iTeh Standards logo
EURUSD
Your shopping cart is empty.
IEC

IEC 62351-4:2018

(Main)

Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives

Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives

IEC 62351:2018 specifies security requirements both at the transport layer and at the application layer. While IEC TS 62351-4:2007 primarily provided some limited support at the application layer for authentication during handshake for the Manufacturing Message Specification (MMS) based applications, this document provides support for extended integrity and authentication both for the handshake phase and for the data transfer phase. It provides for shared key management and data transfer encryption at the application layer and it provides security end-to-end (E2E) with zero or more intermediate entities. While IEC TS 62351-4:2007 only provides support for systems based on the MMS, i.e. systems using an Open Systems Interworking (OSI) protocol stack, this document provides support for application protocols using other protocol stacks, e.g. an Internet protocol suite. This support is extended to protect application protocols using XML encoding. This extended security at the application layer is referred to as E2E-security. In addition to E2E security, this part of IEC 62351 also provides mapping to environmental protocols carrying the security related information. Only OSI and XMPP environments are currently considered.

Gestion des systèmes de puissance et échanges d’informations associés - Sécurité des communications des données - Partie 4 : Profils comprenant le MMS et ses dérivés

IEC 62351:2018 spécifie les exigences de sécurité concernant à la fois la couche transport et la couche application. Alors que l’IEC TS 62351-4:2007 apportait principalement une aide limitée concernant la couche application pour l’authentification lors de l’établissement de liaison des applications fondées sur la messagerie MMS (manufacturing message specification), le présent document fournit également une assistance quant à l’extension de l’intégrité et l’authentification lors des phases d’établissement de liaison et de transfert de données. Il pourvoit à la gestion essentielle partagée et au chiffrement de transfert de données pour la couche application et assure la sécurité bout-à-bout (E2E - end-to-end) avec zéro entité intermédiaire ou plus. Alors que l’IEC TS 62351-4:2007 apporte une assistance uniquement pour les systèmes fondés sur la MMS, c’est-à-dire les systèmes utilisant une pile de protocoles OSI (open systems interworking - interconnexion de systèmes ouverts), le présent document fournit également une assistance quant aux protocoles d’application utilisant d’autres piles de protocoles, par exemple une suite de protocoles Internet (voir 4.1). Cette assistance est étendue afin d’assurer la protection des protocoles d’application utilisant le codage XML. Cette sécurité étendue au niveau de la couche application est appelée sécurité E2E.
En plus de la sécurité E2E, la présente partie de l’IEC 62351 présente également la mise en correspondance avec les protocoles environnementaux comportant les informations concernant la sécurité. Seuls les environnements OSI et XMPP sont actuellement pris en considération.

General Information

Status
Published
Publication Date
16-Jul-2020
ICS
33.200 - Telecontrol. Telemetering
Technical Committee
TC 57 - Power systems management and associated information exchange
Drafting Committee
WG 15 - TC 57/WG 15
Current Stage
PPUB - Publication issued
Start Date
19-Nov-2018
Completion Date
23-Nov-2018
Ref Project

Relations

Replaces
IEC TS 62351-4:2007 - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS
Effective Date
05-Sep-2023
iec62351-4{ed1.0}en - IEC 62351-4:2018 - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:11/19/2018 Isbn:9782832262627iec62351-4{ed1.0}en - IEC 62351-4:2018 - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:11/19/2018 Isbn:9782832262627
PreviousNext
Standard
iec62351-4{ed1.0}en - IEC 62351-4:2018 - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:11/19/2018 Isbn:9782832262627
English language
109 pages
sale 15% off
Preview
sale 15% off
Preview
iec62351-4{ed1.1}b - IEC 62351-4:2018+AMD1:2020 CSV - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:7/17/2020iec62351-4{ed1.1}b - IEC 62351-4:2018+AMD1:2020 CSV - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:7/17/2020
PreviousNext
Standard
iec62351-4{ed1.1}b - IEC 62351-4:2018+AMD1:2020 CSV - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives Released:7/17/2020
English and French language
494 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC 62351-4 ®
Edition 1.0 2018-11
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange – Data and
communications security –
Part 4: Profiles including MMS and derivatives

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 21 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.

IEC publications search - webstore.iec.ch/advsearchform IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 67 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and

CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC 62351-4 ®
Edition 1.0 2018-11
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange – Data and

communications security –
Part 4: Profiles including MMS and derivatives

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 33.200 ISBN 978-2-8322-6262-7

– 2 – IEC 62351-4:2018 © IEC 2018
CONTENTS
FOREWORD . 8
1 Scope . 10
1.1 General . 10
1.2 Code components . 11
2 Normative references . 11
3 Terms, definitions and abbreviated terms . 12
3.1 General . 12
3.2 Terms and definitions . 13
3.3 Abbreviated terms . 16
4 Security issues addressed by this part of IEC 62351 . 17
4.1 Communications reference models . 17
4.2 Security for application and transport profiles . 18
4.3 Compatibility and native modes. 19
4.4 Security threats countered . 19
4.4.1 General . 19
4.4.2 Threats countered in compatibility mode . 20
4.4.3 Threats countered in native mode . 20
4.5 Attack methods countered . 20
4.5.1 General . 20
4.5.2 Attacks countered in compatibility mode . 20
4.5.3 Attacks countered in native mode . 20
4.6 Logging . 21
5 Specific requirements . 21
5.1 Specific requirements for ICCP/IEC 60870-6-x communication stack . 21
5.2 Specific requirements for IEC 61850 . 22
6 Transport Security . 22
6.1 General . 22
6.2 Application of transport layer security (TLS) . 22
6.2.1 General . 22
6.2.2 The TLS cipher suite concept . 23
6.2.3 TLS session resumption . 23
6.2.4 TLS session renegotiation . 23
6.2.5 Supported number of trust anchors . 23
6.2.6 Public-key certificate size . 23
6.2.7 Evaluation period for revocation state of public-key certificates . 23
6.2.8 Public-key certificate validation . 24
6.2.9 Security events handling . 24
6.3 T-security in an OSI operational environment . 24
6.3.1 General . 24
6.3.2 TCP ports . 24
6.3.3 Disabling of TLS . 25
6.3.4 TLS cipher suites support . 25
6.4 T-security in an XMPP operational environment . 26
7 Application layer security overview (informative) . 26
7.1 General . 26
7.2 Description techniques . 27

