iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC 62351-3:2014/AMD1:2018

(Amendment)

Amendment 1 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP

Amendment 1 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP

Amendement 1 - Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 3: Sécurité des réseaux et des systèmes de communication - Profils comprenant TCP/IP

General Information

Status
Published
Publication Date
24-May-2018
ICS
01 - GENERALITIES. TERMINOLOGY. STANDARDIZATION. DOCUMENTATION
33.200 - Telecontrol. Telemetering
Technical Committee
TC 57 - Power systems management and associated information exchange
Drafting Committee
WG 15 - TC 57/WG 15
Current Stage
DELPUB - Deleted Publication
Completion Date
06-Jun-2023
Ref Project

Relations

Amends
IEC 62351-3:2014 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Effective Date
05-Sep-2023
Revised
IEC 62351-3:2023 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Effective Date
05-Sep-2023

Buy Standard

IEC 62351-3:2014/AMD1:2018 - Amendment 1 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IPIEC 62351-3:2014/AMD1:2018 - Amendment 1 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
PreviousNext
Standard
IEC 62351-3:2014/AMD1:2018 - Amendment 1 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
English and French language
17 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC 62351-3 ®
Edition 1.0 2018-05
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
A MENDMENT 1
AM ENDEMENT 1
Power systems management and associated information exchange – Data
and communications security –
Part 3: Communication network and system security – Profiles including TCP/IP

Gestion des systèmes de puissance et échanges d'informations associés –
Sécurité des communications et des données –
Partie 3: Sécurité des réseaux et des systèmes de communication – Profils
comprenant TCP/IP
IEC 62351-3:2014-10/AMD1:2018-05(en-fr)

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 21 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.

IEC publications search - webstore.iec.ch/advsearchform IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 67 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and

CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Catalogue IEC - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
Application autonome pour consulter tous les renseignements
Le premier dictionnaire en ligne de termes électroniques et
bibliographiques sur les Normes internationales,
électriques. Il contient 21 000 termes et définitions en anglais
Spécifications techniques, Rapports techniques et autres
et en français, ainsi que les termes équivalents dans 16
documents de l'IEC. Disponible pour PC, Mac OS, tablettes
langues additionnelles. Egalement appelé Vocabulaire
Android et iPad.
Electrotechnique International (IEV) en ligne.

Recherche de publications IEC -
Glossaire IEC - std.iec.ch/glossary
webstore.iec.ch/advsearchform
67 000 entrées terminologiques électrotechniques, en anglais
La recherche avancée permet de trouver des publications IEC et en français, extraites des articles Termes et Définitions des
en utilisant différents critères (numéro de référence, texte, publications IEC parues depuis 2002. Plus certaines entrées
comité d’études,…). Elle donne aussi des informations sur les antérieures extraites des publications des CE 37, 77, 86 et
projets et les publications remplacées ou retirées. CISPR de l'IEC.

IEC Just Published - webstore.iec.ch/justpublished Service Clients - webstore.iec.ch/csc
Restez informé sur les nouvelles publications IEC. Just Si vous désirez nous donner des commentaires sur cette
Published détaille les nouvelles publications parues. publication ou si vous avez des questions contactez-nous:
Disponible en ligne et aussi une fois par mois par email. sales@iec.ch.

IEC 62351-3 ®
Edition 1.0 2018-05
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
A MENDMENT 1
AM ENDEMENT 1
Power systems management and associated information exchange – Data

and communications security –
Part 3: Communication network and system security – Profiles including TCP/IP

Gestion des systèmes de puissance et échanges d'informations associés –

Sécurité des communications et des données –

Partie 3: Sécurité des réseaux et des systèmes de communication – Profils

comprenant TCP/IP
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 33.200 ISBN 978-2-8322-5720-3

