{"id":439616,"date":"2024-10-20T08:10:07","date_gmt":"2024-10-20T08:10:07","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-en-iec-62351-92023-tc\/"},"modified":"2024-10-26T15:17:55","modified_gmt":"2024-10-26T15:17:55","slug":"bs-en-iec-62351-92023-tc","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-en-iec-62351-92023-tc\/","title":{"rendered":"BS EN IEC 62351-9:2023 – TC"},"content":{"rendered":"

IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used. This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles. The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as: \u2022 IEC 62351-3 for TLS by profiling the TLS options \u2022 IEC 62351-4 for the application layer end-to-end security \u2022 IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101\/104 and IEEE 1815 (DNP3) The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP. This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy. In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided. This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Certificate components and verification of the certificate components have been added; b) GDOI has been updated to include findings from interop tests; c) GDOI operation considerations have been added; d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC\/IEEE 61850-9-3 Power Profile; e) Cyber security event logging has been added as well as the mapping to IEC 62351-14; f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added.<\/p>\n

PDF Catalog<\/h4>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
PDF Pages<\/th>\nPDF Title<\/th>\n<\/tr>\n
1<\/td>\n30477934 <\/td>\n<\/tr>\n
227<\/td>\nA-30419232 <\/td>\n<\/tr>\n
228<\/td>\nundefined <\/td>\n<\/tr>\n
231<\/td>\nAnnex ZA (normative)Normative references to international publicationswith their corresponding European publications <\/td>\n<\/tr>\n
233<\/td>\nEnglish
CONTENTS <\/td>\n<\/tr>\n
239<\/td>\nFOREWORD <\/td>\n<\/tr>\n
241<\/td>\n1 Scope <\/td>\n<\/tr>\n
242<\/td>\n2 Normative references <\/td>\n<\/tr>\n
243<\/td>\n3 Terms, definitions, and abbreviations
3.1 Terms and definitions <\/td>\n<\/tr>\n
248<\/td>\n3.2 Abbreviations and acronyms <\/td>\n<\/tr>\n
250<\/td>\n4 Security concepts applicable to power systems
4.1 General
4.2 Security objectives
4.2.1 Confidentiality
4.2.2 Data integrity
4.2.3 Authentication <\/td>\n<\/tr>\n
251<\/td>\n4.2.4 Non-repudiation
4.3 Cryptographic algorithms and concepts <\/td>\n<\/tr>\n
252<\/td>\n5 Key establishment and management techniques
5.1 General
5.2 Key management lifecycle
5.2.1 Key management in the life cycle of a device <\/td>\n<\/tr>\n
253<\/td>\nFigures
Figure 1 \u2013 Overview key management in the life cycle of an entity <\/td>\n<\/tr>\n
254<\/td>\n5.2.2 Lifecycle of a cryptographic key
Figure 2 \u2013 Cryptographic key life cycle <\/td>\n<\/tr>\n
255<\/td>\n5.3 Cryptographic key usages <\/td>\n<\/tr>\n
256<\/td>\n5.4 Key management system security policy
5.5 Key management design principles for power system operations <\/td>\n<\/tr>\n
257<\/td>\n5.6 Establishment of symmetric keys
5.6.1 Overview
5.6.2 The Diffie-Hellman key agreement method
5.6.3 Key derivation function (KDF) method <\/td>\n<\/tr>\n
258<\/td>\n5.6.4 Group key management
Figure 3 \u2013 Overview of group key management on the example of GDOI <\/td>\n<\/tr>\n
259<\/td>\nFigure 4 \u2013 GDOI IKE Phase 1 \u2013 Authentication and securing communication channel <\/td>\n<\/tr>\n