7.2.1 General . 27
7.2.2 ASN.1 as an XML schema definition . 27
7.2.3 W3C XML Schema Definition (W3C XSD) . 28
7.2.4 XML namespace . 28
8 Use of cryptographic algorithms . 28
8.1 General . 28
8.2 Basic cryptographic definitions . 28
8.3 Public-key algorithms . 29
8.4 Hash algorithms . 30
8.5 Signature algorithms . 30
8.6 Symmetric encryption algorithms used for encryption only . 30
8.7 Authenticated encryption algorithms . 31
8.8 Integrity check value algorithms . 31
9 Object identifier allocation (normative) . 32
10 General OSI upper layer requirements (normative) . 32
10.1 Overview. 32
10.2 General on OSI upper layer requirements . 33
10.3 Session protocol requirements . 33
10.4 Presentation protocol requirements . 34
10.4.1 Context list . 34
10.4.2 Abstract syntaxes . 34
10.4.3 Presentation user data . 34
10.4.4 ASN.1 encoding requirements . 35
10.5 Association control service element (ACSE) protocol requirements . 36
10.5.1 General . 36
10.5.2 Protocol version . 36
10.5.3 Titles . 36
10.5.4 Use of ASN.1 EXTERNAL data type . 36
11 A-security-profile (normative) . 37
11.1 OSI requirements specific to A-security profile . 37
11.1.1 General . 37
11.1.2 Additional session protocol requirements . 37
11.1.3 Additional presentation protocol requirement . 37
11.1.4 Additional ACSE requirements . 37
11.2 MMS Authentication value . 39
11.2.1 General . 39
11.2.2 MMS-Authentication value data type . 39
11.2.3 Handling of the association request (AARQ-apdu) . 40
11.2.4 Handling of the association result (AARE-apdu) . 40
12 End-to-end application security model . 41
12.1 Introduction and general architecture . 41
12.2 Abstract syntax specifications . 42
12.2.1 General . 42
13 End-to-end application security (normative) . 43
13.1 Association management . 43
13.1.1 General concept . 43
13.1.2 UTC time specification . 43
13.1.3 Handshake request . 43

– 4 – IEC 62351-4:2018 © IEC 2018
13.1.4 Handshake accept . 44
13.1.5 Association reject by the protected protocol . 45
13.1.6 Association reject due to security issues. 45
13.1.7 Handshake security abort . 46
13.1.8 Data transfer security abort . 46
13.1.9 Abort by protected protocol . 46
13.1.10 Association release request . 47
13.1.11 Association release response . 47
13.2 Data transfer phase . 47
13.2.1 General . 47
13.2.2 Clear data transfer . 48
13.2.3 Encrypted data transfer . 48
13.3 ClearToken data types . 49
13.3.1 The ClearToken1 data type . 49
13.3.2 The ClearToken2 data type . 53
13.3.3 The ClearToken3 data type . 54
13.4 Authentication and integrity specifications . 55
13.4.1 The Signature data type . 55
13.4.2 The authenticator data type . 55
14 E2E security error handling (normative) . 56
14.1 General . 56
14.2 Specification of diagnostics . 56
14.2.1 Handshake diagnostics . 56
14.2.2 The data transfer diagnostics . 57
14.3 Checking of E2E-security handshake request and accept . 58
14.3.1 General . 58
14.3.2 Signature checking . 58
14.3.3 Protected protocol identity checking . 59
14.3.4 ClearToken1 checking . 59
14.4 Checking of security protocol control information during data transfer . 60
14.4.1 General . 60
14.4.2 Authenticator checking . 60
14.4.3 Checks of the ClearToken2 value . 60
15 E2E security used in an OSI operational environment . 61
15.1 General . 61
15.2 Additional upper layer requirements . 61
15.2.1 Additional presentation layer requirements . 61
15.2.2 Additional ACSE requirements . 61
15.3 Association management in an OSI operational environment . 62
15.3.1 General . 62
15.3.2 Mapping to ACSE association request . 62
15.3.3 Mapping to ACSE association response . 62
15.3.4 Mapping to ACSE abort . 63
15.3.5 Mapping to ACSE release request . 64
15.3.6 Mapping to ACSE release response . 64
15.4 Data transfer in OSI operational environment . 64
15.4.1 General . 64
15.4.2 Mapping of the clear data transfer SecPDU . 64
15.4.3 Mapping of the encrypted data transfer SecPDU . 65

15.5 OSI upper layer routing . 65
15.6 OSI operational environment checking . 66
15.6.1 General checking . 66
15.6.2 Environment mapping checking . 66
15.6.3 OSI operational environment diagnostics . 67
16 E2E security used in in an XMPP operational environment . 67
16.1 General on wrapping to an XMPP operational environment . 67
16.2 Mapping of SecPDUs to iq stanzas . 68
16.3 Mapping of SecPDUs to message stanzas . 69
16.4 XMPP stanza error handling . 69
16.5 XML namespaces . 70
16.6 Encoding of EnvPDUs within XMPP stanzas . 70
16.7 Multiple associations . 71
16.8 Release collision consideration . 71
17 Conformance to this document . 71
17.1 General . 71
17.2 Notation . 71
17.3 Conformance to operational environment . 71
17.4 Conformance to modes of operation . 72
17.5 Conformance to compatibility mode . 72
17.6 Conformance to native mode . 73
Annex A (normative) Formal ASN.1 specification for the A-security-profile . 75
Annex B (normative) Formal ASN.1 specification for the End-to-End security. 76
Annex C (normative) Formal W3C XSD specification for the end-to-end security . 82
Annex D (normative) ASN.1 module for OSI operational environment . 89
D.1 Scope of annex . 89
D.2 ASN.1 module . 89
Annex E (normative) ASN.1 modules and W3C XSDs for an XMPP operational
environment . 91
E.1 Scope of Annex . 91
E.2 ASN.1 modules for the XMPP operational environment . 91
E.2.1 ASN.1 module for the urn:ietf:params:xml:ns:xmpp-stanzas XML
namespace . 91
E.2.2 ASN.1 module for the http://www.iec.ch/62351/2018/ENV_4 XML
namespace . 91
E.3 W3C XSDs for the XMPP operational environment . 93
E.3.1 W3C XSD for the urn:ietf:params:xml:ns:xmpp-stanzas XML namespace . 93
E.3.2 W3C XSD for the http://www.iec.ch/62351/2018/ENV_4 XML
namespace . 94
Annex F (normative) Template for virtual API specifications . 96
F.1 General . 96
F.2 ASN.1 virtual API specification . 97
F.3 W3C XSD virtual API specification . 97
Annex G (normative) End-entity public-key certificate specification . 98
G.1 Scope of annex . 98
G.2 General requirement . 98
G.3 Length considerations . 98
G.4 Basic Structure requirement and recommendations . 98
G.4.1 Version component . 98