– 2 – IEC 62351-3:2014/AMD1:2018
© IEC 2018
FOREWORD
This amendment to the International Standard IEC 62351-3 has been prepared by
IEC technical committee 57: Power systems management and associated information
exchange.
The text of this amendment is based on the following documents:
FDIS Report on voting
57/1976/FDIS 57/1990/RVD
Full information on the voting for the approval of this amendment can be found in the report
on voting indicated in the above table.
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
The committee has decided that the contents of this amendment and the base publication will
remain unchanged until the stability date indicated on the IEC website under
"http://webstore.iec.ch" in the data related to the specific publication. At this date, the
publication will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
_____________
2 Normative references
Replace the existing reference IEC TS 62351-9 with the following new reference:
IEC 62351-9, Power systems management and associated information exchange – Data and
communications security – Part 9: Cyber security key management for power system
equipment
Replace the existing reference IEC/ISO 9594-8 with the following new reference:
ISO/IEC 9594-8:2017, Rec. ITU-T X.509 (2016), Information technology – Open Systems
Interconnection – The Directory – Part 8: Public-key and attribute certificate frameworks
4.1 Operational requirements affecting the use of TLS in the telecontrol environment
Replace the existing text of the fifth paragraph of 4.1 with the following new text:
Note that TLS utilizes X.509 certificates (see also ISO/IEC 9594-8 or RFC 5280) for
authentication. In the context of this specification the term certificates always relates to
public-key certificates (in contrast to attribute certificates).

© IEC 2018
4.2 Security threats countered
Replace the existing text of the second paragraph of 4.2 with the following new text:
TCP/IP and the security specifications in this part of IEC 62351 cover only to the
communication transport layers (OSI layers 4 and lower). This part of IEC 62351 does not
cover security functionality specific for the communication application layers (OSI layers 5 and
above) or application-to-application security.
NOTE The application of TLS as profiled in this document supports the protection of information sent over the
TLS protected connection.
4.3 Attack methods countered
Replace the existing text of the first bullet point of Subclause 4.3 by the following new text:
– Man-in-the-middle: This threat is countered through the use of a Message Authentication
Code mechanism or digital signatures specified within this document.
5.1 Deprecation of cipher suites
Add the following new text before the fourth paragraph of 5.1:
The support of SHA-1 is intended for backward compatibility. SHA-256 shall be supported and
is the preferred signature algorithm to be used.
SHA-1 is no longer recognized as secure with respect collision resistance and it is therefore
strongly recommended to perform a risk assessment before using this algorithm. If SHA-256
cannot be used, it is also recommended that additional security measures be taken. The
usage of SHA-1 will be disallowed in the next edition of this standard.
NOTE Recommendations regarding hash signature algorithms are reviewed constantly and can be found in NIST
SP800-57, BNetzA (BSI), or the NSA Suite B.
Replace the existing text of the fourth paragraph of 5.1 by the following new text:
The list of disallowed suites includes, but is not limited to:
– TLS_NULL_WITH_NULL_NULL
– TLS_RSA_ WITH_NULL_MD5
5.2 Negotiation of Versions
Add the following new text at the end of Subclause 5.2:
The proposal of versions TLS 1.0 or TLS 1.1 should raise a security warning ("warning:
insecure TLS version"). Implementations should provide a mechanism for announcing security
warnings.
5.3 Session Resumption
Replace the existing text of Subclause 5.3 with the following new text:
Session resumption in TLS allows for the resumption of a session based on the session ID
connected with a dedicated (existing) master secret, which will result in a new session key.
This minimizes the performance impact of asymmetric handshakes, and can be done during a
running session or after a session has ended within a defined time period (TLS suggests not
more than 24 hours in RFC 5280). This specification follows this suggestion. Session
resumption should be performed at least every 24 hours for active sessions or not later than
24 hours for sessions that have ended. The actual parameters should be defined based on

