iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
IEC

IEC 62351-6:2020

(Main)

Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850

Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850

IEC 62351-6:2020 specifies messages, procedures, and algorithms for securing the operation of all protocols based on or derived from the IEC 61850 series. This document applies to at least those protocols listed below:
IEC 61850-8-1 Communication networks and systems for power utility automation – Part 8-1: Specific communication service mapping (SCSM) – Mappings to MMS (ISO/IEC 9506-1 and ISO/IEC 9506-2) and to ISO/IEC 8802-3
IEC 61850-8-2 Communication networks and systems for power utility automation – Part 8-2: Specific communication service mapping (SCSM) – Mapping to Extensible Messaging Presence Protocol (XMPP)
IEC 61850-9-2 Communication networks and systems for power utility automation – Part 9-2: Specific communication service mapping (SCSM) – Sampled values over ISO/IEC 8802-3
IEC 61850-6 Communication networks and systems for power utility automation – Part 6: Configuration description language for communication in power utility automation systems related to IEDs
The initial audience for this document is intended to be the members of the working groups developing or making use of the protocols listed in Table 1. For the measures described in this specification to take effect, they must be accepted and referenced by the specifications for the protocols themselves. This document is written to enable that process.
The subsequent audience for this document is intended to be the developers of products that implement these protocols.
Portions of this document may also be of use to managers and executives in order to understand the purpose and requirements of the work.

Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 6: Sécurité pour l’IEC 61850

IEC 62351-6:2020 spécifie les messages, procédures et algorithmes qui permettent de sécuriser le fonctionnement de tous les protocoles fondés sur ou dérivés de la série IEC 61850.
Les premiers utilisateurs auxquels s’adresse le présent document sont les membres des groupes de travail qui développent ou utilisent les protocoles répertoriés dans le Tableau 1. Pour que les mesures décrites dans la présente spécification soient mises en œuvre, elles doivent être acceptées et référencées dans les spécifications des protocoles elles-mêmes. Le présent document est rédigé afin de permettre ce traitement. Les premiers utilisateurs auxquels s’adresse le présent document sont présumés être les concepteurs de produits qui mettent en œuvre ces protocoles.
Des parties du présent document peuvent aussi être utiles aux gestionnaires et aux dirigeants pour comprendre l'objectif d’une activité et les exigences correspondantes.

General Information

Status
Published
Publication Date
19-Oct-2020
ICS
33.200 - Telecontrol. Telemetering
Technical Committee
TC 57 - Power systems management and associated information exchange
Drafting Committee
WG 15 - TC 57/WG 15
Current Stage
PPUB - Publication issued
Start Date
18-Sep-2020
Completion Date
20-Oct-2020
Ref Project

Relations

Revises
IEC TS 62351-6:2007 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
Effective Date
05-Sep-2023

Buy Standard

IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
PreviousNext
Standard
IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
English language
33 pages
sale 15% off
Preview
sale 15% off
Preview
IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
PreviousNext
Standard
IEC 62351-6:2020 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
English and French language
67 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange –
Data and communication security –
Part 6: Security for IEC 61850
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
colour
inside
Power systems management and associated information exchange –

Data and communication security –

Part 6: Security for IEC 61850

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 33.200 ISBN 978-2-8322-8766-8

– 2 – IEC 62351-6:2020 © IEC 2020
CONTENTS
FOREWORD . 4
1 Scope and object . 6
1.1 Scope . 6
1.2 Namespace name and version . 6
1.3 Code Component distribution . 7
2 Normative references . 7
3 Terms, definitions and abbreviated terms . 8
3.1 Terms and definitions . 8
3.2 Abbreviated terms . 8
4 Security issues addressed by this document . 9
4.1 Operational issues affecting choice of security options . 9
4.2 Security threats countered . 9
4.3 Attack methods countered . 9
5 Correlation of IEC 61850 parts and IEC 62351 parts . 9
5.1 General . 9
5.2 IEC 61850-8-1 Profile for Client/Server communications . 10
5.2.1 General . 10
5.2.2 Control centre to substation . 11
5.2.3 Substation communications . 11
5.3 IEC 61850 security for profiles using VLAN IDs . 11
5.4 IEC 61850-8-2 for Client/Server communications . 11
5.5 Using OriginatorID for Client/Server Services. 11
6 Multicast Association Protocols . 12
6.1 General . 12
6.2 Replay Protection . 12
6.2.1 GOOSE replay protection . 12
6.2.2 Sampled Value replay protection . 16
7 Security for SNTP . 19
8 Layer 2 security for profiles for IEC 61850-8-1 GOOSE and IEC 61850-9-2
Sampled Value . 20
8.1 Overview of Ethertype (informative) . 20
8.2 Extended PDU . 20
8.2.1 General format of extended PDU . 20
8.2.2 Format of extension octets . 21
9 Substation configuration language extensions . 25
9.1 Service capability . 25
9.1.1 Access Point support security for GOOSE Publisher . 25
9.1.2 Access Point support security for SV Publisher . 25
9.1.3 Acces Point support security for GOOSE and SMV subscriber . 25
9.1.4 Server Access Point support security for TPAA . 26
9.1.5 Client Access Point support security for TPAA . 26
9.2 Publish with security enabled . 26
9.2.1 GOOSE . 26
9.2.2 SMV . 26
9.2.3 Key Policy and Management . 27
9.3 Use of Simulation . 27