– 6 – IEC 62351-4:2018 © IEC 2018
G.4.2 Serial number component . 98
G.4.3 Issuer signature algorithm component . 98
G.4.4 Issuer component . 99
G.4.5 Validity component . 99
G.4.6 Subject component . 99
G.4.7 Subject public key Information component . 99
G.4.8 Issuer unique ID and subject unique ID components . 100
G.5 Extensions . 100
G.5.1 General . 100
G.5.2 Key usage extension . 100
G.5.3 Revocation checking . 100
G.5.4 IEC user role information extension . 101
G.6 Specific requirements for operational environments . 101
G.6.1 General . 101
G.6.2 OSI operational environment . 101
G.6.3 XMPP operational environment . 101
Annex H (normative) Lower layer requirements for the OSI operational environment . 102
H.1 Scope of annex . 102
H.2 Transport protocol class 0 . 102
H.2.1 Enforcement of maximum lengths . 102
H.2.2 Response to Class 0 unsupported TPDUs . 102
H.2.3 Transport selectors . 102
H.3 IETF RFC 1006 . 103
H.3.1 General . 103
H.3.2 Version number . 103
H.3.3 Length . 103
H.3.4 Keep-alive . 103
Annex I (informative) ASN.1 definition of ACSE . 104
Bibliography . 108

Figure 1 – Application and transport profiles (informative) . 18
Figure 2 – T-profiles without and with TLS protection . 24
Figure 3 – Association establishment . 33
Figure 4 – Inclusion of User-data in SESSION DATA TRANFER SPDU . 35
Figure 5 – E2E security building blocks . 41
Figure 6 – Relationship between environment, E2E-security and protected protocol . 41
Figure 7 – Relationships between APDUs . 42
Figure 8 – The scope of E2E-security specification . 42
Figure 9 – Upper layer routing . 65
Figure F.1 – Virtual API concept . 96

Table 1 – Relationship between security and security measure combinations . 19
Table 2 – Commented recommended cipher suites from IEC TS 62351-4:2007 . 25
Table 3 – Cipher suites combinations in the context of this document . 26
Table 4 – Mapping of SecPDUs to ACSE APDUs . 62
Table 5 – Mapping of SecPDUs to XMPP stanzas . 68

Table 6 – Conformance to operational environment . 72
Table 7 – Conformance to modes of operation . 72
Table 8 – Conformance to compatibility mode . 72
Table 9 – Conformance to TLS cipher suites in compatibility mode . 73
Table 10 – Conformance to native mode . 73
Table 11 – Conformance to mode of encryption . 73
Table 12 – Conformance to TLS cipher suites in native mode . 74
Table 13 – Conformance to cryptographic algorithms for E2E-security . 74
Table H.1 – TP class 0 maximum sizes . 102

– 8 – IEC 62351-4:2018 © IEC 2018
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 4: Profiles including MMS and derivatives

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
International Standard IEC 62351-4 has been prepared by IEC technical committee 57: Power
systems management and associated exchange.
The text of this standard is based on the following documents:
FDIS Report on voting
57/2032/FDIS 57/2053/RVD
Full information on the voting for the approval of this standard can be found in the report on
voting indicated in the above table.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
This IEC standard includes Code Components i.e. components that are intended to be directly
processed by a computer. Such content is any text found between the markers BEGINS> and , or otherwise is clearly labelled in this standard as a Code
Component.
The purchase of this IEC standard carries a copyright license for the purchaser to sell
software containing Code Components from this standard to end users either directly or via
distributors, subject to IEC software licensing conditions, which can be found at:
www.iec.ch/CCv1.
In this document the following print types are used:
– Abstract Syntax Notation One (ASN.1) and W3C XML Schema Definition (W3C XSD)
notions are presented in bold Courier New typeface; and
– when ASN.1 types and values are referenced in normal text, they are differentiated from
normal text by presenting them in bold Courier New typeface.
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
The committee has decided that the contents of this publication will remain unchanged until
the stability date indicated on the IEC web site under "http://webstore.iec.ch" in the data
related to the specific publication. At this date, the publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 10 – IEC 62351-4:2018 © IEC 2018
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 4: Profiles including MMS and derivatives

1 Scope
1.1 General
This part of IEC 62351 extends the scope of IEC TS 62351-4:2007 [1] by specifying a
compatibility mode that provides interoperation with implementation based on IEC TS 62351-
4:2007 and by specifying extended capabilities referred to as native mode.
This part of IEC 62351 specifies security requirements both at the transport layer and at the
application layer. While IEC TS 62351-4:2007 primarily provided some limited support at the
application layer for authentication during handshake for the Manufacturing Message
Specification (MMS) based applications, this document also provides support for extended
integrity and authentication both for the handshake phase and for the data transfer phase. It
provides for shared key management and data transfer encryption at the application layer and
it provides security end-to-end (E2E) with zero or more intermediate entities. While IEC TS
62351-4:2007 only provides support for systems based on the MMS, i.e. systems using an
Open Systems Interworking (OSI) protocol stack, this document also provides support for
application protocols using other protocol stacks, e.g. an Internet protocol suite (see 4.1).
This support is extended to protect application protocols using XML encoding. This extended
security at the application layer is referred to as E2E-security.
In addition to E2E security, this part of IEC 62351 also provides mapping to environmental
protocols carrying the security related information. Only OSI and XMPP environments are
currently considered.
It is intended that this part of IEC 62351 be referenced as a normative part of standards that
have a need for using application protocols, e.g., MMS, in a secure manner.
It is anticipated that there are implementations, in particular Inter-Control Centre
Communications Protocol (ICCP) implementations that are dependent on the IEC TS 62351-
4:2007 specifications of the T-profile and the A-security-profile. The specifications from IEC
TS 62351-4:2007 are therefore included in this part of IEC 62351. Implementations supporting
these specifications will interwork with implementation based on IEC TS 62351-4:2007.
NOTE The A-security-profile is in the strict sense not a profile, but the term is here kept for historical reasons.
This document represents a set of mandatory and optional security specifications to be
implemented to protect application protocols.
The initial audience for this document is the members of the working groups developing or
making use of protocols. For the measures described in this part of IEC 62351 to take effect,
they shall be accepted and referenced by the specifications for the protocols themselves.
The subsequent audience for this document is the developers of products that implement
these protocols and the end user that want to specify requirements for its own environment.
___________
Numbers in square brackets refer to the bibliography.