– 4 – IEC 62351-3:2014/AMD1:2018
© IEC 2018
risk assessment from the referencing standard. Session resumption is expected to be more
frequent than session renegotiation.
Implementations claiming conformance to this standard shall specify that the symmetric
session keys shall be renewed within the maximum time period. This resumption maximum
time constraint is expected to be specified in a PIXIT of the referencing standard. The
maximum time period for session resumption shall be aligned with the CRL refresh time.
Session resumption intervals shall be configurable, so long as they are within the specified
maximum time period.
Clients shall initiate session resumption using the ClientHello message. A server initiated
update of session parameter shall use the HelloRequest message to trigger the client to send
a ClientHello message on the currently active connection.
NOTE According to RFC 5246 the HelloRequest is an optional message that the server may send to a client.
Session resumption may be initiated by either side, as long as the security policies for both
the client and the server permit this. In case of failures to resume a session, the failure
handling described in TLS v1.2 shall be followed.
Session resumption may be done based on the session identifier (native TLS according to
RFC 5246). Alternatively, session resumption may be done based on session tickets (RFC
5077). The latter option allows for avoiding server-side state for sessions, which can be
resumed. This option may apply for constraint devices to avoid a larger session cache.
NOTE Application of session tickets to avoid the session specific storage on the server side provides the benefit
in environments that tear down a connection and reconnect after a specific time. If session resumption is used to
update the session key of an ongoing session, there may be no benefit.
The session resumption approach may be specified by the referencing standard.
5.4 Session renegotiation
Replace the existing text of the second and the third paragraphs of 5.4 with the following new
text:
Session renegotiation intervals shall be configurable so long as they are within the specified
maximum time period, and shall be aligned with the CRL update period. If the Online
Certificate Status Protocol (OCSP) is used for certificate revocation checks, session
renegotiation shall be aligned with the OCSP response cache time. In any case, for long
lasting connections renegotiation shall be performed at least every 24 hours to enforce the
certificate validity check. Shorter intervals may be defined by the referencing standard.
NOTE An example alignment is ½ CRL refresh time or ½ OCSP response caching time to limit the possibility of
undetected revoked certifica
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 61970-301:2020(Main)
Energy management system application program interface (EMS-API) - Part 301: Common information model (CIM) base

IEC 61970-301:2020 lays down the common information model (CIM), which is an abstract model that represents all the major objects in an electric utility enterprise typically involved in utility operations. By providing a standard way of representing power system resources as object classes and attributes, along with their relationships, the CIM facilitates the integration of network applications developed independently by different vendors, between entire systems running network applications developed independently, or between a system running network applications and other systems concerned with different aspects of power system operations, such as generation or distribution management. SCADA is modeled to the extent necessary to support power system simulation and inter-control centre communication. The CIM facilitates integration by defining a common language (i.e. semantics) based on the CIM to enable these applications or systems to access public data and exchange information independent of how such information is represented internally.
This edition reflects the model content version ‘IEC61970CIM17v38’, dated ‘2020-01-21’, and includes the following significant technical changes with respect to the previous edition:
a) Added Feeder modelling;
b) Added ICCP configuration modelling;
c) Correction of issues found in interoperability testing or use of the standard;
d) Improved documentation;
e) Updated Annex A with custom extensions;
f) Added Annex B Examples of PST transformer modelling;
g) Added Annex C HVDC use cases.

  • Standard
    554 pages
    English language
    sale 15% off
  • Standard
    1158 pages
    English and French language
    sale 15% off
  • Standard
    2320 pages
    English and French language
    sale 15% off
IEC
IEC 61850-7-1:2011/AMD1:2020(Amendment)
Amendment 1 - Communication networks and systems for power utility automation - Part 7-1: Basic communication structure - Principles and models
  • Standard
    209 pages
    English and French language
    sale 15% off
IEC
IEC 61968-5:2020(Main)
Application integration at electric utilities - System interfaces for distribution management - Part 5: Distributed energy optimization