10 Extension of LGOS and LSVS . 27
11 Conformance . 27
11.1 General conformance . 27
11.2 Conformance for implementations claiming IEC 61850-8-1 ISO 9506 profile
security . 28
11.2.1 General . 28
11.2.2 IEC 62351-4 TLS Conformity for ISO-9506 Client/Server Profile using

ACSE Authentication . 29
11.3 Conformance for implementations claiming VLAN profile security . 29
11.4 Conformance for implementations claiming SNTP profile security . 32
Bibliography . 33

Figure 1 – MMS Security Profiles . 10
Figure 2 – Replay Protection State Machine for GOOSE . 13
Figure 3 – Replay Protection State Machine for SV . 17
Figure 4 – General format of extended PDU . 20
Figure 5 – Definition of Reserved 1 . 20
Figure 6 – Calculated MAC Domain . 22
Figure 7 – AES-GCM application on the example of a L2 GOOSE/SV packet. . 23

Table 1 – Scope of application to standards . 6
Table 2 – Extract from IEC 61850-9-2 (Informative) . 16
Table 3 – Extension of the LGOS class . 27
Table 4 – Extension of the LSVS class . 27
Table 5 – Conformance table . 28
Table 6 – PICS for IEC 61850-8-1 ISO 9506 profile . 28
Table 7 – PICS for TLS IEC 61850-8-1 Client/Server using ACSE Authentication . 29
Table 8 – PICS for VLAN profiles . 30
Table 9 – IEC 61850-8-1 L2 GOOSE Security . 30
Table 10 – IEC 61850-9-2 L2 SMV Security . 31
Table 11 – IEC 61850-8-1 Routable GOOSE . 31
Table 12 – IEC 61850-9-2 Routable SMV . 32
Table 13 – PICS for SNTP profiles . 32

– 4 – IEC 62351-6:2020 © IEC 2020
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION
EXCHANGE – DATA AND COMMUNICATION SECURITY –

Part 6: Security for IEC 61850

FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote international
co-operation on all questions concerning standardization in the electrical and electronic fields. To this end and
in addition to other activities, IEC publishes International Standards, Technical Specifications, Technical Reports,
Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC Publication(s)”). Their
preparation is entrusted to technical committees; any IEC National Committee interested in the subject dealt with
may participate in this preparatory work. International, governmental and non-governmental organizations liaising
with the IEC also participate in this preparation. IEC collaborates closely with the International Organization for
Standardization (ISO) in accordance with conditions determined by agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence between
any IEC Publication and the corresponding national or regional publication shall be clearly indicated in the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services an
...


IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Power systems management and associated information exchange –
Data and communication security –
Part 6: Security for IEC 61850

Gestion des systèmes de puissance et échanges d'informations associés –
Sécurité des communications et des données –
Partie 6: Sécurité pour l’IEC 61850

All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

Droits de reproduction réservés. Sauf indication contraire, aucune partie de cette publication ne peut être reproduite
ni utilisée sous quelque forme que ce soit et par aucun procédé, électronique ou mécanique, y compris la photocopie
et les microfilms, sans l'accord écrit de l'IEC ou du Comité national de l'IEC du pays du demandeur. Si vous avez des
questions sur le copyright de l'IEC ou si vous désirez obtenir des droits supplémentaires sur cette publication, utilisez
les coordonnées ci-après ou contactez le Comité national de l'IEC de votre pays de résidence.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigendum or an amendment might have been published.

