EURUSD
Your shopping cart is empty.
IEC

IEC 62351-7:2025

(Main)

Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models

Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models

IEC 62351-7:2025 defines network and system management (NSM) data object models that are specific to power system operations. These NSM data objects will be used to monitor the health of networks and systems, to detect possible security intrusions, and to manage the performance and reliability of the information infrastructure. The goal is to define a set of abstract objects that will allow the remote monitoring of the health and condition of IEDs (Intelligent Electronic Devices), RTUs (Remote Terminal Units), DERs (Distributed Energy Resources) systems and other systems that are important to power system operations.
Power systems operations are increasingly reliant on information infrastructures, including communication networks, IEDs, and self-defining communication protocols. Therefore, management of the information infrastructure has become crucial to providing the necessary high levels of security and reliability in power system operations.
The telecommunication infrastructure that is in use for the transport of telecontrol and automation protocols is already subject to health and condition monitoring control, using the concepts developed in the IETF Simple Network Management Protocol (SNMP) standards for network management. However, power system specific devices (like teleprotection, telecontrol, substation automation, synchrophasors, inverters and protections) need instead a specific solution for monitoring their health.
The NSM objects provide monitoring data for IEC protocols used for power systems (IEC 61850, IEC 60870-5-104) and device specific environmental and security status. As a derivative of IEC 60870-5-104, IEEE 1815 DNP3 is also included in the list of monitored protocols. The NSM data objects use the naming conventions developed for IEC 61850, expanded to address NSM issues. For the sake of generality these data objects, and the data types of which they are comprised, are defined as abstract models of data objects.
In addition to the abstract model, in order to allow the integration of the monitoring of power system devices within the NSM environment in this part of IEC 62351, a mapping of objects to the SNMP protocol of Management Information Base (MIBs) is provided.
The objects that are already covered by existing MIBs are not defined here but are expected to be compliant with existing MIB standards. For example protocols including EST, SCEP, RADIUS, LDAP, GDOI are not in scope.
This edition of IEC 62351-7 cancels and replaces IEC 62351-7 published in 2017. This new edition constitutes a technical revision and includes the following significant technical changes with respect to IEC 62351-7:
a) Reviewed and enriched the NSM object data model;
b) UML model adopted for NSM objects description;
c) SNMP protocol MIBs translation included as Code Components

Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes (NSM)

IEC 62351-7:2025 définit des modèles d'objets de données de gestion de réseaux et de systèmes (NSM) spécifiques aux opérations des systèmes de puissance. Ces objets de données NSM servent à surveiller la bonne santé des réseaux et des systèmes afin de détecter les intrusions de sécurité potentielles, et de gérer les performances et la fiabilité de l'infrastructure d'information. L'objectif est de définir un ensemble d'objets abstraits qui permet de surveiller à distance la bonne santé des appareils électroniques intelligents (IED), des terminaux à distance (RTU), des systèmes de ressources énergétiques décentralisées (DER) et des autres systèmes importants pour les opérations des systèmes de puissance.
Les opérations des systèmes de puissance reposent de plus en plus sur les infrastructures d'information, y compris les réseaux de communication, les IED et les protocoles de communication autodéfinis. Par conséquent, la gestion de l'infrastructure d'information est essentielle pour fournir les niveaux élevés nécessaires de sécurité et de fiabilité dans les opérations des systèmes de puissance.
L'infrastructure de télécommunication utilisée pour le transport des protocoles de téléconduite et d'automatisation est déjà soumise à la conduite de la surveillance de la bonne santé, en appliquant les concepts développés dans les normes de l'IETF concernant le protocole simple de gestion de réseau (SNMP, Simple Network Management Protocol), spécifiques à la gestion de réseau. Toutefois, une solution spécifique est nécessaire pour surveiller la bonne santé des dispositifs spécifiques aux systèmes de puissance (comme la téléprotection, la téléconduite, l'automatisation des postes, les synchrophaseurs, les onduleurs et les protections).
Les objets NSM fournissent des données de surveillance pour les protocoles IEC utilisés pour les systèmes de puissance (IEC 61850, IEC 60870-5-104), ainsi que des données d'environnement et d'état de sécurité spécifiques aux dispositifs. Dérivée de l'IEC 60870 5 104, l'IEEE 1815 DNP3 est également intégrée dans la liste des protocoles surveillés. Les objets de données NSM utilisent les conventions d'appellation développées pour l'IEC 61850, étendues pour traiter les questions liées à la NSM. À des fins de généralité, ces objets de données et les types de données dont ils sont constitués, sont définis comme modèles abstraits d'objets de données.
Outre le modèle abstrait, la présente partie de l'IEC 62351 fournit une mise en correspondance des objets pour la base d'informations de gestion (MIB) associée au protocole SNMP, afin de permettre l'intégration de la surveillance des dispositifs de puissance dans l'environnement NSM.
Les objets déjà couverts par les MIB existantes ne sont pas définis ici, mais sont réputés être conformes aux normes MIB existantes. Par exemple, les protocoles comprenant EST, SCEP, RADIUS, LDAP, GDOI, ne relèvent pas du domaine d'application de la présente partie de l'IEC 62351
Cette édition de l'IEC 62351-7 annule et remplace l'IEC 62351-7 parue en 2017. Cette nouvelle édition constitue une révision technique et inclut les modifications techniques majeures suivantes par rapport à l'IEC 62351-7:
a) revue et enrichissement du modèle de données d'objets NSM;
b) adoption du modèle UML pour la description des objets NSM;
c) traduction des MIB de protocole SNMP inclus comme composantes de code