IEC 61968-5:2020 is the description of a set of functions that are needed for enterprise integration of DERMS functions. These exchanges are most likely between a DERMS and a DMS. However, since this is an enterprise integration standard which may leverage IEC 61968-100:2013 for application integration (using web services or JMS) or other loosely-coupled implementations, there are no technical limitations for systems with which a DERMS might exchange information. Also, it should be noted that a DERMS might communicate with individual DER using a variety of standards and protocols such as IEC 61850, IEEE 2030.5, Distribution Network Protocol (DNP), Sunspec Modbus, or perhaps Open Field Message Bus (OpenFMB). One role of the DERMS is to manage this disparity and complexity of communications on the behalf of the system operator. However, the communication to individual DER is out of scope of this standard. Readers should look to those standards to understand communication to individual DER’s smart inverter.
The scope will be limited to the following use case categories:
• DER group creation – a mechanism to manage DER in aggregate
• DER group maintenance – a mechanism to add, remove, or modify the members and/or aggregated capabilities of a given group of DER
• DER group deletion – removing an entire group
• DER group status monitoring – a mechanism for quantifying or ascertaining the current capabilities and/or status of a group of DER
• DER group forecast – a mechanism for predicting the capabilities and/or status of a group of DER for a given time period in the future
• DER group dispatch – a mechanism for requesting that specified capabilities of a group of DER be dispatched to the grid
• DER group voltage ramp rate control – a mechanism for requesting that a DER group following a ramp rate curve
• DER group connect/disconnect – a mechanism to request that DER either isolate themselves, or reconnect to the grid as needed.

  • Standard
    99 pages
    English and French language
    sale 15% off
IEC
IEC TR 61850-90-12:2020(Main)
Communication networks and systems for power utility automation - Part 90-12: Wide area network engineering guidelines

IEC TR 61850-90-12:2020, which is a Technical Report, is intended for an audience familiar with electrical power automation based on IEC 61850 and related power system management, and particularly for data network engineers and system integrators. It is intended to help them to understand the technologies, configure a wide area network, define requirements, write specifications, select components, and conduct tests.
This document provides definitions, guidelines, and recommendations for the engineering of WANs, in particular for protection, control and monitoring based on IEC 61850 and related standards.
This document addresses substation-to-substation communication, substation-to-control centre, and control centre-to-control centre communication. In particular, this document addresses the most critical aspects of IEC 61850 such as protection related data transmission via GOOSE and SMVs, and the multicast transfer of large volumes of synchrophasor data.
The document addresses issues such as topology, redundancy, traffic latency and quality of service, traffic management, clock synchronization, security, and maintenance of the network.
This document contains use cases that show how utilities tackle their WAN engineering. This second edition cancels and replaces the first edition published in 2015. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) extension of use case with respect to distribution and customer-side applications;
b) extensions of wireless access technologies as well as power line communication ones applicable to the above-mentioned use case;
c) revisions regarding radio communication technology performance;
d) extension of network migration with respect to packet switched network;
e) a new mapping of multiprotocol label switching technology to teleprotection.

  • Technical report
    259 pages
    English language
    sale 15% off
IEC
IEC TS 61850-1-2:2020(Main)
Communication networks and systems for power utility automation - Part 1-2: Guideline on extending IEC 61850

IEC TS 61850-1-2:2020, which is a technical specification, is intended for any users but primarily for standardization bodies that are considering using IEC 61850 as a base standard within the scope of their work and are willing to extend it as allowed by the IEC 61850 standards. This document identifies the required steps and high-level requirements in achieving such extensions of IEC 61850 and provides guidelines for the individual steps.
Within that scope, this document addresses the following cases:
• The management of product-level standards for products that have an interface based on IEC 61850
• The management of domain-level standards based on IEC 61850
• The management of transitional standards based on IEC 61850
• The management of private namespaces based on IEC 61850
• The development of standards offering the mapping of IEC 61850 data model at CDC level
• The development and management of IEC 61850 profiles for domains (underlying the role of IEC TR 62361-103 and IEC TR 61850-7-6)
This document includes both technical and process aspects:
On the technical side, this document:
• Reminds the main basic requirements (mostly referring to the appropriate parts of the series which host the requirements or recommendations)
• Lists all possible flexibilities offered by the standards
• Defines which flexibilities are allowed/possible per type of extension cases
On the process side, the document covers:
• The initial analysis of how the existing IEC 61850 object models and/or communication services may be applied and what allowed extensions may be required for utilizing them in new or specific domains (including private ones). The results of that step are expected to be documented
• The extension of the IEC 61850 object models for new domains. The typical associated work is to identify existing logical nodes which can be reused "as is", to determine if existing logical nodes can be extended, or to define new logical nodes
• The purpose and process to use transitional namespaces, which are expected to be merged eventually into an existing standard namespace
• The management of standard namespaces
• The development of private namespaces