IEC publications search - webstore.iec.ch/advsearchform Electropedia - www.electropedia.org
The advanced search enables to find IEC publications by a The world's leading online dictionary on electrotechnology,
variety of criteria (reference number, text, technical containing more than 22 000 terminological entries in English
committee,…). It also gives information on projects, replaced and French, with equivalent terms in 16 additional languages.
and withdrawn publications. Also known as the International Electrotechnical Vocabulary

(IEV) online.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Glossary - std.iec.ch/glossary
details all new publications released. Available online and 67 000 electrotechnical terminology entries in English and
once a month by email. French extracted from the Terms and Definitions clause of
IEC publications issued since 2002. Some entries have been
IEC Customer Service Centre - webstore.iec.ch/csc collected from earlier publications of IEC TC 37, 77, 86 and
If you wish to give us your feedback on this publication or CISPR.

need further assistance, please contact the Customer Service

Centre: sales@iec.ch.
A propos de l'IEC
La Commission Electrotechnique Internationale (IEC) est la première organisation mondiale qui élabore et publie des
Normes internationales pour tout ce qui a trait à l'électricité, à l'électronique et aux technologies apparentées.

A propos des publications IEC
Le contenu technique des publications IEC est constamment revu. Veuillez vous assurer que vous possédez l’édition la
plus récente, un corrigendum ou amendement peut avoir été publié.

Recherche de publications IEC - Electropedia - www.electropedia.org
webstore.iec.ch/advsearchform Le premier dictionnaire d'électrotechnologie en ligne au
La recherche avancée permet de trouver des publications IEC monde, avec plus de 22 000 articles terminologiques en
en utilisant différents critères (numéro de référence, texte, anglais et en français, ainsi que les termes équivalents dans
comité d’études,…). Elle donne aussi des informations sur les 16 langues additionnelles. Egalement appelé Vocabulaire
projets et les publications remplacées ou retirées. Electrotechnique International (IEV) en ligne.

IEC Just Published - webstore.iec.ch/justpublished Glossaire IEC - std.iec.ch/glossary
Restez informé sur les nouvelles publications IEC. Just 67 000 entrées terminologiques électrotechniques, en anglais
Published détaille les nouvelles publications parues. et en français, extraites des articles Termes et Définitions des
Disponible en ligne et une fois par mois par email. publications IEC parues depuis 2002. Plus certaines entrées
antérieures extraites des publications des CE 37, 77, 86 et
Service Clients - webstore.iec.ch/csc CISPR de l'IEC.

Si vous désirez nous donner des commentaires sur cette
publication ou si vous avez des questions contactez-nous:
sales@iec.ch.
IEC 62351-6 ®
Edition 1.0 2020-10
INTERNATIONAL
STANDARD
NORME
INTERNATIONALE
colour
inside
Power systems management and associated information exchange –

Data and communication security –

Part 6: Security for IEC 61850

Gestion des systèmes de puissance et échanges d'informations associés –

Sécurité des communications et des données –

Partie 6: Sécurité pour l’IEC 61850

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
COMMISSION
ELECTROTECHNIQUE
INTERNATIONALE
ICS 33.200 ISBN 978-2-8322-9166-5

– 2 – IEC 62351-6:2020 © IEC 2020
CONTENTS
FOREWORD . 4
1 Scope and object . 6
1.1 Scope . 6
1.2 Namespace name and version . 6
1.3 Code Component distribution . 7
2 Normative references . 7
3 Terms, definitions and abbreviated terms . 8
3.1 Terms and definitions . 8
3.2 Abbreviated terms . 8
4 Security issues addressed by this document . 9
4.1 Operational issues affecting choice of security options . 9
4.2 Security threats countered . 9
4.3 Attack methods countered . 9
5 Correlation of IEC 61850 parts and IEC 62351 parts . 10
5.1 General . 10
5.2 IEC 61850-8-1 Profile for Client/Server communications . 10
5.2.1 General . 10
5.2.2 Control centre to substation . 11
5.2.3 Substation communications . 11
5.3 IEC 61850 security for profiles using VLAN IDs . 11
5.4 IEC 61850-8-2 for Client/Server communications . 11
5.5 Using OriginatorID for Client/Server Services. 11
6 Multicast Association Protocols . 12
6.1 General . 12
6.2 Replay Protection . 12
6.2.1 GOOSE replay protection . 12
6.2.2 Sampled Value replay protection . 16
7 Security for SNTP . 19
8 Layer 2 security for profiles for IEC 61850-8-1 GOOSE and IEC 61850-9-2
Sampled Value . 20
8.1 Overview of Ethertype (informative) . 20
8.2 Extended PDU . 20
8.2.1 General format of extended PDU . 20
8.2.2 Format of extension octets . 21
9 Substation configuration language extensions . 25
9.1 Service capability . 25
9.1.1 Access Point support security for GOOSE Publisher . 25
9.1.2 Access Point support security for SV Publisher . 25
9.1.3 Acces Point support security for GOOSE and SMV subscriber . 25
9.1.4 Server Access Point support security for TPAA . 26
9.1.5 Client Access Point support security for TPAA . 26
9.2 Publish with security enabled . 26
9.2.1 GOOSE . 26
9.2.2 SMV . 26
9.2.3 Key Policy and Management . 27
9.3 Use of Simulation . 27