Portions of this document may also be of use to managers and executives in order to
understand the purpose and requirements of the work.
1.2 Code components
The purchase of this IEC standard carries a copyright license for the purchaser to sell
software containing Code Components from this standard to end users either directly or via
distributors, subject to IEC software licensing conditions, which can be found at:
www.iec.ch/CCv1.
The Code Components included in this IEC standard are also available as electronic machine
readable file at: www.iec.ch/public/tc57/supportdocuments/IEC_62351-4.ASN.1_XSD.full.zip
In this document, code components are contained within Annexes A, B, C, D and E.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC TS 62351-1, Power systems management and associated information exchange – Data
and communications security – Part 1: Communication network and system security –
Introduction to security issues
IEC TS 62351-2, Power systems management and associated information exchange – Data
and communications security – Part 2: Glossary of terms
IEC 62351-3:2014, Power systems management and associated information exchange – Data
and communications security – Part 3: Communication network and system security – Profiles
including TCP/IP
IEC 62351-3:2014/AMD1:2018
IEC TS 62351-8:2011, Power systems management and associated information exchange –
Data and communications security – Part 8: Role-based access control
IEC 62351-9:2017, Power systems management and associated information exchange – Data
and communications security – Part 9: Cyber security key management for power system
equipment
ISO/IEC 8073:1997 | Rec. ITU-T X.224 (1995), Information technology – open systems
interconnection – Protocol for providing the connection-mode transport service
ISO/IEC 8823-1:1994 | Rec. ITU-T X.226 (1994), Information technology – open systems
interconnection – connection-oriented presentation protocol: Protocol specification
ISO/IEC 8824-1 | Rec. ITU-T X.680, Information technology – Abstract Syntax Notation One
(ASN.1): Specification of basic notation
ISO/IEC 8825-1 | Rec. ITU-T X.690, Information technology – ASN.1 encoding rules:
Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and
Distinguished Encoding Rules (DER)
ISO/IEC 8825-4 | Rec. ITU-T X.693, Information technology – ASN.1 encoding rules: XML
Encoding Rules (XER)
– 12 – IEC 62351-4:2018 © IEC 2018
ISO 8601:2004, Data elements and interchange formats – Information interchange –
Representation of dates and times
ISO 9506-2:2003, Industrial automation systems – Manufacturing Message Specification –
Part 2: Protocol specification
ISO/IEC 9594-8: | Rec.
...


IEC 62351-4 ®
Edition 1.1 2020-07
CONSOLIDATED VERSION
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Power systems management and associated information exchange – Data and
communications security –
Part 4: Profiles including MMS and derivatives

Gestion des systèmes de puissance et échanges d'informations associés –
Sécurité des communications et des données –
Partie 4: Profils comprenant le MMS et ses dérivés

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and definitions clause of
IEC publications issued between 2002 and 2015. Some
IEC Customer Service Centre - webstore.iec.ch/csc entries have been collected from earlier publications of IEC
If you wish to give us your feedback on this publication or TC 37, 77, 86 and CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues entre 2002 et 2015. Plus certaines
entrées antérieures extraites des publications des CE 37, 77,
Service Clients - webstore.iec.ch/csc 86 et CISPR de l'IEC.

Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 62351-4 ®
Edition 1.1 2020-07
CONSOLIDATED VERSION
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Power systems management and associated information exchange – Data and

communications security –
Part 4: Profiles including MMS and derivatives

Gestion des systèmes de puissance et échanges d'informations associés –

Sécurité des communications et des données –

Partie 4: Profils comprenant le MMS et ses dérivés

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 33.200 ISBN 978-2-8322-8621-0

IEC 62351-4 ®
Edition 1.1 2020-07
REDLINE VERSION
VERSION REDLINE
colour
inside
Power systems management and associated information exchange – Data and
communications security –
Part 4: Profiles including MMS and derivatives

Gestion des systèmes de puissance et échanges d'informations associés –
Sécurité des communications et des données –
Partie 4: Profils comprenant le MMS et ses dérivés

– 2 – IEC 62351-4:2018+AMD1:2020 CSV
© IEC 2020
CONTENTS
FOREWORD . 8
1 Scope . 10
1.1 General . 10
1.2 Code components . 11
2 Normative references . 11
3 Terms, definitions and abbreviated terms . 12
3.1 General . 12
3.2 Terms and definitions . 13
3.3 Abbreviated terms . 16
4 Security issues addressed by this part of IEC 62351 . 18
4.1 Communications reference models . 18
4.2 Security for application and transport profiles . 18
4.3 Compatibility and native modes. 19
4.4 Security threats countered . 19
4.4.1 General . 19
4.4.2 Threats countered in compatibility mode . 20
4.4.3 Threats countered in native mode . 20
4.5 Attack methods countered . 20
4.5.1 General . 20
4.5.2 Attacks countered in compatibility mode . 20
4.5.3 Attacks countered in native mode . 20
4.6 Logging . 21
5 Specific requirements . 21
5.1 Specific requirements for ICCP/IEC 60870-6-x communication stack . 21
5.2 Specific requirements for IEC 61850 . 22
6 Transport Security . 22
6.1 General . 22
6.2 Application of transport layer security (TLS) . 22
6.2.1 General . 22
6.2.2 The TLS cipher suite concept . 23
6.2.3 TLS session resumption . 23
6.2.4 TLS session renegotiation . 23
6.2.5 Supported number of trust anchors . 23
6.2.6 Public-key certificate size . 23
6.2.7 Evaluation period for revocation state of public-key certificates . 23
6.2.8 Public-key certificate validation . 24
6.2.9 Security events handling . 24
6.3 T-security in an OSI operational environment . 24
6.3.1 General . 24
6.3.2 TCP ports . 24
6.3.3 Disabling of TLS . 25
6.3.4 TLS cipher suites support . 25
6.4 T-security in an XMPP operational environment . 27
7 Application layer security overview (informative) . 27
7.1 General . 27
7.2 Description techniques . 28