260<\/td>\nFigure 5 \u2013 GDOI Pull Phase 2 <\/td>\n<\/tr>\n
261<\/td>\n5.7 Trust supported by public-key infrastructures (PKI) and privilege management infrastructures (PMI)
5.7.1 General
5.7.2 Registration authorities (RA)
5.7.3 Certification authority (CA)
Figure 6 \u2013 Overview of PKI infrastructure and realization examples <\/td>\n<\/tr>\n
262<\/td>\n5.7.4 Public-key certificates <\/td>\n<\/tr>\n
263<\/td>\n5.7.5 Attribute certificates
Figure 7 \u2013 Central certificate generation <\/td>\n<\/tr>\n
264<\/td>\n5.7.6 Public-key certificate and attribute certificate extensions
5.8 Certificate management of public-key certificates
5.8.1 Certificate management process
Figure 8 \u2013 Relationship between public-key certificates and attribute certificates <\/td>\n<\/tr>\n
265<\/td>\n5.8.2 Initial certificate creation
5.8.3 Onboarding of an entity <\/td>\n<\/tr>\n
266<\/td>\n5.8.4 Enrolment of an entity <\/td>\n<\/tr>\n
267<\/td>\nFigure 9 \u2013 Example of the SCEP entity enrolment and CSR process <\/td>\n<\/tr>\n
268<\/td>\nFigure 10 \u2013 Example of the EST entity enrolment and CSR process <\/td>\n<\/tr>\n
269<\/td>\n5.8.5 Certificate signing request (CSR) processing
Figure 11 \u2013 CSR processing <\/td>\n<\/tr>\n
270<\/td>\nFigure 12 \u2013 Certification request format <\/td>\n<\/tr>\n
271<\/td>\nFigure 13 \u2013 Certificate request message format <\/td>\n<\/tr>\n
272<\/td>\n5.8.6 Enrolment Protocols <\/td>\n<\/tr>\n
273<\/td>\n5.8.7 Trust Anchor Management Protocol (TAMP)
5.9 Revocation of public-key certificates
5.9.1 Certificate revocation lists (CRLs) <\/td>\n<\/tr>\n
274<\/td>\n5.9.2 Online certificate status protocol (OCSP)
Figure 14 \u2013 Certificate revocation list <\/td>\n<\/tr>\n
275<\/td>\nFigure 15 \u2013 Overview of the online certificate status protocol (OCSP) <\/td>\n<\/tr>\n
276<\/td>\nFigure 16 \u2013 Diagram using a combination of CRL and OCSP processes <\/td>\n<\/tr>\n
277<\/td>\n5.9.3 Server-based certificate validation protocol (SCVP)
Figure 17 \u2013 Call Flows for the Online Certificate Status Protocol (OCSP) <\/td>\n<\/tr>\n
278<\/td>\n5.9.4 Recovering from certificate revocation of an end entity
5.10 Trust via non-PKI issued (self-signed) certificates
Figure 18 \u2013 Overview Server-Based Certificate Validation Protocol using OCSP Backend <\/td>\n<\/tr>\n
279<\/td>\n5.11 Authorization and validation lists
5.11.1 General
5.11.2 AVLs in non-constrained environments <\/td>\n<\/tr>\n
280<\/td>\n5.11.3 AVLs in constrained environments
6 Key management (normative)
6.1 General
6.2 Handling of security events <\/td>\n<\/tr>\n
281<\/td>\n6.3 Required cryptographic material
6.4 Random Number Generation
6.5 Object identifiers
6.5.1 Concept of object identifiers
6.5.2 Use of object identifiers by this document <\/td>\n<\/tr>\n
282<\/td>\n7 Asymmetric key management (normative)
7.1 General
7.2 Certificate components
7.2.1 Public-Key certificate components
Tables
Table 1 \u2013 Public-key certificate components <\/td>\n<\/tr>\n
283<\/td>\n7.2.2 Attribute certificate components <\/td>\n<\/tr>\n
284<\/td>\n7.3 Certificate generation and installation
7.3.1 Private and public key generation and installation
Table 2 \u2013 Attribute certificate components <\/td>\n<\/tr>\n
285<\/td>\n7.3.2 Cryptographic key protection
7.3.3 Use of existing security key management infrastructure