10 Extension of LGOS and LSVS . 27
11 Conformance . 27
11.1 General conformance . 27
11.2 Conformance for implementations claiming IEC 61850-8-1 ISO 9506 profile
security . 28
11.2.1 General . 28
11.2.2 IEC 62351-4 TLS Conformity for ISO-9506 Client/Server Profile using

ACSE Authentication . 29
11.3 Conformance for implementations claiming VLAN profile security . 29
11.4 Conformance for implementations claiming SNTP profile security . 32
Bibliography . 33

Figure 1 – MMS Security Profiles . 10
Figure 2 – Replay Protection State Machine for GOOSE . 13
Figure 3 – Replay Protection State Machine for SV . 17
Figure 4 – General format of extended PDU . 20
Figure 5 – Definition of Reserved 1 . 20
Figure 6 – Calculated MAC Domain . 22
Figure 7 – AES-GCM application on the example of a L2 GOOSE/SV packet. . 23

Table 1 – Scope of application to standards . 6
Table 2 – Extract from IEC 61850-9-2 (Informative) . 16
Table 3 – Extension of the LGOS class . 27
Table 4 – Extension of the LSVS class . 27
Table 5 – Conformance table . 28
Table 6 – PICS for IEC 61850-8-1 ISO 9506 profile . 28
Table 7 – PICS for TLS IEC 61850-8-1 Client/Server using ACSE Authentication . 29
Table 8 – PICS for VLAN profiles . 30
Table 9 – IEC 61850-8-1 L2 GOOSE Security .
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

IEC
IEC 61970-457:2024(Main)
Energy management system application program interface (EMS-API) - Part 457: Dynamics profile

IEC 61970-457:2024 specifies a standard interface for exchanging dynamic model information needed to support the analysis of the steady state stability (small-signal stability) and/or transient stability of a power system or parts of it. The schema(s) for expressing the dynamic model information are derived directly from the CIM, more specifically from IEC 61970-302.
The scope of this document includes only the dynamic model information that needs to be exchanged as part of a dynamic study, namely the type, description and parameters of each control equipment associated with a piece of power system equipment included in the steady state solution of a complete power system network model. Therefore, this profile is dependent upon other standard profiles for the equipment as specified in IEC 61970-452: CIM static transmission network model profiles, the topology, the steady state hypothesis and the steady state solution (as specified in IEC 61970-456: Solved power system state profiles) of the power system, which bounds the scope of the exchange. The profile information described by this document needs to be exchanged in conjunction with IEC 61970-452 and IEC 61970-456 profiles’ information to support the data requirements of transient analysis tools. IEC 61970-456 provides a detailed description of how different profile standards can be combined to form various types of power system network model exchanges.
This document supports the exchange of the following types of dynamic models:
• standard models: a simplified approach to exchange, where models are contained in predefined libraries of classes interconnected in a standard manner that represent dynamic behaviour of elements of the power system. The exchange only indicates the name of the model along with the attributes needed to describe its behaviour.
• proprietary user-defined models: an exchange that would provide users the ability to exchange the parameters of a model representing a vendor or user proprietary device where an explicit description of the model is not described in this document. The connections between the proprietary models and standard models are the same as described for the standard models exchange. Recipient of the data exchange will need to contact the sender for the behavioural details of the model.
This document builds on IEC 61970-302, CIM for dynamics which defines the descriptions of the standard dynamic models, their function block diagrams, and how they are interconnected and associated with the static network model. This type of model information is assumed to be pre-stored by all software applications hence it is not necessary to be exchanged in real-time or as part of a dynamics model exchange.
This second edition cancels and replaces the first edition published in 2021. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) The majority of issues detected in IEC 61970-302:2018 and fixed in IEC 61970-302:2022 led to update of this document;
b) IEEE 421.5-2016 on Excitation systems is fully covered;
c) IEEE turbine report from 2013 was considered and as a result a number of gas, steam and hydro turbines/governors are added;
d) IEC 61400-27-1:2020 on wind turbines is fully incorporated;
e) WECC Inverter-Based Resource (IBR) models, Hybrid STATCOM models and storage models are added;
f) The user defined models approach was enhanced in IEC 61970-302:2022 adding a model which enables modelling of a detailed dynamic model. This results in the creation of two additional profiles in this document. These are the Detailed Model Configuration profile and Detailed Model Parameterisation profile;
g) A model to enable exchange of simulation results was added in IEC 61970-302:2022. This results in the creation of two additional profiles in this document. These are the Simulation Settings profile and Simulation Results profile;
h) The work on the

