This part of IEC 62351 specifies messages, procedures and algorithms for securing the operation of all protocols based on or derived from IEC 60870-5: Telecontrol equipment and systems \u2013 Transmission protocols. This Technical Specification applies to at least those protocols listed in Table 1.<\/p>\n
Table 1 \u2013 Scope of application to standards<\/b><\/p>\n
The initial audience for this Technical Specification is intended to be the members of the working groups developing the protocols listed in Table 1. For the measures described in this specification to take effect, they must be accepted and referenced by the specifications for the protocols themselves. This document is written to enable that process.<\/p>\n
The subsequent audience for this specification is intended to be the developers of products that implement these protocols.<\/p>\n
Portions of this specification may also be of use to managers and executives in order to understand the purpose and requirements of the work.<\/p>\n
This part of IEC\/TS 62351 focuses only on application layer authentication and security issues arising from such authentication. Other security concerns \u2013 in particular, protection from eavesdropping or man-in-the-middle attacks through the use of encryption \u2013 are considered to be outside the scope. Encryption may be added through the use of this specification with other specifications.<\/p>\n
This document is organized working from the general to the specific, as follows:<\/p>\n
Clauses 2 through 4 provide background terms, definitions, and references.<\/p>\n<\/li>\n
Clause 5 describes the problems this specification is intended to address.<\/p>\n<\/li>\n
Clause 6 describes the mechanism generically without reference to a specific protocol.<\/p>\n<\/li>\n
Clauses 7 and 8 describe the mechanism more precisely and are the primary normative part of this specification.<\/p>\n<\/li>\n
Clause 9 describes a few particular implementation issues that are special cases.<\/p>\n<\/li>\n
Clause 10 describes the requirements for other standards referencing this specification.<\/p>\n<\/li>\n
Clause 11 describes the Protocol Implementation Conformance Statement (PICS) for this mechanism.<\/p>\n<\/li>\n<\/ul>\n
Unless specifically labelled as informative or optional, all clauses of this specification are normative.<\/p>\n
| PDF Pages<\/th>\n | PDF Title<\/th>\n<\/tr>\n | ||||||
|---|---|---|---|---|---|---|---|
| 4<\/td>\n | CONTENTS <\/td>\n<\/tr>\n | ||||||
| 8<\/td>\n | FOREWORD <\/td>\n<\/tr>\n | ||||||
| 10<\/td>\n | 1 Scope and object Tables Table 1 \u2013 Scope of application to standards <\/td>\n<\/tr>\n | ||||||
| 11<\/td>\n | 2 Normative references <\/td>\n<\/tr>\n | ||||||
| 12<\/td>\n | 3 Terms and definitions <\/td>\n<\/tr>\n | ||||||
| 13<\/td>\n | 4 Abbreviated terms 5 Problem description (informative) 5.1 Overview of clause 5.2 Specific threats addressed 5.3 Design issues 5.3.1 Overview of subclause 5.3.2 Asymmetric communications <\/td>\n<\/tr>\n | ||||||
| 14<\/td>\n | 5.3.3 Message-oriented 5.3.4 Poor sequence numbers or no sequence numbers 5.3.5 Limited processing power 5.3.6 Limited bandwidth 5.3.7 No access to authentication server <\/td>\n<\/tr>\n | ||||||
| 15<\/td>\n | 5.3.8 Limited frame length 5.3.9 Limited checksum 5.3.10 Radio systems 5.3.11 Dial-up systems 5.3.12 Variety of protocols affected <\/td>\n<\/tr>\n | ||||||
| 16<\/td>\n | 5.3.13 Differing data link layers 5.3.14 Long upgrade intervals 5.3.15 Remote sites 5.3.16 Multiple users 5.3.17 Unreliable media 5.4 General principles 5.4.1 Overview of subclause 5.4.2 Authentication only <\/td>\n<\/tr>\n | ||||||
| 17<\/td>\n | 5.4.3 Application layer only 5.4.4 Generic definition mapped onto different protocols 5.4.5 Bi-directional 5.4.6 Challenge-response 5.4.7 Pre-shared keys as default option 5.4.8 Backwards tolerance <\/td>\n<\/tr>\n | ||||||
| 18<\/td>\n | 5.4.9 Upgradeable 5.4.10 Perfect forward secrecy 5.4.11 Multiple users and auditing 6 Theory of operation (informative) 6.1 Overview of clause 6.2 Narrative description 6.2.1 Basic concepts <\/td>\n<\/tr>\n | ||||||