7.3.4 Certificate policy <\/td>\n<\/tr>\n
286<\/td>\n7.3.5 Entity registration for identity establishment
7.3.6 Entity configuration <\/td>\n<\/tr>\n
287<\/td>\n7.3.7 Entity enrolment <\/td>\n<\/tr>\n
289<\/td>\n7.3.8 Trust anchor information update
7.4 Certificate components and certificate verification
7.4.1 General
7.4.2 Certificate format and encoding <\/td>\n<\/tr>\n
290<\/td>\n7.4.3 Certificate signature verification
7.4.4 Public-key certificate components <\/td>\n<\/tr>\n
297<\/td>\n7.4.5 Attribute certificate components <\/td>\n<\/tr>\n
300<\/td>\n7.4.6 Certificate revocation status <\/td>\n<\/tr>\n
301<\/td>\n7.5 Certificate revocation <\/td>\n<\/tr>\n
302<\/td>\n7.6 Certificate expiration and renewal <\/td>\n<\/tr>\n
303<\/td>\n7.7 Clock Synchronization and Accuracy
7.8 Authorization and validation lists
7.8.1 General
7.8.2 Syntax for authorization and validation list (AVL) for public-key certificates <\/td>\n<\/tr>\n
304<\/td>\n7.8.3 AVL scope restriction <\/td>\n<\/tr>\n
305<\/td>\n7.8.4 AVL protocol restriction extension
7.8.5 AVL pinning of certificate and associated identifier <\/td>\n<\/tr>\n
306<\/td>\n7.8.6 Public-key certificate extensions related to use of AVLs
7.8.7 Issuing of an AVL
7.8.8 Endpoint Handling of AVLs
8 Group based key management (normative)
8.1 GDOI requirements <\/td>\n<\/tr>\n
307<\/td>\n8.2 Internet Key Exchange Version 1 (IKEv1)
Table 3 \u2013 KDC IKEv1 Requirements <\/td>\n<\/tr>\n
308<\/td>\n8.3 Phase 1 IKEv1 main mode exchange type 2
8.3.1 General <\/td>\n<\/tr>\n
309<\/td>\n8.3.2 Certificate request payload
8.3.3 Security association exchange (1)
Figure 19 \u2013 IKEv1 (RFC 2409) main mode exchange with RSA digital signatures
Figure 20 \u2013 IKEv1 main mode exchange and security association messages <\/td>\n<\/tr>\n
310<\/td>\n8.3.4 Key exchange (2)
Figure 21 \u2013 IKEv1 main mode exchange: key exchange messages <\/td>\n<\/tr>\n
311<\/td>\n8.3.5 ID authentication exchange (3)
Figure 22 \u2013 IKEv1 Main Mode Exchange: ID authentication messages <\/td>\n<\/tr>\n
312<\/td>\n8.4 Phase 1\/2 ISAKMP informational exchange type 5
8.4.1 General
Figure 23 \u2013 IKEv1 HASH_I calculation <\/td>\n<\/tr>\n
313<\/td>\n8.4.2 Phase 1 informational exchange
Figure 24 \u2013 Phase 1 Informational Exchange (cf. RFC 2408, section 4.8) <\/td>\n<\/tr>\n
314<\/td>\n8.4.3 Phase 2 Informational Exchange
8.5 Phase 2 GDOI GROUPKEY-PULL exchange type 32
8.5.1 General
Figure 25 \u2013 Phase 2 Informational Exchange (cf. RFC 2409, section 5.7)
Figure 26 \u2013 IKEv1 HASH(1) calculation <\/td>\n<\/tr>\n
315<\/td>\n8.5.2 Hash computations
Figure 27 \u2013 GDOI GROUPKEY-PULL as defined in RFC 6407
Figure 28 \u2013 GROUPKEY-PULL hash computations <\/td>\n<\/tr>\n
316<\/td>\n8.5.3 Multi-sender and counter mode encryption algorithm
8.5.4 SA KEK, SEQ, KEK\/LKH key download payload support
8.5.5 GROUPKEY-PULL group SA request exchange
Figure 29 \u2013 GROUPKEY-PULL initial SA request exchange <\/td>\n<\/tr>\n
317<\/td>\nFigure 30 \u2013 RFC 6407 Identification Payload <\/td>\n<\/tr>\n
318<\/td>\nFigure 31 \u2013 ID_OID Identification Data
Table 4 \u2013 IEC 61850 Object IDs: Mandatory (m) and Optional (o) <\/td>\n<\/tr>\n
319<\/td>\nFigure 32 \u2013 61850_UDP_ADDR_GOOSE\/SV ASN.1 BNF
Figure 33 \u2013 IPADDRESS ASN.1 BNF <\/td>\n<\/tr>\n
320<\/td>\nFigure 34 \u2013 Example IecUdpAddrPayload ASN.1 Data with DER Encoding