© IEC 2020
7.2.1 General . 28
7.2.2 ASN.1 as an XML schema definition . 28
7.2.3 W3C XML Schema Definition (W3C XSD) . 28
7.2.4 XML namespace . 29
8 Use of cryptographic algorithms . 29
8.1 General . 29
8.2 Basic cryptographic definitions . 29
8.3 Public-key algorithms . 30
8.4 Hash algorithms . 31
8.5 Signature algorithms . 31
8.6 Symmetric encryption key algorithms used for encryption only . 31
8.7 Authenticated encryption algorithms . 32
8.8 Integrity check value algorithms . 32
9 Object identifier allocation (normative) . 33
10 General OSI upper layer requirements (normative) . 33
10.1 Overview. 33
10.2 General on OSI upper layer requirements . 34
10.3 Session protocol requirements . 34
10.4 Presentation protocol requirements . 35
10.4.1 Context list . 35
10.4.2 Abstract syntaxes . 35
10.4.3 Presentation user data . 36
10.4.4 ASN.1 encoding requirements . 36
10.5 Association control service element (ACSE) protocol requirements . 37
10.5.1 General . 37
10.5.2 Protocol version . 37
10.5.3 Titles . 37
10.5.4 Use of ASN.1 EXTERNAL data type . 38
11 A-security profile (normative) . 38
11.1 OSI requirements specific to A-security profile . 38
11.1.1 General . 38
11.1.2 Additional session protocol requirements . 38
11.1.3 Additional presentation protocol requirement . 38
11.1.4 Additional ACSE requirements . 39
11.2 MMS Authentication value . 41
11.2.1 General . 41
11.2.2 MMS-Authentication value data type . 41
11.2.3 Handling of the association request (AARQ-apdu) . 42
11.2.4 Handling of the association result (AARE-apdu) . 42
12 End-to-end application security model . 43
12.1 Introduction and general architecture . 43
12.2 Abstract syntax specifications . 45
12.2.1 General . 45
13 End-to-end application security (normative) . 45
13.1 Association management . 45
13.1.1 General concept . 45
13.1.2 UTC time specification . 45
13.1.3 Handshake request . 46

– 4 – IEC 62351-4:2018+AMD1:2020 CSV
© IEC 2020
13.1.4 Handshake accept . 47
13.1.5 Association reject by the protected protocol . 47
13.1.6 Association reject due to security issues. 48
13.1.7 Handshake security abort . 48
13.1.8 Data transfer security abort . 48
13.1.9 Abort by protected protocol . 49
13.1.10 Association release request . 49
13.1.11 Association release response . 50
13.2 Data transfer phase . 50
13.2.1 General . 50
13.2.2 Clear data transfer . 50
13.2.3 Encrypted data transfer . 50
13.3 ClearToken data types . 51
13.3.1 The ClearToken1 data type . 51
13.3.2 The ClearToken2 data type . 58
13.3.3 The ClearToken3 data type . 59
13.4 Authentication and integrity specifications . 60
13.4.1 The Signature data type . 60
13.4.2 The authenticator data type . 60
14 E2E security error handling (normative) . 61
14.1 General . 61
14.2 Specification of diagnostics . 61
14.2.1 Handshake diagnostics . 61
14.2.2 The data transfer diagnostics . 63
14.3 Checking of E2E-security handshake request and accept . 64
14.3.1 General . 64
14.3.2 Signature checking . 64
14.3.3 Protected protocol identity checking . 65
14.3.4 ClearToken1 checking . 65
14.4 Checking of security protocol control information during data transfer . 67
14.4.1 General . 67
14.4.2 Authenticator checking . 67
14.4.3 Checks of the ClearToken2 value . 67
15 E2E security used in an OSI operational environment . 68
15.1 General . 68
15.2 Additional upper layer requirements . 68
15.2.1 Additional presentation layer requirements . 68
15.2.2 Additional ACSE requirements . 68
15.3 Association management in an OSI operational environment . 69
15.3.1 General . 69
15.3.2 Mapping to ACSE association request . 69
15.3.3 Mapping to ACSE association response . 69
15.3.4 Mapping to ACSE abort . 70
15.3.5 Mapping to ACSE release request . 71
15.3.6 Mapping to ACSE release response . 71
15.4 Data transfer in OSI operational environment . 71
15.4.1 General . 71
15.4.2 Mapping of the clear data transfer SecPDU . 71
15.4.3 Mapping of the encrypted data transfer SecPDU . 72

© IEC 2020
15.5 OSI upper layer routing . 72
15.6 OSI operational environment checking . 74
15.6.1 General checking . 74
15.6.2 Environment mapping checking . 75
15.6.3 OSI operational environment diagnostics . 75
16 E2E security used in in an XMPP operational environment . 75
16.1 General on wrapping to an XMPP operational environment . 75
16.2 Mapping of SecPDUs to iq stanzas . 76
16.3 Mapping of SecPDUs to message stanzas . 77
16.4 XMPP stanza error handling . 77
16.5 XML namespaces . 78
16.6 Encoding of EnvPDUs within XMPP stanzas . 78
16.7 Multiple associations . 79
16.8 Release collision consideration . 79
17 Conformance to this document . 79
17.1 General . 79
17.2 Notation . 79
17.3 Conformance to operational environment . 80
17.4 Conformance to modes of operation . 80
17.5 Conformance to compatibility mode . 80
17.6 Conformance to native mode . 81
Annex A (normative) Formal ASN.1 specification for the A-security-profile . 83
Annex B (normative) Formal ASN.1 specification for the End-to-End security. 84
Annex C (normative) Formal W3C XSD specification for the end-to-end security . 95
Annex D (normative) ASN.1 module for OSI operational environment . 110
D.1 Scope of annex . 110
D.2 ASN.1 module . 110
Annex E (normative) ASN.1 modules and W3C XSDs for an XMPP operational
environment . 112
E.1 Scope of Annex . 112
E.2 ASN.1 modules for the XMPP operational environment . 112
E.2.1 ASN.1 module for the urn:ietf:params:xml:ns:xmpp-stanzas XML
namespace . 112
E.2.2 ASN.1 module for the http://www.iec.ch/62351/2018/ENV_4 XML
namespace . 112
E.3 W3C XSDs for the XMPP operational environment . 114
E.3.1 W3C XSD for the urn:ietf:params:xml:ns:xmpp-stanzas XML namespace . 114
E.3.2 W3C XSD for the http://www.iec.ch/62351/2018/ENV_4 XML
namespace . 115
Annex F (normative) Template for virtual API specifications . 117
F.1 General . 117
F.2 ASN.1 virtual API specification . 118
F.3 ASN.1 virtual API specification for OSI environment . 118
F.34 W3C XSD virtual API specification . 118
Annex G (normative) End-entity public-key certificate specification . 120
G.1 Scope of annex . 120
G.2 General requirement . 120
G.3 Length considerations . 120
G.4 Basic Structure requirement and recommendations . 120