General Information

Status
Published
Publication Date
02-Dec-2025
ICS
33.200 - Telecontrol. Telemetering
Technical Committee
TC 57 - Power systems management and associated information exchange
Drafting Committee
WG 15 - TC 57/WG 15
Current Stage
PPUB - Publication issued
Start Date
03-Dec-2025
Completion Date
03-Oct-2025
Ref Project

Relations

Revises
IEC TS 62351-7:2010 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and system management (NSM) data object models
Effective Date
05-Dec-2025
Revises
IEC 62351-7:2017 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models
Effective Date
05-Sep-2023
iec62351-7{ed2.0}en - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992iec62351-7{ed2.0}en - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992
PreviousNext
Standard
iec62351-7{ed2.0}en - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992
English language
130 pages
sale 15% off
Preview
sale 15% off
Preview
iec62351-7{ed2.0}fr - IEC 62351-7:2025 - Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes (NSM) Released:3. 12. 2025 Isbn:9782832706992iec62351-7{ed2.0}fr - IEC 62351-7:2025 - Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes (NSM) Released:3. 12. 2025 Isbn:9782832706992
PreviousNext
Standard
iec62351-7{ed2.0}fr - IEC 62351-7:2025 - Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes (NSM) Released:3. 12. 2025 Isbn:9782832706992
French language
140 pages
sale 15% off
Preview
sale 15% off
Preview
iec62351-7{ed2.0}b - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992iec62351-7{ed2.0}b - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992
PreviousNext
Standard
iec62351-7{ed2.0}b - IEC 62351-7:2025 - Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models Released:3. 12. 2025 Isbn:9782832706992
English and French language
270 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC 62351-7 ®
Edition 2.0 2025-12
INTERNATIONAL
STANDARD
Power systems management and associated information exchange - Data and
communications security -
Part 7: Network and System Management (NSM) data object models
ICS 33.200  ISBN 978-2-8327-0699-2

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or
by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either
IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright
or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local
IEC member National Committee for further information.

IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - IEC Products & Services Portal - products.iec.ch
webstore.iec.ch/advsearchform Discover our powerful search engine and read freely all the
The advanced search enables to find IEC publications by a
publications previews, graphical symbols and the glossary.
variety of criteria (reference number, text, technical With a subscription you will always have access to up to date
committee, …). It also gives information on projects, content tailored to your needs.
replaced and withdrawn publications.