Figure 35 \u2013 61850_UDP_TUNNEL Payload ASN.1 BNF
Figure 36 \u2013 61850_ETHERNET_GOOSE\/SV Payload ASN.1 BNF <\/td>\n<\/tr>\n
321<\/td>\n8.5.6 SA TEK payload
Figure 37 \u2013 RFC 6407 SA TEK Payload <\/td>\n<\/tr>\n
322<\/td>\n8.5.7 IEC 61850 SA TEK payload
Figure 38 \u2013 IEC-61850 SA TEK Payload <\/td>\n<\/tr>\n
323<\/td>\n8.5.8 SA TEK payload for IEC 61850-9-3 <\/td>\n<\/tr>\n
325<\/td>\n8.5.9 SPI discussion
Figure 39 \u2013 Correlation of SPI Value <\/td>\n<\/tr>\n
326<\/td>\n8.5.10 SA data attributes
8.5.11 GROUPKEY-PULL group key download exchange
Figure 40 \u2013 GROUPKEY-PULL Key Download Exchange
Figure 41 \u2013 GROUPKEY-PULL group key download hash computations <\/td>\n<\/tr>\n
328<\/td>\nFigure 42 \u2013 Key renewal triggered by the entities <\/td>\n<\/tr>\n
329<\/td>\n8.5.12 TEK Key Download Handling
8.6 Phase 2 GROUPKEY-PUSH exchange type 33
8.6.1 General
Figure 43 \u2013 GROUPKEY-PUSH message (from RFC 6407)
Figure 44 \u2013 GROUPKEY-PUSH ACK message (from RFC 8263) <\/td>\n<\/tr>\n
330<\/td>\n8.6.2 GROUPKEY-PUSH Message
8.6.3 GROUPKEY-PUSH acknowledgement message
Figure 45 \u2013 GROUPKEY-PUSH ACK hash computations
Figure 46 \u2013 GROUPKEY-PUSH ack_key computations <\/td>\n<\/tr>\n
331<\/td>\n8.7 Operational considerations
8.7.1 General
8.7.2 Group Security Policy
8.7.3 Group dynamicity <\/td>\n<\/tr>\n
333<\/td>\n8.7.4 Handling of Key Delivery Assurance (informative)
9 Protocol Implementation Conformance Statement (PICS)
9.1 General <\/td>\n<\/tr>\n
334<\/td>\n9.2 Notation
9.3 Conformance to general key management requirements
9.4 Conformance to requirements for asymmetric key management
Table 5 \u2013 PICS for general key management
Table 6 \u2013 PICS for asymmetric key management <\/td>\n<\/tr>\n
335<\/td>\n9.5 Requirements for group-based key management
9.6 Supported GDOI Payload OIDs
Table 7 \u2013 PICS for group-based key management (valid for KDC and Client)
Table 8 \u2013 PICS for supported OIDs for the identification payload <\/td>\n<\/tr>\n
336<\/td>\nAnnex A (informative)Relations to other parts of IEC 62351 and other IEC documents
Figure A.1 \u2013 IEC 62351-9 relationship to other parts of IEC 62351 <\/td>\n<\/tr>\n
338<\/td>\nAnnex B (informative)Cryptographic algorithms and mechanisms
B.1 Trust and trust anchor
B.2 Cryptographic algorithms
B.2.1 Introduction <\/td>\n<\/tr>\n
339<\/td>\nB.2.2 Security strength
B.3 Public-key algorithms
B.3.1 General <\/td>\n<\/tr>\n
340<\/td>\nB.3.2 The RSA public-key algorithm <\/td>\n<\/tr>\n
341<\/td>\nB.3.3 The DSA public-key algorithm
B.3.4 The ECDSA public-key algorithm <\/td>\n<\/tr>\n
343<\/td>\nB.3.5 The EdDSA public-key algorithms <\/td>\n<\/tr>\n
345<\/td>\nB.3.6 Digital signature algorithms <\/td>\n<\/tr>\n
347<\/td>\nB.4 Symmetric key algorithms
B.4.1 Stream ciphers vs. block ciphers
B.4.2 Advance encryption standard <\/td>\n<\/tr>\n
348<\/td>\nB.4.3 Advanced encryption standard \u2013 cipher block chaining (AES-CBC)
B.4.4 Advanced encryption standard \u2013 counter mode (AES-CTR) <\/td>\n<\/tr>\n
349<\/td>\nB.5 Hash algorithms <\/td>\n<\/tr>\n
350<\/td>\nB.6 Integrity check value (ICV) algorithms
B.6.1 General
B.6.2 Keyed-hash message authentication code (HMAC) algorithm <\/td>\n<\/tr>\n
351<\/td>\nB.6.3 Advance Encryption Standard (AES) \u2013 Galois message authentication code (GMAC) algorithm