– 6 – IEC 62351-4:2018+AMD1:2020 CSV
© IEC 2020
G.4.1 Version component . 120
G.4.2 Serial number component . 120
G.4.3 Issuer signature algorithm component . 120
G.4.4 Issuer component . 121
G.4.5 Validity component . 121
G.4.6 Subject component . 121
G.4.7 Subject public key Information component . 121
G.4.8 Issuer unique ID and subject unique ID components . 122
G.5 Extensions . 122
G.5.1 General . 122
G.5.2 Key usage extension . 122
G.5.3 Revocation checking . 122
G.5.4 IEC user role information extension . 123
G.6 Specific requirements for operational environments . 123
G.6.1 General . 123
G.6.2 OSI operational environment . 123
G.6.3 XMPP operational environment . 123
Annex H (normative) Lower layer requirements for the OSI operational environment . 124
H.1 Scope of annex . 124
H.2 Transport protocol class 0 . 124
H.2.1 Enforcement of maximum lengths . 124
H.2.2 Response to Class 0 unsupported TPDUs . 124
H.2.3 Transport selectors . 124
H.3 IETF RFC 1006 . 125
H.3.1 General . 125
H.3.2 Version number . 125
H.3.3 Length . 125
H.3.4 Keep-alive . 125
Annex I (informative) ASN.1 definition of ACSE . 126
Bibliography . 130

Figure 1 – Application and transport profiles (informative) . 18
Figure 2 – T-profiles without and with TLS protection . 24
Figure 3 – Association establishment . 34
Figure 4 – Inclusion of User-data in SESSION DATA TRANFER SPDU . 36
Figure 5 – E2E security building blocks . 43
Figure 6 – Relationship between environment, E2E-security and protected protocol . 44
Figure 7 – Relationships between APDUs . 44
Figure 8 – The scope of E2E-security specification . 44
Figure 9 – Upper layer routing . 73
Figure F.1 – Virtual API concept . 117

Table 1 – Relationship between security and security measure combinations . 19
Table 2 – Commented recommended cipher suites from IEC TS 62351-4:2007 . 26
Table 3 – Cipher suites combinations in the context of this document . 27
Table 4 – Mapping of SecPDUs to ACSE APDUs EnvPDUs . 69

© IEC 2020
Table 5 – Mapping of SecPDUs to XMPP stanzas . 76
Table 6 – Conformance to operational environment . 80
Table 7 – Conformance to modes of operation . 80
Table 8 – Conformance to compatibility mode .
Table 98 – Conformance to TLS cipher suites in compatibility mode . 81
Table 119 – Conformance to mode of encryption . 81
Table 10 – Conformance to native mode .
Table 1210 – Conformance to TLS cipher suites in native mode . 82
Table 1311 – Conformance to cryptographic algorithms for E2E-security . 82
Table H.1 – TP class 0 maximum sizes . 124

– 8 – IEC 62351-4:2018+AMD1:2020 CSV
© IEC 2020
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 4: Profiles including MMS and derivatives

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
This consolidated version of the official IEC Standard and its amendment has been
prepared for user convenience.
IEC 62351-4 edition 1.1 contains the first edition (2018-11) [documents 57/2032/FDIS and
57/2053/RVD] and its amendment 1 (2020-07) [documents 57/2217/FDIS and
57/2053/RVD].
In this Redline version, a vertical line in the margin shows where the technical content
is modified by amendment 1. Additions are in green text, deletions are in strikethrough
red text. A separate Final version with all changes accepted is available in this
publication.
© IEC 2020
International Standard IEC 62351-4 has been prepared by IEC technical committee 57: Power
systems management and associated exchange.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
This IEC standard includes Code Components i.e. components that are intended to be directly
processed by a computer. Such content is any text found between the markers BEGINS> and , or otherwise is clearly labelled in this standard as a Code
Component.
The purchase of this IEC standard carries a copyright license for the purchaser to sell
software containing Code Components from this standard to end users either directly or via
distributors, subject to IEC software licensing conditions, which can be found at:
www.iec.ch/CCv1.
In this document the following print types are used:
– Abstract Syntax Notation One (ASN.1) and W3C XML Schema Definition (W3C XSD)
notions are presented in bold Courier New typeface; and
– when ASN.1 types and values are referenced in normal text, they are differentiated from
normal text by presenting them in bold Courier New typeface.
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
The committee has decided that the contents of the base publication and its amendment will
remain unchanged until the stability date indicated on the IEC web site under
"http://webstore.iec.ch" in the data related to the specific publication. At this date, the
publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 10 – IEC 62351-4:2018+AMD1:2020 CSV
© IEC 2020
POWER SYSTEMS MANAGEMENT AND
ASSOCIATED INFORMATION EXCHANGE –
DATA AND COMMUNICATIONS SECURITY –

Part 4: Profiles including MMS and derivatives

1 Scope
1.1 General
This part of IEC 62351 extends the scope of IEC TS 62351-4:2007 [1] by specifying a
compatibility mode that provides interoperation with implementation based on IEC TS 62351-
4:2007 and by specifying extended capabilities referred to as native mode.
This part of IEC 62351 specifies security requirements both at the transport layer and at the
application layer. While IEC TS 62351-4:2007 primarily provided some limited support at the
application layer for authentication during handshake for the Manufacturing Message
Specification (MMS) based applications, this document also provides support for extended
integrity and authentication both for the handshake phase and for the data transfer phase. It
provides for shared key management and data transfer encryption at the application layer and
it provides security end-to-end (E2E) with zero or more intermediate entities. While IEC TS
62351-4:2007 only provides support for systems based on the MMS, i.e. systems using an
Open Systems Interworking (OSI) protocol stack, this document also provides support for
application protocols using other protocol stacks, e.g. an Internet protocol suite (see 4.1).
This support is extended to protect application protocols using XML encoding. This extended
security at the application layer is referred to as E2E-security.
In addition to E2E security, this part of IEC 62351 also provides mapping to environmental
protocols carrying the security related information. Only OSI and XMPP environments are
currently considered.
It is intended that this part of IEC 62351 be referenced as a normative part of standards that
have a need for using application protocols, e.g., MMS, in a secure manner.
It is anticipated that there are implementations, in particular Inter-Control Centre
Communications Protocol (ICCP) implementations that are dependent on the IEC TS 62351-
4:2007 specifications of the T-profile and the A-security-profile. The specifications from IEC
TS 62351-4:2007 are therefore included in this part of IEC 62351. Implementations supporting
these specifications will interwork with implementation based on IEC TS 62351-4:2007.
NOTE The A-security-profile is in the strict sense not a profile, but the term is here kept for historical reasons.
This document represents a set of mandatory and optional security specifications
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

Loading comments...