| 19<\/td>\n | 6.2.2 Initiating the challenge 6.2.3 Replying to the challenge <\/td>\n<\/tr>\n | ||||||
| 20<\/td>\n | 6.2.4 Authenticating 6.2.5 Authentication failure 6.2.6 Aggressive mode 6.2.7 Changing keys Table 2 \u2013 Summary of symmetric keys used <\/td>\n<\/tr>\n | ||||||
| 21<\/td>\n | Table 3 \u2013 Summary of asymmetric keys used (optional) <\/td>\n<\/tr>\n | ||||||
| 24<\/td>\n | 6.2.8 Security statistics 6.3 Example message sequences 6.3.1 Overview of subclause Figures Figure 1 \u2013 Overview of interaction between Authority and stations <\/td>\n<\/tr>\n | ||||||
| 25<\/td>\n | 6.3.2 Challenge of a Critical ASDU Figure 2 \u2013 Example of successful Challenge of Critical ASDU Figure 3 \u2013 Example of failed Challenge of Critical ASDU <\/td>\n<\/tr>\n | ||||||
| 26<\/td>\n | 6.3.3 Aggressive Mode 6.3.4 Initializing and changing Session Keys Figure 4 \u2013 Example of a successful Aggressive Mode Request Figure 5 \u2013 Example of a failed Aggressive Mode Request <\/td>\n<\/tr>\n | ||||||
| 27<\/td>\n | Figure 6 \u2013 Example of Session Key initialization and periodic update <\/td>\n<\/tr>\n | ||||||
| 28<\/td>\n | Figure 7 \u2013 Example of communications failure followed by Session Key change <\/td>\n<\/tr>\n | ||||||
| 29<\/td>\n | Figure 8 \u2013 Example of successful User Status and Update Key Change <\/td>\n<\/tr>\n | ||||||
| 30<\/td>\n | 6.4 State machine overview Figure 9 \u2013 User changes controlling stations <\/td>\n<\/tr>\n | ||||||
| 31<\/td>\n | Figure 10 \u2013 Major state transitions for controlling station authentication <\/td>\n<\/tr>\n | ||||||
| 32<\/td>\n | Figure 11 \u2013 Major state transitions for controlled station authentication <\/td>\n<\/tr>\n | ||||||
| 33<\/td>\n | Figure 12 \u2013 Major state transitions for controlling station Update Key change <\/td>\n<\/tr>\n | ||||||
| 34<\/td>\n | 7 Formal specification 7.1 Overview of clause 7.2 Message definitions 7.2.1 Distinction between messages and ASDUs Figure 13 \u2013 Major state transitions for controlled station Update Key change <\/td>\n<\/tr>\n | ||||||
| 35<\/td>\n | 7.2.2 Challenge message Table 4 \u2013 Challenge message <\/td>\n<\/tr>\n | ||||||
| 37<\/td>\n | 7.2.3 Reply message Table 5 \u2013 Reply message <\/td>\n<\/tr>\n | ||||||
| 38<\/td>\n | 7.2.4 Aggressive Mode Request message Table 6 \u2013 Data Included in the MAC Value calculation Table 7 \u2013 Aggressive Mode Request message <\/td>\n<\/tr>\n | ||||||
| 39<\/td>\n | Table 8 \u2013 Data Included in the MAC Value calculation in Aggressive Mode <\/td>\n<\/tr>\n | ||||||
| 40<\/td>\n | 7.2.5 MAC := OS8i[1..8i]; i:=specified by MALKey Status Request message 7.2.6 Key Status message Table 9 \u2013 Key Status Request Message Table 10 \u2013 Use of Default Session Keys <\/td>\n<\/tr>\n | ||||||
| 41<\/td>\n | Table 11 \u2013 Key Status Message <\/td>\n<\/tr>\n | ||||||
| 43<\/td>\n | 7.2.7 Session Key Change message Table 12 \u2013 Data Included in the MAC Value Calculation for Key Status Table 13 \u2013 Key Change message <\/td>\n<\/tr>\n | ||||||
| 44<\/td>\n | Table 14 \u2013 Data Included in the key wrap (in order) Table 15 \u2013 Example of key order <\/td>\n<\/tr>\n | ||||||
| 45<\/td>\n | 7.2.8 Error message Table 16 \u2013 Example of Wrapped Key Data Table\u20ac17 \u2013 Error message <\/td>\n<\/tr>\n | ||||||
| 47<\/td>\n | 7.2.9 User Status Change message <\/td>\n<\/tr>\n | ||||||
| 48<\/td>\n | Table 18 \u2013 Creation of Certification Data Table 19 \u2013 User Status Change message <\/td>\n<\/tr>\n | ||||||
| 51<\/td>\n | 7.2.10 Update Key Change Request message <\/td>\n<\/tr>\n | ||||||
| 52<\/td>\n | Table 20 \u2013 Update Key Change Request message <\/td>\n<\/tr>\n | ||||||
| 53<\/td>\n | 7.2.11 Update Key Change Reply message Table 21 \u2013 Update Key Change Reply message <\/td>\n<\/tr>\n | ||||||