Electropedia - www.electropedia.org
IEC Just Published - webstore.iec.ch/justpublished The world's leading online dictionary on electrotechnology,
Stay up to date on all new IEC publications. Just Published containing more than 22 500 terminological entries in English
details all new publications released. Available online and and French, with equivalent terms in 25 additional languages.
once a month by email. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Customer Service Centre - webstore.iec.ch/csc
If you wish to give us your feedback on this publication or
need further assistance, please contact the Customer
Service Centre: sales@iec.ch.
CONTENTS
FOREWORD . 8
1 Scope . 10
2 Normative references . 10
3 Terms and definitions . 12
4 Abbreviated terms and acronyms . 14
5 Overview of Network and System Management (NSM). 14
5.1 Objectives . 14
5.2 NSM concepts . 16
5.2.1 Simple Network Management Protocol (SNMP) . 16
5.2.2 ISO NSM categories . 16
5.2.3 NSM "data objects" for power system operations . 16
5.2.4 Other NSM protocols . 17
5.3 Communication network management . 17
5.3.1 Network configuration . 17
5.3.2 Network backup . 17
5.3.3 Communications failures and degradation . 18
5.4 Communication protocols . 18
5.5 End systems management . 19
5.6 Intrusion detection systems (IDS) . 20
5.6.1 IDS guidelines . 20
5.6.2 IDS: Passive observation techniques . 21
5.6.3 IDS: Active security monitoring architecture with NSM data objects . 21
5.7 End-to-end security . 22
5.7.1 End-to-end security concepts . 22
5.7.2 Role of NSM in end-to-end security . 23
5.8 NSM requirements: detection functions . 25
5.8.1 Detecting unauthorized access . 25
5.8.2 Detecting resource exhaustion as a denial of service (DoS) attack . 25
5.8.3 Detecting invalid buffer access DoS attacks . 26
5.8.4 Detecting tampered/malformed PDUs . 26
5.8.5 Detecting physical access disruption . 26
5.8.6 Detecting invalid network access . 27
5.8.7 Detecting coordinated attacks . 27
5.9 Abstract object and agent UML descriptions . 28
5.9.1 Purpose of UML . 28
5.9.2 Abstract types and base types . 28
5.9.3 Enumerated Types . 29
5.9.4 Abstract agents. 29
5.9.5 Unsolicited Event Notification . 32
5.9.6 UML Model extension . 32
5.10 Abstract Object UML translation to SNMP . 33
5.10.1 Simple Network Management Protocol (SNMP) . 33
5.10.2 Management information bases (MIBs). 33
5.11 SNMP mapping of UML model Objects . 34
5.12 SNMP Security . 36
6 Abstract objects . 38
6.1 General . 38
6.2 Package Abstract Types . 39
6.2.1 General. 39
6.2.2 BooleanValue . 39
6.2.3 BooleanValueTs . 39
6.2.4 CounterTs . 40
6.2.5 CntRs . 40
6.2.6 Floating . 40
6.2.7 FloatingTs . 41
6.2.8 EntityIndex . 41
6.2.9 Integer . 41
6.2.10 IntegerTs . 41
6.2.11 InetAddress . 42
6.2.12 InetAddressType . 42
6.2.13 MacAddress . 42
6.2.14 Selector . 43
6.2.15 Timestamp . 43
6.2.16 CharString. 43
6.2.17 CharStringTs . 43
6.2.18 AbstractBaseType root class . 44
6.2.19 AbstractAgent root class . 44
6.3 Package EnumeratedTypes . 44
6.3.1 General. 44
6.3.2 AppDatStKind enumeration . 44
6.3.3 PhyHealthKind enumeration . 44
6.3.4 ExtKind enumeration . 45
6.3.5 IntKind enumeration . 45
6.3.6 LnkKind enumeration . 45
6.3.7 PSPAccKind enumeration . 46
6.3.8 ProtIdKind enumeration . 46
6.3.9 EventKind enumeration. 46
6.3.10 TimSyncIssueKind enumeration . 47
6.3.11 SecurityProfileKind enumeration . 47
6.3.12 TimSyncSrcKind enumeration. 47
6.3.13 AppDatStType . 48
6.3.14 PhyHealthType . 48
6.3.15 ExtType . 48
6.3.16 IntType . 49
6.3.17 EventType . 49
6.3.18 PSPAccType . 49
6.3.19 ProtIdType . 49
6.3.20 TimSyncIssueType . 50
6.3.21 SecurityProfileType . 50
6.3.22 TimSyncSrcType . 50
6.3.23 GseSubsStKind enumeration . 50
6.3.24 GseSubsStType . 51
6.3.25 LnkType . 51
7 Agents . 51
7.1 Package Overview . 51
7.2 Package Environmental Agent . 52
7.2.1 General. 52
7.2.2 (nsmAgent) Environmental . 53
7.2.3 (nsmEntry) PSUPEntry . 54
7.2.4 (nsmEvent) Notification . 54
7.2.5 (nsmEvent) SecurityNotification . 55
7.3 Package IED Agent . 55
7.3.1 General. 55
7.3.2 (nsmAgent) IED . 56
7.3.3 (nsmEntry) CPUEntry . 58
7.3.4 (nsmEntry) EXTEntry . 58
7.3.5 (nsmEntry) STOREEntry .
...


IEC 62351-7 ®
Edition 2.0 2025-12
NORME
INTERNATIONALE
Gestion des systèmes de puissance et échanges d'informations associés -
Sécurité des communications et des données -
Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes
(NSM)
ICS 33.200  ISBN 978-2-8327-0699-2

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni
utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et
les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC -  IEC Products & Services Portal - products.iec.ch
webstore.iec.ch/advsearchform Découvrez notre puissant moteur de recherche et consultez
La recherche avancée permet de trouver des publications gratuitement tous les aperçus des publications, symboles
IEC en utilisant différents critères (numéro de référence, graphiques et le glossaire. Avec un abonnement, vous aurez
texte, comité d’études, …). Elle donne aussi des toujours accès à un contenu à jour adapté à vos besoins.
informations sur les projets et les publications remplacées
ou retirées. Electropedia - www.electropedia.org
Le premier dictionnaire d'électrotechnologie en ligne au
IEC Just Published - webstore.iec.ch/justpublished monde, avec plus de 22 500 articles terminologiques en
Restez informé sur les nouvelles publications IEC. Just anglais et en français, ainsi que les termes équivalents
Published détaille les nouvelles publications parues. dans 25 langues additionnelles. Egalement appelé
Disponible en ligne et une fois par mois par email. Vocabulaire Electrotechnique International (IEV) en ligne.