This May Also Interest You

IEC
IEC 62351-7:2025(Main)
Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models

IEC 62351-7:2025 defines network and system management (NSM) data object models that are specific to power system operations. These NSM data objects will be used to monitor the health of networks and systems, to detect possible security intrusions, and to manage the performance and reliability of the information infrastructure. The goal is to define a set of abstract objects that will allow the remote monitoring of the health and condition of IEDs (Intelligent Electronic Devices), RTUs (Remote Terminal Units), DERs (Distributed Energy Resources) systems and other systems that are important to power system operations.
Power systems operations are increasingly reliant on information infrastructures, including communication networks, IEDs, and self-defining communication protocols. Therefore, management of the information infrastructure has become crucial to providing the necessary high levels of security and reliability in power system operations.
The telecommunication infrastructure that is in use for the transport of telecontrol and automation protocols is already subject to health and condition monitoring control, using the concepts developed in the IETF Simple Network Management Protocol (SNMP) standards for network management. However, power system specific devices (like teleprotection, telecontrol, substation automation, synchrophasors, inverters and protections) need instead a specific solution for monitoring their health.
The NSM objects provide monitoring data for IEC protocols used for power systems (IEC 61850, IEC 60870-5-104) and device specific environmental and security status. As a derivative of IEC 60870-5-104, IEEE 1815 DNP3 is also included in the list of monitored protocols. The NSM data objects use the naming conventions developed for IEC 61850, expanded to address NSM issues. For the sake of generality these data objects, and the data types of which they are comprised, are defined as abstract models of data objects.
In addition to the abstract model, in order to allow the integration of the monitoring of power system devices within the NSM environment in this part of IEC 62351, a mapping of objects to the SNMP protocol of Management Information Base (MIBs) is provided.
The objects that are already covered by existing MIBs are not defined here but are expected to be compliant with existing MIB standards. For example protocols including EST, SCEP, RADIUS, LDAP, GDOI are not in scope.
This edition of IEC 62351-7 cancels and replaces IEC 62351-7 published in 2017. This new edition constitutes a technical revision and includes the following significant technical changes with respect to IEC 62351-7:
a) Reviewed and enriched the NSM object data model;
b) UML model adopted for NSM objects description;
c) SNMP protocol MIBs translation included as Code Components

  • Standard
    130 pages
    English language
    sale 15% off
  • Standard
    140 pages
    French language
    sale 15% off
  • Standard
    270 pages
    English and French language
    sale 15% off
IEC
IEC TR 62746-2:2025(Main)
Systems interface between customer energy management system and the power management system - Part 2: Use cases

IEC TR 62746-2:2025, which is a technical report, describes the main pillars of interoperability to assist different IEC Technical Committees in defining their interfaces and messages covering the whole chain between a Smart Grid and Smart Home/Building/Industrial area.
The main topics of this document are:
– To describe an architecture model from a logical point of view;
– To describe a set of user stories that describe a number of situations related to energy flexibility and demand side management as well as an outline of potential upcoming Smart Building and Smart Home scenarios. The set of user stories does not have the ambition to list all home and building (energy) management possibilities, but is meant as a set of examples that are used as input in use cases and to check that the set of use cases is complete;
– To describe a set of use cases based on the user stories and architecture. The use cases describe scenarios in which the communication between elements of the architecture are identified;
– To further detail the communication, identified in the use cases, by describing the messages and information to be exchanged.
This document can also be used as a blueprint for further smart home solutions like remote control, remote monitoring, ambient assistant living and so forth.
This technical report will be regularly revised by introducing new use cases and updating the current use cases. The use cases presented in this document are not going to be included in the IEC Use Case Management Repository (UCMR). The data models of some use cases presented here are defined in the second edition of IEC 62746-4 . The smart grid architecture model presented in this document is created in coordination with IEC TC13, SC23, and TC57
This second edition cancels and replaces the first edition published in 2015. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) The Architecture Model of the Smart Grid Coordination Group (Figure 6) has been replaced with the draft Architecture Model of TC57 in collaboration with SC23K and TC13;
b) The use cases from Edition 1 (2015) with the following IDs have been removed from the current document: JWG2000, JWG2001, JWG2010, JWG202x, JWG2041, JWG2042, JWG1111, WGSP2120, JWG30xx;
c) The use cases from Edition 1 (2015) with the following IDs: JWG1100, JWG1101, JWG-SPUC1102, and JWG1103 have been replaced with the use case JWG1100;
d) The following use cases have been added to the current document: JWG3000, JWG3001, JWG3002, JWG3003, JWG3004, JWG3005, JWG3006, JWG4000.

  • Technical report
    229 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-20:2025(Main)
Communication networks and systems for power utility automation - Part 90-20: Use cases of redundancy in systems

IEC TR 61850-90-20:2025, which is a technical report, describes use cases of redundancy in systems.
This document considers use cases of duplication of function and devices and covers redundancy of information flow at message level. Functional safety is out of scope of this document. To keep focus on details relevant for this document, some figures and drawings do not show electrical wiring, redundant coils, etc, where this is not important for the use case.
This document is not a guideline on the design of redundancy systems; guidance on designing redundancy systems can be found in textbooks

  • Technical report
    31 pages
    English language
    sale 15% off
IEC
IEC 61850-10:2012/AMD1:2025(Amendment)
Amendment 1 - Communication networks and systems for power utility automation - Part 10: Conformance testing
  • Standard
    72 pages
    English language
    sale 15% off
  • Standard
    75 pages
    French language
    sale 15% off
  • Standard
    147 pages
    English and French language
    sale 15% off
IEC
IEC 61850-10:2012(Main)
Communication networks and systems for power utility automation - Part 10: Conformance testing

IEC 61850-10:2012 specifies standard techniques for testing of conformance of client, server and sampled value devices and engineering tools, as well as specific measurement techniques to be applied when declaring performance parameters. The use of these techniques will enhance the ability of the system integrator to integrate IEDs easily, operate IEDs correctly, and support the applications as intended. The major technical changes with regard to the previous edition are as follows:
- updates to server device conformance test procedures;
- additions of certain test procedures (client device conformance, sampled values device conformance, (engineering) tool related conformance, GOOSE performance).

