BS EN IEC 62351-3:2023 – TC
$258.95
Tracked Changes. Power systems management and associated information exchange. Data and communications security – Communication network and system security. Profiles including TCP/IP
| Published By | Publication Date | Number of Pages |
| BSI | 2023 | 130 |
IEC 62351-3:2023 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize Transport Layer Security when cyber-security is required. This may relate to SCADA and telecontrol protocols, but also to additional protocols if they meet the requirements in this document. IEC 62351-3 specifies how to secure TCP/IP-based protocols through constraints on the specification of the messages, procedures, and algorithms of Transport Layer Security (TLS) (TLSv1.2 defined in RFC 5246, TLSv1.3 defined in RFC 8446). In the specific clauses, there will be subclauses to note the differences and commonalities in the application depending on the target TLS version. The use and specification of intervening external security devices (e.g., “bump-in-the-wire”) are considered out-of-scope. In contrast to previous editions of this document, this edition is self-contained in terms of completely defining a profile of TLS. Hence, it can be applied directly, without the need to specify further TLS parameters, except the port number, over which the communication will be performed. Therefore, this part can be directly utilized from a referencing standard and can be combined with further security measures on other layers. Providing the profiling of TLS without the need for further specifying TLS parameters allows declaring conformity to the described functionality without the need to involve further IEC 62351 documents. This document is intended to be referenced as a normative part of other IEC standards that have the need for providing security for their TCP/IP-based protocol exchanges under similar boundary conditions. However, it is up to the individual protocol security initiatives to decide if this document is to be referenced. The document also defines security events for specific conditions, which support error handling, security audit trails, intrusion detection, and conformance testing. Any action of an organization in response to events to an error condition described in this document are beyond the scope of this document and are expected to be defined by the organization’s security policy. This document reflects the security requirements of the IEC power systems management protocols. Should other standards bring forward new requirements, this document may need to be revised. This second edition cancels and replaces the first edition published in 2014, Amendment 1:2018 and Amendment 2:2020. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Inclusion of the TLSv1.2 related parameter required in IEC 62351-3 Ed.1.2 to be specified by the referencing standard. This comprises the following parameter: • Mandatory TLSv1.2 cipher suites to be supported. • Specification of session resumption parameters. • Specification of session renegotiation parameters. • Revocation handling using CRL and OCSP. • Handling of security events. b) Inclusion of a TLSv1.3 profile to be applicable for the power system domain in a similar way as for TLSv1.2 session.
PDF Catalog
| PDF Pages | PDF Title |
|---|---|
| 78 | undefined |
| 81 | Annex ZA (normative)Normative references to international publicationswith their corresponding European publications |
| 82 | English CONTENTS |
| 85 | FOREWORD |
| 87 | INTRODUCTION |
| 88 | 1 Scope 1.1 Scope 1.2 Intended audience |
| 89 | 2 Normative references 3 Terms, definitions and abbreviated terms 3.1 Terms and definitions |
| 90 | 3.2 Abbreviated terms 4 Security issues addressed by this document 4.1 General |
| 91 | 4.2 Security threats countered 4.3 Attack methods countered |
| 92 | 4.4 Handling of security events 5 Overview of differences in TLS versions 5.1 General 5.2 Main differences between TLSv1.2 and TLSv1.3 |
| 93 | 5.3 Cipher suite naming |
| 94 | 5.4 Backward compatibility 5.5 Extensions Figure 1 – Definition of cipher suites according to TLSv1.2 (RFC 5246) Figure 2 – Definition of cipher suites according to TLSv1.3 (RFC 8446) |
| 95 | 6 Generic requirements 6.1 General 6.2 Signalling of supported TLS versions |
| 96 | 6.3 Usage of non-encrypting cipher suites |
| 97 | 6.4 Certificate support 6.4.1 Support of multiple trust anchors 6.4.2 Certificate size 6.4.3 Certificate exchange |
| 98 | 6.4.4 Public-key certificate validation |
