IEC TS 62351-4:2007
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS
Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users
English
22-06-2007
23-01-2020
FOREWORD
1 Scope and object
1.1 Scope
1.2 Object
2 Normative References
3 Terms and definitions
4 Security issues addressed by this technical
specification
4.1 Security for application and transport
profiles
4.2 Security threats countered
4.3 Attack methods countered
5 A-Profile security
5.1 MMS
5.2 Logging
5.3 ACSE
5.3.1 Peer entity authentication
5.3.2 AARQ
5.3.3 AARE
6 T-Profile security
6.1 TCP T-Profiles
6.1.1 Conformance to this technical
specification
6.1.2 Use of TLS in TCP T-Profiles
6.1.3 TP0
6.1.4 RFC 1006
6.1.5 TLS requirements
6.1.6 Use of TLS
6.2 OSI T-Profiles
6.3 Certificate authority support
7 Conformance
7.1 General conformance
7.2 Conformance of IEC 60870-6 TASE.2 security
Bibliography
Specifies procedures, protocol extensions, and algorithms to facilitate securing ISO 9506 - Manufacturing Message Specification (MMS) based applications. It is intended that this technical specification be referenced as a normative part of other IEC TC 57 standards that have the need for using MMS in a secure manner.
This publication is of core relevance for Smart Grid.
| Committee |
TC 57
|
| DevelopmentNote |
Stability Date: 2017. (09/2017)
|
| DocumentType |
Technical Specification
|
| Pages |
16
|
| PublisherName |
International Electrotechnical Committee
|
| Status |
Superseded
|
| SupersededBy |
| Standards | Relationship |
| NEN NPR IEC/TS 62351-4 : 2007 | Identical |
| DD IEC/TS 62351-4:2007 | Identical |
| BIS IS/IEC/TS 62351-4 : 2007(R2016) | Identical |
| 13/30260051 DC : 0 | BS EN 60870-6-702 ED 2.0 - TELECONTROL EQUIPMENT AND SYSTEMS - PART 6-702: TELECONTROL PROTOCOLS COMPATIBLE WITH ISO STANDARDS AND ITU-T RECOMMENDATIONS - FUNCTIONAL PROFILE FOR PROVIDING THE TASE.2 APPLICATION SERVICE IN END SYSTEMS |
| IS/IEC/TS 62351 : Part 6 : 2007(R2016) | Power Systems Management and Associated Information Exchange Data and Communication Security Part 6 Security for IEC 61850<br> |
| I.S. EN 60870-6-702:2014 | TELECONTROL EQUIPMENT AND SYSTEMS - PART 6-702: TELECONTROL PROTOCOLS COMPATIBLE WITH ISO STANDARDS AND ITU-T RECOMMENDATIONS - FUNCTIONAL PROFILE FOR PROVIDING THE TASE.2 APPLICATION SERVICE IN END SYSTEMS |
| IEC 62351-9:2017 | Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment |
| IEC TR 62351-13:2016 | Power systems management and associated information exchange - Data and communications security - Part 13: Guidelines on security topics to be covered in standards and specifications |
| IEC 60870-6-503:2014 | Telecontrol equipment and systems - Part 6-503: Telecontrol protocols compatible with ISO standards and ITU-T recommendations - TASE.2 Services and protocol |
| EN 60870-6-503:2014 | Telecontrol equipment and systems - Part 6-503: Telecontrol protocols compatible with ISO standards and ITU-T recommendations - TASE.2 Services and protocol |
| DD IEC/TS 62351-6:2007 | Power systems management and associated information exchange. Data and communication security Security for IEC 61850 profiles |
| I.S. EN 60870-6-503:2014 | TELECONTROL EQUIPMENT AND SYSTEMS - PART 6-503: TELECONTROL PROTOCOLS COMPATIBLE WITH ISO STANDARDS AND ITU-T RECOMMENDATIONS - TASE.2 SERVICES AND PROTOCOL |
| PD IEC/TR 62351-10:2012 | Power systems management and associated information exchange. Data and communications security Security architecture guidelines |
| BS EN 62351-9:2017 | Power systems management and associated information exchange. Data and communications security Cyber security key management for power system equipment |
| NF EN 60870 6 503 : 2015 | TELECONTROL EQUIPMENT AND SYSTEMS - PART 6-503: TELECONTROL PROTOCOLS COMPATIBLE WITH ISO STANDARDS AND ITU-T RECOMMENDATIONS - TASE.2 SERVICES AND PROTOCOL |
| BS EN 62351-7:2017 | Power systems management and associated information exchange. Data and communications security Network and System Management (NSM) data object models |
| BS EN 60870-6-702:2014 | Telecontrol equipment and systems Telecontrol protocols compatible with ISO standards and ITU-T recommendations. Functional profile for providing the TASE.2 application service in end systems |
| IEC 62351-7:2017 | Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models |
| NEMA CPSP 1 : 2015 | SUPPLY CHAIN BEST PRACTICES |
| IEC TS 62351-6:2007 | Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850 |
| IEC TR 62351-10:2012 | Power systems management and associated information exchange - Data and communications security - Part 10: Security architecture guidelines |
