key Status message Table 9 – Key Status Request Message Table 10 – Use of Default Session Keys
41	Table 11 – Key Status Message
43	7.2.7 Session Key Change message Table 12 – Data Included in the MAC Value Calculation for Key Status Table 13 – Key Change message
44	Table 14 – Data Included in the key wrap (in order) Table 15 – Example of key order
45	7.2.8 Error message Table 16 – Example of Wrapped Key Data Table€17 – Error message
47	7.2.9 User Status Change message
48	Table 18 – Creation of Certification Data Table 19 – User Status Change message
51	7.2.10 Update Key Change Request message
52	Table 20 – Update Key Change Request message
53	7.2.11 Update Key Change Reply message Table 21 – Update Key Change Reply message
54	7.2.12 Update Key Change message Table 22 – Update Key Change message
55	7.2.13 Update Key Change Signature message Table 23 – Encrypted Update Key Data Table 24 – Update Key Change Signature message
56	7.2.14 Update Key Change Confirmation message Table 25 – Data included in the Digital Signature Table 26 – Update Key Change Confirmation message
57	7.3 Formal procedures 7.3.1 Overview of subclause Table 27 – Data included in the MAC calculation Table 28 – States used in the state machine descriptions
58	7.3.2 Security statistics
59	Table 29 –Security statistics
60	7.3.3 Challenger procedures
62	Figure 14 – Example Use of Challenge Sequence Numbers (1 of 2)
65	Table 30 – Challenger state machine
82	7.3.4 Responder procedures
83	7.3.5 Controlling station procedures
85	Table 31 – User roles
88	Table 32 – Controlling Station State Machine – Changing Session Keys
92	Table 33 – Controlling Station State Machine – Changing Update Keys
96	7.3.6 Controlled station procedures
98	8 Interoperability requirements 8.1 Overview of clause 8.2 Minimum requirements 8.2.1 Overview of subclause 8.2.2 MAC algorithms
99	8.2.3 Key wrap / transport algorithms 8.2.4 Fixed values 8.2.5 Configurable values
100	Table 34 – Special Statistic Event Thresholds
102	Table 35 – Algorithms and Messages used for each Update Key Change Method Table 36 – Size of Challenge Data
103	Table 37 – Configuration of Cryptographic Information
104	8.3 Options 8.3.1 Overview of subclause 8.3.2 MAC algorithms Table 38 – Legend for configuration of cryptographic information Table 39 – Construction of AES-GMAC initialization vector
105	Table 40 – Source of initialization vector components in each message
106	8.3.3 Encryption algorithms 8.3.4 Key wrap / transport algorithms 8.3.5 Configurable values
107	9 Special Applications 9.1 Overview of clause 9.2 Use with TCP/IP 9.3 Use with redundant channels 9.4 Use with external link encryptors 10 Requirements for referencing this specification 10.1 Overview of clause 10.2 Selected options
108	10.3 Operations considered critical 10.4 Addressing information 10.5 Message format mapping 10.6 Reference to procedures
109	11 Protocol implementation conformance statement 11.1 Overview of clause 11.2 Required algorithms 11.3 MAC algorithms 11.4 Key wrap algorithms 11.5 Maximum Error messages sent 11.6 Use of Error messages
110	11.7 Update Key Change Methods 11.8 User Status Change
111	Annex A (informative) Compliance with ISO/IEC 11770
113	Table A.1 – Cryptographic Notation
115	Table A.2 – Compliance with ISO/IEC 11770
117	Bibliography

Published By	Publication Date	Number of Pages
BSI	2014	120


PDF Format	Searchable	Printable	Preview Now

Committee	PEL/57
Descriptors	Remote control systems, Data security, Information exchange, Electric power systems, Telemetry, Communication networks, Data transmission, Cryptography, Algorithms, Telecommunication, Electric power distribution, Messages, Computer networks
Identical National Standard Of	IEC TS 62351-5:2013
Standard Number	PD IEC/TS 62351-5:2013
ISBN	978 0 580 78904 5
Replaced By	BS EN IEC 62351-5:2023
Withdrawn Date	2023-12-06
Publication Date	2014-08-31
Pages	120
DNP3	Distributed Network Protocol (based on IEC 60870-1 through IEC 60870-5 and controlled by the DNP Users Group)
Publisher	BSI
Replaces	DD IEC/TS 62351-5:2009
Title	Power systems management and associated information exchange. Data and communications security – Security for IEC 60870-5 and derivatives
IEC 60870-5-104	Network access for IEC 60870-5-101 using standard transport profiles
IEC 60870-5-102	Companion standard for the transmission of integrated totals in electric power systems
IEC 60870-5-103	Companion standard for the informative interface of protection equipment
IEC 60870-5-101	Companion standard for basic telecontrol tasks
Status	Withdrawn
ICS Codes	33.200 - Telecontrol. Telemetering

BSI PD IEC/TS 62351-5:2013:2014 Edition

PDF Catalog