  • Standard
    190 pages
    English language
    sale 15% off
  • Standard
    170 pages
    English and French language
    sale 15% off
IEC
IEC TS 61850-6-3:2025(Main)
Communication networks and systems for power utility automation - Part 6-3: Format of machine-processable rules for validation of IEC 61850 XML-based files

IEC TS 61850-6-3:2025, which is a Technical Specification, describes how to use and define formal rules, in a machine-processable format: OCL, that can be imported and interpreted by tools.
The following main use cases are supported:
– Validate SCL files at every stage of the specification and engineering process;
– Verify the conformity of a SCL file after completion of the upgrading/downgrading rules;
– Extend standard OCL rules with private OCL rules
The purpose of this document is limited to the publication of the format and method to write correct and structured rules. The rules themselves are published as code components of the corresponding IEC 61850 parts.

  • Technical specification
    33 pages
    English language
    sale 15% off
IEC
IEC 62488-1:2025(Main)
Power line communication systems for power utility applications - Part 1: Planning of analogue and digital power line carrier systems operating over HV electricity grids

IEC 62488-1:2025 applies to the planning of analogue (APLC), digital (DPLC) and hybrid analogue-digital (ADPLC) power line carrier communication systems operating over HV electric power networks. The object of this document is to establish the planning of the services and performance parameters for the operational requirements to transmit and receive data efficiently and reliably.
Such analogue and digital power line carrier systems are used by the different electricity supply industries and integrated into their communication infrastructure using common communication technologies such as radio links, fibre optic and satellite networks
This second edition cancels and replaces the first edition published in 2012. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Complete revision of this edition with respect to the previous edition with the main focus on planning of analogue and digital power line carrier systems operating over HV power networks;
b) A general structure of a bidirectional point-to-multipoint APLC, DPLC or ADPLC link has been introduced;
c) Introduction of a new approach for global frequency planning.

  • Standard
    105 pages
    English language
    sale 15% off
  • Standard
    112 pages
    French language
    sale 15% off
  • Standard
    217 pages
    English and French language
    sale 15% off
IEC
IEC TS 61850-7-7:2018/AMD1:2023/COR1:2025(Amendment)
Corrigendum 1 - Amendment 1 - Communication networks and systems for power utility automation - Part 7-7: Machine-processable format of IEC 61850-related data models for tools
  • Technical specification
    3 pages
    English language
    sale 15% off
IEC
IEC TS 60870-5-7:2025(Main)
Telecontrol equipment and systems - Part 5-7: Transmission protocols - Security extensions to IEC 60870-5-101 and IEC 60870-5-104 protocols (applying IEC 62351)

IEC TS 60870-5-7:2025, which is a technical specification, describes messages and data formats for implementing IEC 62351-5:2023 for secure communication as an extension to IEC 60870-5-101 and IEC 60870-5-104.
The purpose of this document is to permit the receiver of any IEC 60870-5-101/-104 Application Protocol Data Unit (APDU) to verify that the APDU was transmitted by an authorized user and that the APDU was not modified in transit.
This document is also intended to be used, together with the definitions of IEC 62351-3:2023, in conjunction with the IEC 60870-5-104 companion standard.
The state machines, message sequences, and procedures for exchanging these messages are defined in IEC 62351-5:2023. This document describes only the message formats, selected options, critical operations, addressing considerations and other adaptations required to implement IEC 62351 in the IEC 60870-5-101 and IEC 60870-5-104 protocols.
In addition to the previous edition, this new edition of this document also addresses role-based access control, by utilizing the IEC 62351-8 RBAC approach and the already defined role to permission mapping from IEC 62351-5:2023.
The scope of this document does not include security for IEC 60870-5-102 or IEC 60870-5-103. IEC 60870-5-102 is in limited use only and will therefore not be addressed. Users of IEC 60870-5-103 desiring a secure solution need to implement IEC 61850 using the security measures from in IEC 62351 referenced in IEC 61850.
Management of keys, certificates or other cryptographic credentials within devices or on communication links other than IEC 60870-5-101/104 is out of the scope of this document and might be addressed by other IEC 62351 publications in the future.
This second edition cancels and replaces the first edition published in 2013. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) This edition has been completely revised with respect to the previous edition;
b) Alignment with updated versions of IEC 62351-3:2023 and IEC 62351-5:2023;
c) Definition of specific profiles for application layer and transport layer;
d) Introduction of Session Initiation Request to handle situations in which the called station reestablishes a connection;
e) Inclusion of multicast security for the unbalanced mode of IEC 60870-5-101 including key management;
f) Consideration of RBAC based on IEC 62351-8.
This Technical Specification is to be used in conjunction with IEC 62351-5:2023 and IEC 60870-5-104:2016.

  • Technical specification
    50 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-30:2025(Main)
Communication networks and systems for power utility automation - Part 90-30: IEC 61850 Function Modelling in SCL

IEC TR 61850-90-30:2025, which is a Technical Report, describes extensions of the SCL Substation/Process Section allowing the creation of a comprehensive, IED and hardware independent specification of an IEC 61850 based power system.
It addresses how to:
• decompose functions in SCL
• show function classifications in SCL
• relate functions with the SCL Substation and Process Section
• relate functions to Logical Nodes and IEDs/Specification IEDs
• present information flow between functions in a hardware/implementation independent way
• position Functions in relation to "Application Schemes", "Distributed Functions", "Protection Schemes"
• consider the relationship to Basic Application Profiles (BAP) defined in IEC TR 61850-7-6
The document addresses the engineering process as far as it is related to the specification of Functions and their instantiation in IEC 61850 based power system. This includes the impact on the SCL Process Section during system configuration.
The engineering process related to the definition of Applications and their instantiation is addressed in the Basic Application Profile Document (BAP) in IEC TR 61850-7-6.
The System Configuration process is described in IEC 61850-6.
Modifications and extensions of SCL are done in a way to guarantee backwards compatibility.
In addition, this document introduces:
• Some further elements to SCL that improve the content and usefulness of SSD files and facilitate the handling of SCL files for engineering purposes,
• New variants of IED specific files: ISD file and FSD files,
• Evolution of the engineering rights management, to first improve the usage of SED and add a new concept of System Configuration Collaboration (SCC file) which allows collaboration on the same project with different engineers.

  • Technical report
    184 pages
    English language
    sale 15% off