| 54<\/td>\n | 7.2.12 Update Key Change message Table 22 \u2013 Update Key Change message <\/td>\n<\/tr>\n | ||||||
| 55<\/td>\n | 7.2.13 Update Key Change Signature message Table 23 \u2013 Encrypted Update Key Data Table 24 \u2013 Update Key Change Signature message <\/td>\n<\/tr>\n | ||||||
| 56<\/td>\n | 7.2.14 Update Key Change Confirmation message Table 25 \u2013 Data included in the Digital Signature Table 26 \u2013 Update Key Change Confirmation message <\/td>\n<\/tr>\n | ||||||
| 57<\/td>\n | 7.3 Formal procedures 7.3.1 Overview of subclause Table 27 \u2013 Data included in the MAC calculation Table 28 \u2013 States used in the state machine descriptions <\/td>\n<\/tr>\n | ||||||
| 58<\/td>\n | 7.3.2 Security statistics <\/td>\n<\/tr>\n | ||||||
| 59<\/td>\n | Table 29 \u2013Security statistics <\/td>\n<\/tr>\n | ||||||
| 60<\/td>\n | 7.3.3 Challenger procedures <\/td>\n<\/tr>\n | ||||||
| 62<\/td>\n | Figure 14 \u2013 Example Use of Challenge Sequence Numbers (1 of 2) <\/td>\n<\/tr>\n | ||||||
| 65<\/td>\n | Table 30 \u2013 Challenger state machine <\/td>\n<\/tr>\n | ||||||
| 82<\/td>\n | 7.3.4 Responder procedures <\/td>\n<\/tr>\n | ||||||
| 83<\/td>\n | 7.3.5 Controlling station procedures <\/td>\n<\/tr>\n | ||||||
| 85<\/td>\n | Table 31 \u2013 User roles <\/td>\n<\/tr>\n | ||||||
| 88<\/td>\n | Table 32 \u2013 Controlling Station State Machine \u2013 Changing Session Keys <\/td>\n<\/tr>\n | ||||||
| 92<\/td>\n | Table 33 \u2013 Controlling Station State Machine \u2013 Changing Update Keys <\/td>\n<\/tr>\n | ||||||
| 96<\/td>\n | 7.3.6 Controlled station procedures <\/td>\n<\/tr>\n | ||||||
| 98<\/td>\n | 8 Interoperability requirements 8.1 Overview of clause 8.2 Minimum requirements 8.2.1 Overview of subclause 8.2.2 MAC algorithms <\/td>\n<\/tr>\n | ||||||
| 99<\/td>\n | 8.2.3 Key wrap \/ transport algorithms 8.2.4 Fixed values 8.2.5 Configurable values <\/td>\n<\/tr>\n | ||||||
| 100<\/td>\n | Table 34 \u2013 Special Statistic Event Thresholds <\/td>\n<\/tr>\n | ||||||
| 102<\/td>\n | Table 35 \u2013 Algorithms and Messages used for each Update Key Change Method Table 36 \u2013 Size of Challenge Data <\/td>\n<\/tr>\n | ||||||
| 103<\/td>\n | Table 37 \u2013 Configuration of Cryptographic Information <\/td>\n<\/tr>\n | ||||||
| 104<\/td>\n | 8.3 Options 8.3.1 Overview of subclause 8.3.2 MAC algorithms Table 38 \u2013 Legend for configuration of cryptographic information Table 39 \u2013 Construction of AES-GMAC initialization vector <\/td>\n<\/tr>\n | ||||||
| 105<\/td>\n | Table 40 \u2013 Source of initialization vector components in each message <\/td>\n<\/tr>\n | ||||||
| 106<\/td>\n | 8.3.3 Encryption algorithms 8.3.4 Key wrap \/ transport algorithms 8.3.5 Configurable values <\/td>\n<\/tr>\n | ||||||
| 107<\/td>\n | 9 Special Applications 9.1 Overview of clause 9.2 Use with TCP\/IP 9.3 Use with redundant channels 9.4 Use with external link encryptors 10 Requirements for referencing this specification 10.1 Overview of clause 10.2 Selected options <\/td>\n<\/tr>\n | ||||||
| 108<\/td>\n | 10.3 Operations considered critical 10.4 Addressing information 10.5 Message format mapping 10.6 Reference to procedures <\/td>\n<\/tr>\n | ||||||
| 109<\/td>\n | 11 Protocol implementation conformance statement 11.1 Overview of clause 11.2 Required algorithms 11.3 MAC algorithms 11.4 Key wrap algorithms 11.5 Maximum Error messages sent 11.6 Use of Error messages <\/td>\n<\/tr>\n | ||||||
| 110<\/td>\n | 11.7 Update Key Change Methods 11.8 User Status Change <\/td>\n<\/tr>\n | ||||||
| 111<\/td>\n | Annex A (informative) Compliance with ISO\/IEC 11770 <\/td>\n<\/tr>\n | ||||||
| 113<\/td>\n | Table A.1 \u2013 Cryptographic Notation <\/td>\n<\/tr>\n | ||||||
| 115<\/td>\n | Table A.2 \u2013 Compliance with ISO\/IEC 11770 <\/td>\n<\/tr>\n | ||||||
| 117<\/td>\n | Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Power systems management and associated information exchange. Data and communications security – Security for IEC 60870-5 and derivatives<\/b><\/p>\n |