Service Clients - webstore.iec.ch/csc
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-
nous: sales@iec.ch.
SOMMAIRE
AVANT-PROPOS . 8
1 Domaine d'application . 10
2 Références normatives . 10
3 Termes et définitions. 12
4 Abréviations et acronymes . 14
5 Présentation de la gestion de réseaux et de systèmes (NSM). 15
5.1 Objectifs . 15
5.2 Concepts de NSM . 16
5.2.1 Protocole simple de gestion de réseau (SNMP) . 16
5.2.2 Catégories NSM de l'ISO . 17
5.2.3 "Data objects" (objets de données) NSM pour les opérations de
systèmes de puissance. 17
5.2.4 Autres protocoles NSM . 17
5.3 Gestion des réseaux de communication . 18
5.3.1 Configuration du réseau . 18
5.3.2 Sauvegarde de réseau . 18
5.3.3 Défaillances et détériorations des communications . 19
5.4 Protocoles de communication . 19
5.5 Gestion des systèmes terminaux . 20
5.6 Systèmes de détection d'intrusion (IDS) . 21
5.6.1 Lignes directrices pour IDS . 21
5.6.2 IDS: techniques d'observation passive . 22
5.6.3 IDS: architecture de surveillance de sécurité active avec objets de
données NSM . 23
5.7 Sécurité de bout en bout . 24
5.7.1 Concepts de sécurité de bout en bout . 24
5.7.2 Rôle de la NSM dans la sécurité de bout en bout . 25
5.8 Exigences NSM: fonctions de détection. 27
5.8.1 Détection d'un arrêt non autorisé . 27
5.8.2 Détection de l'épuisement des ressources sous forme d'une attaque par

déni de service (DoS) . 27
5.8.3 Détection des attaques par déni de service de l'accès à une mémoire
tampon non valide . 28
5.8.4 Détection de PDU falsifiées/mal formées . 28
5.8.5 Détection d'interruption d'accès physique . 29
5.8.6 Détection d'un accès réseau non valide . 29
5.8.7 Détection d'attaques coordonnées . 30
5.9 Descriptions UML des objets et agents abstraits . 30
5.9.1 Objet du langage UML . 30
5.9.2 Types abstraits et types de base . 31
5.9.3 Types énumérés . 32
5.9.4 Agents abstraits . 32
5.9.5 Notification d'événement non sollicité . 35
5.9.6 Extension de modèle UML . 35
5.10 Traduction du langage UML des objets abstraits en protocole SNMP . 35
5.10.1 Protocole simple de gestion de réseau (SNMP) . 35
5.10.2 Bases d'informations de gestion (MIB) . 36
5.11 Mise en correspondance SNMP des objets de modèle UML . 37
5.12 Sécurité SNMP . 38
6 Objets abstraits . 41
6.1 Généralités . 41
6.2 Ensemble Abstract Types . 41
6.2.1 Généralités . 41
6.2.2 BooleanValue . 41
6.2.3 BooleanValueTs . 42
6.2.4 CounterTs . 42
6.2.5 CntRs . 42
6.2.6 Floating . 43
6.2.7 FloatingTs . 43
6.2.8 EntityIndex . 43
6.2.9 Integer . 44
6.2.10 IntegerTs . 44
6.2.11 InetAddress . 44
6.2.12 InetAddressType . 45
6.2.13 MacAddress . 45
6.2.14 Selector . 45
6.2.15 Timestamp . 45
6.2.16 CharString. 46
6.2.17 CharStringTs . 46
6.2.18 Classe de racine AbstractBaseType . 46
6.2.19 Classe de racine AbstractAgent . 46
6.3 Ensemble EnumeratedTypes . 46
6.3.1 Généralités . 46
6.3.2 Énumération AppDatStKind . 47
6.3.3 Énumération PhyHealthKind . 47
6.3.4 Énumération ExtKind . 47
6.3.5 Énumération IntKind . 48
6.3.6 Énumération LnkKind . 48
6.3.7 Énumération PSPAccKind . 48
6.3.8 Énumération ProtIdKind . 48
6.3.9 Énumération EventKind . 49
6.3.10 Énumération TimSyncIssueKind . 50
6.3.11 Énumération SecurityProfileKind . 50
6.3.12 Énumération TimSyncSrcKind . 50
6.3.13 AppDatStType . 51
6.3.14 PhyHealthType . 52
6.3.15 ExtType . 52
6.3.16 IntType . 52
6.3.17 EventType . 52
6.3.18 PSPAccType . 53
6.3.19 ProtIdType . 53
6.3.20 TimSyncIssueType . 53
6.3.21 SecurityProfileType . 53
6.3.22 TimSyncSrcType . 54
6.3.23 Énumération GseSubsStKind . 54
6.3.24 GseSubsStType . 54
6.3.25 LnkType . 54
7 Agents . 55
7.1 Ensemble Overview . 55
7.2 Ensemble Environmental Agent . 56
7.2.1 Généralités . 56
7.2.2 (nsmAgent) Environmental . 57
7.2.3 (nsmEntry) PSUPEntry . 58
7.2.4 (nsmEvent) Notification . 59
7.2.5 (nsmEvent) SecurityNotification . 59
7.3 Ensemble IED Agent . 59
7.3.1 Généralités . 59
7.3.2 (
...