B.7 Authenticated encryption with associated data (AEAD) algorithms
B.7.1 General <\/td>\n<\/tr>\n
352<\/td>\nB.7.2 Advanced encryption standard (AES) \u2013 Galois\/Counter Mode (GCM)
B.7.3 Advanced encryption standard (AES) \u2013 Counter with CBC-MAC (CCM) <\/td>\n<\/tr>\n
353<\/td>\nB.8 Diffie-Hellman key agreement
B.8.1 General
B.8.2 Introduction to cyclic groups <\/td>\n<\/tr>\n
354<\/td>\nB.8.3 Diffie-Hellman method over finite field
B.8.4 The discrete logarithm problem
B.8.5 Elliptic curve Diffie-Hellman key agreement <\/td>\n<\/tr>\n
355<\/td>\nB.8.6 Key establishment algorithms <\/td>\n<\/tr>\n
356<\/td>\nB.9 Key derivation <\/td>\n<\/tr>\n
357<\/td>\nB.10 Migration of cryptographic algorithms
B.11 Post-quantum computing cryptography <\/td>\n<\/tr>\n
358<\/td>\nB.12 Random Number Generation (RNG)
B.12.1 Random number generation types
B.12.2 Deterministic random bit generators <\/td>\n<\/tr>\n
359<\/td>\nB.12.3 Non-deterministic random number generation
B.12.4 Entropy sources <\/td>\n<\/tr>\n
360<\/td>\nAnnex C (informative)Certificate enrolment and renewal flowcharts
C.1 Certificate Enrolment
Figure C.1 \u2013 Certificate Enrolment (general) <\/td>\n<\/tr>\n
361<\/td>\nC.2 Certificate Renewal
Figure C.2 \u2013 Certificate Renewal State Machine <\/td>\n<\/tr>\n
362<\/td>\nAnnex D (informative)Security Event mapping to IEC 62351-14
D.1 General
D.2 Security event log records for credential transport and enrolment
Table D.1 \u2013 Security event logs for credential transportand certificate enrolment mapped to IEC 62351-14 <\/td>\n<\/tr>\n
363<\/td>\nD.3 Security event log records for public-key certificate verification
Table D.2 \u2013 Security event logs defined for public-keycertificate verification mapped to IEC 62351-14 <\/td>\n<\/tr>\n
365<\/td>\nD.4 Security event log records for attribute certificate verification
Table D.3 \u2013 Security event logs defined for attribute certificate verification mapped to IEC 62351-14 <\/td>\n<\/tr>\n
367<\/td>\nD.5 Security event log records for certificate revocation status
Table D.4 \u2013 Security event logs defined for certificaterevocation status mapped to IEC 62351-14 <\/td>\n<\/tr>\n
368<\/td>\nD.6 Security event log records for group-based key management with GDOI
Table D.5 \u2013 Security event logs for GDOI mapped to IEC 62351-14 <\/td>\n<\/tr>\n
369<\/td>\nBibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"

Tracked Changes. Power systems management and associated information exchange. Data and communications security – Cyber security key management for power system equipment<\/b><\/p>\n\n\n\n\n
Published By<\/td>\nPublication Date<\/td>\nNumber of Pages<\/td>\n<\/tr>\n
BSI<\/b><\/a><\/td>\n2023<\/td>\n376<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":439626,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[2641],"product_tag":[],"class_list":{"0":"post-439616","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-bsi","8":"first","9":"instock","10":"sold-individually","11":"shipping-taxable","12":"purchasable","13":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/439616","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/439626"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=439616"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=439616"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=439616"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}