| 101 | 6.5 Co-existence with non-secure protocol traffic 7 Requirements specific to TLSv1.2 7.1 General 7.2 Supported cipher suites Tables Table 1 – Support of cipher suites for TLSv1.2 |
| 102 | 7.3 Disallowed cipher suites 7.4 Key exchange 7.4.1 General 7.4.2 Key exchange mechanisms 7.4.3 Cryptographic algorithms |
| 104 | 7.4.4 Session resumption |
| 105 | 7.4.5 Session renegotiation |
| 106 | 7.5 Support of extensions 7.5.1 General 7.5.2 TLS session renegotiation extension |
| 107 | 7.5.3 Signalling of client supported CA certificates via Trusted CA 7.5.4 Signalling of supported signature algorithms |
| 108 | 7.5.5 Stapling of OCSP response messages |
| 109 | 7.5.6 Signalling of intended target TLS server via Server Name Indication 7.5.7 Support of encryption before authentication |
| 110 | 8 Requirements specific to TLSv1.3 8.1 General 8.2 Supported cipher suites 8.3 Key exchange 8.3.1 General Table 2 – Support of cipher suites for TLSv1.3 |
| 111 | 8.3.2 Handshake modes Table 3 – Support of PSK-based handshake modes for TLSv1.3 |
| 112 | 8.3.3 Diffie-Hellman Groups 8.3.4 Signature algorithms Table 4 – Support of Diffie Hellman Groups for TLSv1.3 Table 5 – Supported signature algorithms for the handshake in TLSv1.3 |
| 113 | 8.4 Session key update (post-handshake message) Table 6 – Supported signature algorithms for the certificates in TLSv1.3 |
| 114 | 8.5 New session ticket (post-handshake message) 8.6 Session resumption 8.7 Certificate validation |
| 115 | 8.8 Support of extensions 8.8.1 General 8.8.2 Signalling of supported TLS versions 8.8.3 Cookie 8.8.4 Signalling of supported signature algorithms |
| 116 | 8.8.5 Signalling of supported groups 8.8.6 Signalling of key share 8.8.7 Signalling of intended target TLS server via Server Name Indication |
| 117 | 8.8.8 Signalling of supported certificate authorities 8.8.9 Support of PSK based key agreement 8.8.10 Stapling of OCSP response messages |
| 118 | 8.8.11 Signalling of early data 9 Optional security measure support 10 Conformance 10.1 General 10.2 Notation 10.3 Conformance to selected TLS versions Table 7 – Conformance to TLS versions |
| 119 | 10.4 Conformance to certificate handling 10.5 Conformance to TLSv1.2 specifics 10.5.1 Conformance to selected cipher suites Table 8 – Conformance to certificate support |
| 120 | 10.5.2 Conformance to cryptographic algorithm support 10.5.3 Conformance to TLSv1.2 session management features Table 9 – Conformance to TLSv1.2 usable cipher suites Table 10 – Conformance to cryptographic algorithm support |
| 121 | 10.5.4 Conformance to selected TLSv1.2 extensions 10.6 Conformance to TLSv1.3 specifics 10.6.1 Conformance to selected TLSv1.3 cipher suites Table 11 – Conformance to TLSv1.2 session management features Table 12 – Conformance to TLSv1.2 handshake extensions |
| 122 | 10.6.2 Conformance to selected TLSv1.3 session management features Table 13 – Conformance to TLSv1.3 cipher suites Table 14 – Conformance to handshake modes of TLSv1.3 Table 15 –Conformance to early data feature (0-RTT) of TLSv1.3 |
| 123 | Table 16 – Conformance to supported Diffie Hellman Groups in TLSv1.3 Table 17 – Conformance to supported signature algorithmsfor the handshake in TLSv1.3 |
| 124 | 10.6.3 Conformance to selected TLSv1.3 extensions 10.6.4 Conformance to selected TLSv1.3 post-handshake messages Table 18 – Conformance to supported signature algorithmsfor the certificates in TLSv1.3 Table 19 – Conformance to TLSv1.3 extensions |
| 125 | Table 20 – Conformance to post-handshake messages of TLSv1.3 |
| 126 | Annex A (informative)Security Events A.1 Security event logs A.2 Mapping of TLS events related to the TLS handshake Table A.1 – Security event logs related to TLS handshake definedin IEC 62351-3:— (Ed.2) mapped to IEC 62351-14 |
| 128 | A.3 Mapping of TLS events related to the certificate handling Table A.2 – Security event logs related to certificate validation definedin IEC 62351-3 Ed.2 mapped to IEC 62351-14 |
| 129 | Bibliography |
Related products
-
BS EN IEC 62351-5:2023 – TC
Tracked Changes. Power systems management and associated information exchange. Data and communications security – Security…
-
BS EN IEC 62657-2:2022 – TC 2023
Tracked Changes. Industrial networks. Coexistence of wireless systems – Coexistence management Published By Publication Date…
-
BS EN IEC 62351-9:2023 – TC
Tracked Changes. Power systems management and associated information exchange. Data and communications security – Cyber…