  • Technical specification
    45 pages
    English language
    sale 15% off
  • Technical specification
    49 pages
    English language
    sale 15% off
IEC
IEC 61968-1:2020(Main)
Application integration at electric utilities - System interfaces for distribution management - Part 1: Interface architecture and general recommendations

IEC 61968-1:2020 is the first in a series that, taken as a whole, defines interfaces for the major elements of an interface architecture for power system management and associated information exchange.
This document identifies and establishes recommendations for standard interfaces based on an Interface Reference Model (IRM). Subsequent clauses of this document are based on each interface identified in the IRM. This set of standards is limited to the definition of interfaces. They provide for interoperability among different computer systems, platforms, and languages. IEC 61968-100 gives recommendations for methods and technologies to be used to implement functionality conforming to these interfaces.
As used in IEC 61968, distribution management consists of various distributed application components for the utility to manage electrical distribution networks. These capabilities include monitoring and control of equipment for power delivery, management processes to ensure system reliability, voltage management, demand-side management, outage management, work management, network model management, facilities management, and metering. The IRM is specified in Clause 3. The IRM defines the high-level view of the TC 57 reference architecture and the detailed in the relevant 61968 series, 61970 series or 62325 series. The goal of the IRM is to provide a common relevant context view for TC 57 that covers domains like transmission, distribution, market, generation, consumer, regional reliability operators, and regulators.
This third edition cancels and replaces the second edition published in 2012. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) update of IRM section, which has been out of date since the 2nd edition;
b) update to IRM model using ArchiMate modelling language;
c) addition of missing business functions and business objects;
d) alignment with newly released documents from the technical committee;
e) alignment with IEC 61968-100;
f) update of annexes.

  • Standard
    214 pages
    English and French language
    sale 15% off
IEC
IEC 62351-3:2014(Main)
Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP

IEC 62351-3:2014 specifies how to provide confidentiality, integrity protection, and message level authentication for SCADA and telecontrol protocols that make use of TCP/IP as a message transport layer when cyber-security is required. Although there are many possible solutions to secure TCP/IP, the particular scope of this part is to provide security between communicating entities at either end of a TCP/IP connection within the end communicating entities. This part of IEC 62351 reflects the security requirements of the IEC power systems management protocols.

  • Standard
    29 pages
    English and French language
    sale 15% off
  • Standard
    65 pages
    English and French language
    sale 15% off
  • Standard
    86 pages
    English and French language
    sale 15% off
IEC
IEC 62351-3:2014/AMD2:2020(Amendment)
Amendment 2 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
  • Standard
    21 pages
    English and French language
    sale 15% off
IEC
IEC 61850-7-4:2010(Main)
Communication networks and systems for power utility automation - Part 7-4: Basic communication structure - Compatible logical node classes and data object classes

IEC 61850-7-4:2010 specifies the information model of devices and functions generally related to common use regarding applications in systems for power utility automation. It also contains the information model of devices and function-related applications in substations. In particular, it specifies the compatible logical node names and data object names for communication between intelligent electronic devices (IED). This includes the relationship between logical nodes and data objects. Major technical changes with regard to the previous edition are as follows:
- corrections and clarifications according to technical issues raised by the users' community; extensions for new logical nodes for the power quality domain;
- extensions for the model for statistical and historical statistical data;
- extensions regarding IEC 61850-90-1;
- extensions for new logical nodes for monitoring functions according to IEC 62271;
- new logical nodes from IEC 61850-7-410 and IEC 61850-7-420 of general interest.
This publication is of core relevance for Smart Grid.

  • Standard
    179 pages
    English language
    sale 15% off
  • Standard
    490 pages
    English language
    sale 15% off
  • Standard
    421 pages
    English and French language
    sale 15% off
IEC
IEC 61850-9-2:2011/AMD1:2020(Amendment)
Amendment 1 - Communication networks and systems for power utility automation - Part 9-2: Specific communication service mapping (SCSM) - Sampled values over ISO/IEC 8802-3
  • Standard
    45 pages
    English and French language
    sale 15% off