| IEC 60870-6-702:2014 | Telecontrol equipment and systems - Part 6-702: Telecontrol protocols compatible with ISO standards and ITU-T recommendations - Functional profile for providing the TASE.2 application service in end systems |
| PD IEC/TR 61850-90-12:2015 | Communication networks and systems for power utility automation Wide area network engineering guidelines |
| BS EN 60870-6-503:2014 | Telecontrol equipment and systems Telecontrol protocols compatible with ISO standards and ITU-T recommendations. TASE.2 Services and protocol |
| DD IEC/TS 62351-8:2011 | Power systems management and associated information exchange. Data and communications security Role-based access control |
| PD IEC/TR 61850-90-2:2016 | Communication networks and systems for power utility automation Using IEC 61850 for communication between substations and control centres |
| IEC TS 62351-8:2011 | Power systems management and associated information exchange - Data and communications security - Part 8: Role-based access control |
| IEC TR 62351-90-1:2018 | Power systems management and associated information exchange - Data and communications security - Part 90-1: Guidelines for handling role-based access control in power systems |
| 13/30260055 DC : 0 | BS EN 60870-6-503 ED 3.0 - TELECONTROL EQUIPMENT AND SYSTEMS - PART 6-503: TELECONTROL PROTOCOLS COMPATIBLE WITH ISO STANDARDS AND ITU-T RECOMMENDATIONS - TASE.2 SERVICES AND PROTOCOL |
| I.S. EN 62351-9:2017 | POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 9: CYBER SECURITY KEY MANAGEMENT FOR POWER SYSTEM EQUIPMENT |
| 16/30343872 DC : DRAFT JUNE 2016 | BS EN 62351-9 ED1 - POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA ANDCOMMUNICATIONS SECURITY - PART 9: CYBER SECURITY KEY MANAGEMENT FOR POWER SYSTEM EQUIPMENT |
| EN 62351-7:2017 | Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models |
| IEEE 1815.1-2015 | IEEE Standard for Exchanging Information Between Networks Implementing IEC 61850 and IEEE Std 1815(TM) [Distributed Network Protocol (DNP3)] |
| 08/30187449 DC : DRAFT AUG 2008 | BS EN 62541-2 - OPC UNIFIED ARCHITECTURE - PART 2: SECURITY MODEL |
| I.S. EN 62351-7:2017 | POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 7: NETWORK AND SYSTEM MANAGEMENT (NSM) DATA OBJECT MODELS |
| IEC TR 61850-90-2:2016 | Communication networks and systems for power utility automation - Part 90-2: Using IEC 61850 for communication between substations and control centres |
| EN 62351-9:2017 | Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment |
| EN 60870-6-702:2014 | Telecontrol equipment and systems - Part 6-702: Telecontrol protocols compatible with ISO standards and ITU-T recommendations - Functional profile for providing the TASE.2 application service in end systems |
| ISO/ISP 14226-1:1996 | Industrial automation systems — International Standardized Profile AMM11: MMS General Applications Base Profile — Part 1: Specification of ACSE, Presentation and Session protocols for use by MMS |
| ISO 8650:1988 | Information processing systems — Open Systems Interconnection — Protocol specification for the Association Control Service Element |
| ISO 9506-2:2003 | Industrial automation systems — Manufacturing Message Specification — Part 2: Protocol specification |
| IEC TS 62351-3:2007 | Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP |
| ISO 9506-1:2003 | Industrial automation systems — Manufacturing Message Specification — Part 1: Service definition |
| ISO/IEC 9594-8:2017 | Information technology — Open Systems Interconnection — The Directory — Part 8: Public-key and attribute certificate frameworks |
| IEC TS 62351-1:2007 | Power systems management and associated information exchange - Data and communications security - Part 1: Communication network and system security - Introduction to security issues |
| ISO/ISP 14226-2:1996 | Industrial automation systems — International Standardized Profile AMM11: MMS General Applications Base Profile — Part 2: Common MMS requirements |
| ISO/IEC 8649:1996 | Information technology — Open Systems Interconnection — Service definition for the Association Control Service Element |
| ISO/ISP 14226-3:1996 | Industrial automation systems — International Standardized Profile AMM11: MMS General Applications Base Profile — Part 3: Specific MMS requirements |
| FIPS PUB 180 : 2002 | SECURE HASH STANDARD |
Please Login or Create an Account so you can add users to your Multi user PDF Later.
Important note : All end users must be registered with an Account prior to user licenses being assigned.
Users cannot be edited or removed once added to your Multi user PDF.