IEC 62351-7 ®
Edition 2.0 2025-12
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
Power systems management and associated information exchange - Data and
communications security -
Part 7: Network and System Management (NSM) data object models

Gestion des systèmes de puissance et échanges d'informations associés -
Sécurité des communications et des données -
Partie 7: Modèles d’objets de données de gestion de réseaux et de systèmes
(NSM)
ICS 33.200  ISBN 978-2-8327-0699-2

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or
by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either
IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC copyright
or have an enquiry about obtaining additional rights to this publication, please contact the address below or your local
IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite ni
utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie et
les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Secretariat Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - IEC Products & Services Portal - products.iec.ch
webstore.iec.ch/advsearchform Discover our powerful search engine and read freely all the
The advanced search enables to find IEC publications by a publications previews, graphical symbols and the glossary.
variety of criteria (reference number, text, technical With a subscription you will always have access to up to date
committee, …). It also gives information on projects, content tailored to your needs.
replaced and withdrawn publications.
Electropedia - www.electropedia.org
IEC Just Published - webstore.iec.ch/justpublished The world's leading online dictionary on electrotechnology,
Stay up to date on all new IEC publications. Just Published containing more than 22 500 terminological entries in English
details all new publications released. Available online and and French, with equivalent terms in 25 additional languages.
once a month by email. Also known as the International Electrotechnical Vocabulary
(IEV) online.
IEC Customer Service Centre - webstore.iec.ch/csc
If you wish to give us your feedback on this publication or
need further assistance, please contact the Customer
Service Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC -  IEC Products & Services Portal - products.iec.ch
webstore.iec.ch/advsearchform Découvrez notre puissant moteur de recherche et consultez
La recherche avancée permet de trouver des publications gratuitement tous les aperçus des publications, symboles
IEC en utilisant différents critères (numéro de référence, graphiques et le glossaire. Avec un abonnement, vous aurez
texte, comité d’études, …). Elle donne aussi des toujours accès à un contenu à jour adapté à vos besoins.
informations sur les projets et les publications remplacées
ou retirées. Electropedia - www.electropedia.org

Le premier dictionnaire d'électrotechnologie en ligne au
IEC Just Published - webstore.iec.ch/justpublished monde, avec plus de 22 500 articles terminologiques en
Restez informé sur les nouvelles publications IEC. Just anglais et en français, ainsi que les termes équivalents
Published détaille les nouvelles publications parues. dans 25 langues additionnelles. Egalement appelé
Disponible en ligne et une fois par mois par email. Vocabulaire Electrotechnique International (IEV) en ligne.

Service Clients - webstore.iec.ch/csc
Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-
nous: sales@iec.ch.
CONTENTS
FOREWORD . 8
1 Scope . 10
2 Normative references . 10
3 Terms and definitions . 12
4 Abbreviated terms and acronyms . 14
5 Overview of Network and System Management (NSM). 14
5.1 Objectives . 14
5.2 NSM concepts . 16
5.2.1 Simple Network Management Protocol (SNMP) . 16
5.2.2 ISO NSM categories . 16
5.2.3 NSM "data objects" for power system operations . 16
5.2.4 Other NSM protocols . 17
5.3 Communication network management . 17
5.3.1 Network configuration . 17
5.3.2 Network backup . 17
5.3.3 Communications failures and degradation . 18
5.4 Communication protocols . 18
5.5 End systems management . 19
5.6 Intrusion detection systems (IDS) . 20
5.6.1 IDS guidelines . 20
5.6.2 IDS: Passive observation techniques . 21
5.6.3 IDS: Active security monitoring architecture with NSM data objects . 21
5.7 End-to-end security . 22
5.7.1 End-to-end security concepts . 22
5.7.2 Role of NSM in end-to-end security . 23
5.8 NSM requirements: detection functions . 25
5.8.1 Detecting unauthorized access . 25
5.8.2 Detecting resource exhaustion as a denial of service (DoS) attack . 25
5.8.3 Detecting invalid buffer access DoS attacks . 26
5.8.4 Detecting tampered/malformed PDUs . 26
5.8.5 Detecting physical access disruption . 26
5.8.6 Detecting invalid network access . 27
5.8.7 Detecting coordinated attacks . 27
5.9 Abstract object and agent UML descriptions . 28
5.9.1 Purpose of UML . 28
5.9.2 Abstract types and base types . 28
5.9.3 Enumerated Types . 29
5.9.4 Abstract agents. 29
5.9.5 Unsolicited Event Notification . 32
5.9.6 UML Model extension . 32
5.10 Abstract Object UML translation to SNMP . 33
5.10.1 Simple Network Management Protocol (SNMP) . 33
5.10.2 Management information bases (MIBs). 33
5.11 SNMP mapping of UML model Objects . 34
5.12 SNMP Security . 36
6 Abstract objects . 38
6.1 General . 38
6.2 Package Abstract Types . 39
6.2.1 General. 39
6.2.2 BooleanValue . 39
6.2.3 BooleanValueTs . 39
6.2.4 CounterTs . 40
6.2.5 CntRs . 40
6.2.6 Floating . 40
6.2.7 FloatingTs . 41
6.2.8 EntityIndex . 41
6.2.9 Integer . 41
6.2.10 IntegerTs . 41
6.2.11 InetAddress . 42
6.2.12 InetAddressType . 42
6.2.13 MacAddress . 42
6.2.14 Selector . 43
6.2.15 Timestamp . 43
6.2.16 CharString. 43
6.2.17 CharStringTs . 43
6.2.18 AbstractBaseType root class . 44
6.2.19 AbstractAgent root class . 44
6.3 Package EnumeratedTypes . 44
6.3.1 General. 44
6.3.2 AppDatStKind enumeration . 44
6.3.3 PhyHealthKind enumeration . 44
6.3.4 ExtKind enumeration . 45
6.3.5 IntKind enumeration . 45
6.3.6 LnkKind enumeration . 45
6.3.7 PSPAccKind enumeration . 46
6.3.8 ProtIdKind enumeration . 46
6.3.9 EventKind enumeration. 46
6.3.10 TimSyncIssueKind enumeration . 47
6.3.11 SecurityProfileKind enumeration . 47
6.3.12 TimSyncSrcKind enumeration. 47
6.3.13 AppDatStType . 48
6.3.14 PhyHealthType . 48
6.3.15 ExtType . 48
6.3.16 IntType . 49
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC TR 62746-2:2025(Main)
Systems interface between customer energy management system and the power management system - Part 2: Use cases

IEC TR 62746-2:2025, which is a technical report, describes the main pillars of interoperability to assist different IEC Technical Committees in defining their interfaces and messages covering the whole chain between a Smart Grid and Smart Home/Building/Industrial area.
The main topics of this document are:
– To describe an architecture model from a logical point of view;
– To describe a set of user stories that describe a number of situations related to energy flexibility and demand side management as well as an outline of potential upcoming Smart Building and Smart Home scenarios. The set of user stories does not have the ambition to list all home and building (energy) management possibilities, but is meant as a set of examples that are used as input in use cases and to check that the set of use cases is complete;
– To describe a set of use cases based on the user stories and architecture. The use cases describe scenarios in which the communication between elements of the architecture are identified;
– To further detail the communication, identified in the use cases, by describing the messages and information to be exchanged.
This document can also be used as a blueprint for further smart home solutions like remote control, remote monitoring, ambient assistant living and so forth.
This technical report will be regularly revised by introducing new use cases and updating the current use cases. The use cases presented in this document are not going to be included in the IEC Use Case Management Repository (UCMR). The data models of some use cases presented here are defined in the second edition of IEC 62746-4 . The smart grid architecture model presented in this document is created in coordination with IEC TC13, SC23, and TC57
This second edition cancels and replaces the first edition published in 2015. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) The Architecture Model of the Smart Grid Coordination Group (Figure 6) has been replaced with the draft Architecture Model of TC57 in collaboration with SC23K and TC13;
b) The use cases from Edition 1 (2015) with the following IDs have been removed from the current document: JWG2000, JWG2001, JWG2010, JWG202x, JWG2041, JWG2042, JWG1111, WGSP2120, JWG30xx;
c) The use cases from Edition 1 (2015) with the following IDs: JWG1100, JWG1101, JWG-SPUC1102, and JWG1103 have been replaced with the use case JWG1100;
d) The following use cases have been added to the current document: JWG3000, JWG3001, JWG3002, JWG3003, JWG3004, JWG3005, JWG3006, JWG4000.

  • Technical report
    229 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-20:2025(Main)
Communication networks and systems for power utility automation - Part 90-20: Use cases of redundancy in systems

IEC TR 61850-90-20:2025, which is a technical report, describes use cases of redundancy in systems.
This document considers use cases of duplication of function and devices and covers redundancy of information flow at message level. Functional safety is out of scope of this document. To keep focus on details relevant for this document, some figures and drawings do not show electrical wiring, redundant coils, etc, where this is not important for the use case.
This document is not a guideline on the design of redundancy systems; guidance on designing redundancy systems can be found in textbooks

  • Technical report
    31 pages
    English language
    sale 15% off
IEC
IEC 61850-10:2012(Main)
Communication networks and systems for power utility automation - Part 10: Conformance testing

IEC 61850-10:2012 specifies standard techniques for testing of conformance of client, server and sampled value devices and engineering tools, as well as specific measurement techniques to be applied when declaring performance parameters. The use of these techniques will enhance the ability of the system integrator to integrate IEDs easily, operate IEDs correctly, and support the applications as intended. The major technical changes with regard to the previous edition are as follows:
- updates to server device conformance test procedures;
- additions of certain test procedures (client device conformance, sampled values device conformance, (engineering) tool related conformance, GOOSE performance).

  • Standard
    190 pages
    English language
    sale 15% off
  • Standard
    170 pages
    English and French language
    sale 15% off
IEC
IEC 61850-10:2012/AMD1:2025(Amendment)
Amendment 1 - Communication networks and systems for power utility automation - Part 10: Conformance testing
  • Standard
    72 pages
    English language
    sale 15% off
  • Standard
    75 pages
    French language
    sale 15% off
  • Standard
    147 pages
    English and French language
    sale 15% off
IEC
IEC TS 61850-6-3:2025(Main)
Communication networks and systems for power utility automation - Part 6-3: Format of machine-processable rules for validation of IEC 61850 XML-based files

IEC TS 61850-6-3:2025, which is a Technical Specification, describes how to use and define formal rules, in a machine-processable format: OCL, that can be imported and interpreted by tools.
The following main use cases are supported:
– Validate SCL files at every stage of the specification and engineering process;
– Verify the conformity of a SCL file after completion of the upgrading/downgrading rules;
– Extend standard OCL rules with private OCL rules
The purpose of this document is limited to the publication of the format and method to write correct and structured rules. The rules themselves are published as code components of the corresponding IEC 61850 parts.

  • Technical specification
    33 pages
    English language
    sale 15% off
IEC
IEC 62488-1:2025(Main)
Power line communication systems for power utility applications - Part 1: Planning of analogue and digital power line carrier systems operating over HV electricity grids

IEC 62488-1:2025 applies to the planning of analogue (APLC), digital (DPLC) and hybrid analogue-digital (ADPLC) power line carrier communication systems operating over HV electric power networks. The object of this document is to establish the planning of the services and performance parameters for the operational requirements to transmit and receive data efficiently and reliably.
Such analogue and digital power line carrier systems are used by the different electricity supply industries and integrated into their communication infrastructure using common communication technologies such as radio links, fibre optic and satellite networks
This second edition cancels and replaces the first edition published in 2012. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Complete revision of this edition with respect to the previous edition with the main focus on planning of analogue and digital power line carrier systems operating over HV power networks;
b) A general structure of a bidirectional point-to-multipoint APLC, DPLC or ADPLC link has been introduced;
c) Introduction of a new approach for global frequency planning.

  • Standard
    105 pages
    English language
    sale 15% off
  • Standard
    112 pages
    French language
    sale 15% off
  • Standard
    217 pages
    English and French language
    sale 15% off
IEC
IEC TS 61850-7-7:2018/AMD1:2023/COR1:2025(Amendment)
Corrigendum 1 - Amendment 1 - Communication networks and systems for power utility automation - Part 7-7: Machine-processable format of IEC 61850-related data models for tools
  • Technical specification
    3 pages
    English language
    sale 15% off
IEC
IEC TS 60870-5-7:2025(Main)
Telecontrol equipment and systems - Part 5-7: Transmission protocols - Security extensions to IEC 60870-5-101 and IEC 60870-5-104 protocols (applying IEC 62351)

IEC TS 60870-5-7:2025, which is a technical specification, describes messages and data formats for implementing IEC 62351-5:2023 for secure communication as an extension to IEC 60870-5-101 and IEC 60870-5-104.
The purpose of this document is to permit the receiver of any IEC 60870-5-101/-104 Application Protocol Data Unit (APDU) to verify that the APDU was transmitted by an authorized user and that the APDU was not modified in transit.
This document is also intended to be used, together with the definitions of IEC 62351-3:2023, in conjunction with the IEC 60870-5-104 companion standard.
The state machines, message sequences, and procedures for exchanging these messages are defined in IEC 62351-5:2023. This document describes only the message formats, selected options, critical operations, addressing considerations and other adaptations required to implement IEC 62351 in the IEC 60870-5-101 and IEC 60870-5-104 protocols.
In addition to the previous edition, this new edition of this document also addresses role-based access control, by utilizing the IEC 62351-8 RBAC approach and the already defined role to permission mapping from IEC 62351-5:2023.
The scope of this document does not include security for IEC 60870-5-102 or IEC 60870-5-103. IEC 60870-5-102 is in limited use only and will therefore not be addressed. Users of IEC 60870-5-103 desiring a secure solution need to implement IEC 61850 using the security measures from in IEC 62351 referenced in IEC 61850.
Management of keys, certificates or other cryptographic credentials within devices or on communication links other than IEC 60870-5-101/104 is out of the scope of this document and might be addressed by other IEC 62351 publications in the future.
This second edition cancels and replaces the first edition published in 2013. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) This edition has been completely revised with respect to the previous edition;
b) Alignment with updated versions of IEC 62351-3:2023 and IEC 62351-5:2023;
c) Definition of specific profiles for application layer and transport layer;
d) Introduction of Session Initiation Request to handle situations in which the called station reestablishes a connection;
e) Inclusion of multicast security for the unbalanced mode of IEC 60870-5-101 including key management;
f) Consideration of RBAC based on IEC 62351-8.
This Technical Specification is to be used in conjunction with IEC 62351-5:2023 and IEC 60870-5-104:2016.

  • Technical specification
    50 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-30:2025(Main)
Communication networks and systems for power utility automation - Part 90-30: IEC 61850 Function Modelling in SCL

IEC TR 61850-90-30:2025, which is a Technical Report, describes extensions of the SCL Substation/Process Section allowing the creation of a comprehensive, IED and hardware independent specification of an IEC 61850 based power system.
It addresses how to:
• decompose functions in SCL
• show function classifications in SCL
• relate functions with the SCL Substation and Process Section
• relate functions to Logical Nodes and IEDs/Specification IEDs
• present information flow between functions in a hardware/implementation independent way
• position Functions in relation to "Application Schemes", "Distributed Functions", "Protection Schemes"
• consider the relationship to Basic Application Profiles (BAP) defined in IEC TR 61850-7-6
The document addresses the engineering process as far as it is related to the specification of Functions and their instantiation in IEC 61850 based power system. This includes the impact on the SCL Process Section during system configuration.
The engineering process related to the definition of Applications and their instantiation is addressed in the Basic Application Profile Document (BAP) in IEC TR 61850-7-6.
The System Configuration process is described in IEC 61850-6.
Modifications and extensions of SCL are done in a way to guarantee backwards compatibility.
In addition, this document introduces:
• Some further elements to SCL that improve the content and usefulness of SSD files and facilitate the handling of SCL files for engineering purposes,
• New variants of IED specific files: ISD file and FSD files,
• Evolution of the engineering rights management, to first improve the usage of SED and add a new concept of System Configuration Collaboration (SCC file) which allows collaboration on the same project with different engineers.

  • Technical report
    184 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-21:2025(Main)
Communication networks and systems for power utility automation - Part 90-21: Travelling Wave Fault Location

IEC TR 61850-90-21:2025, which is a Technical Report, aims to provide background information, use cases, data models and guidance on the application of such a technique.
This document will
1) describe the principles of fault location based on travelling waves aided by communications;
2) specify use cases for this method under the following application scenarios:
a) Single-ended fault location,
b) Double-ended fault location through communications between two devices,
c) Double-ended fault location with communications to a master station,
d) Wide area fault location applications,
e) Pulse radar echo method,
f) Substation integration with other fault location and disturbance recording functions,
g) Testing and calibration;
3) describe the information model for each use case;
4) give guidance on scheme configuration.

  • Technical report
    98 pages
    English language
    sale 15% off