  • Standard
    1549 pages
    English and French language
    sale 15% off
IEC
IEC TR 61850-80-5:2024(Main)
Communication networks and systems for power utility automation - Part 80-5: Guideline for mapping information between IEC 61850 and IEC 61158-15

IEC TR 61850-80-5:2024, which is a Technical Report, specifies the mapping rules for building and configuring a system using both IEC 61850 and IEC 61158-6 (Industrial communication networks - Fieldbus specification, CPF Type 15, Modbus) protocols by utilizing gateways between IEC 61850 and IEC 61158-6 IEDs / subsystems. The objective is to enable operational run-time data exchange among these IEDs / subsystems, and to automate the configuration of a gateway as much as possible.
Please note that for the purposes of this document, "Modbus" is used to represent both serial Modbus (Modbus RTU) and IEC 61158-6 (Modbus TCP).
Within the capability of each protocol, some configuration attributes (IEC 61850-7-3:2010+AMD1:2020 attributes with functional constraint CF) are also mapped in addition to the operational real-time data.
The rules specified in this document are based on the published standards and do not make any proposed changes to IEC 61850 or 61158-6. This standard does not specify any rules for an IEC 61850 IED to directly communicate with a Modbus IED and vice versa, except through a gateway.
This document does not mandate which data items that a particular IED shall support, regardless of whether the implementation uses Modbus or IEC 61850. Instead this document provides rules specifying how a gateway maps any given data item from one protocol to the other, given that the data item is already available and is transmitted using one of the protocols.
Similarly, this document does not mandate which mapping rules a given gateway shall support. When this document is republished as a Technical Specification, conformance requirements will be identified.
This document recognizes that there will be situations in which a user will require that a gateway perform non-standard protocol mappings. Non-standard mappings are outside the scope of this document.
This document also recognizes that gateways typically manipulate the data passing through them in a variety of ways. Some of these functions include alarm trigger grouping, data suppression, interlocking and command blocking. Conformance to this document does not preclude a gateway from performing such functions, even though this document primarily specifies "straight through" mapping of Modbus data to IEC 61850-7-3:2010+AMD1:2020 data. Subclause 7.4 of this document describes how some of these functions may be specified to a gateway by a mapping tool using equation notation in XML. However, some of these functions may be too complex for a mapping tool to specify in an automated manner.
The mapping architecture for the exchange of the run-time information consists of four parts:
1) Conceptual architecture of a gateway and associated use case
2) Mapping of the information model (Assign semantic to the Modbus data)
3) Mapping of the data (which is in fact part of the information model)
4) Mapping of the services (out of scope for this document)

  • Technical report
    47 pages
    English language
    sale 15% off
IEC
IEC 61970-302:2024(Main)
Energy management system application program interface (EMS-API) - Part 302: Common information model (CIM) dynamics

IEC 61970-302:2024 specifies a Dynamics package which contains part of the CIM to support the exchange of models between software applications that perform analysis of the steady-state stability (small-signal stability) or transient stability of a power system as defined by IEEE / CIGRE, Definition and classification of power system stability IEEE/CIGRE joint task force on stability terms and definitions.
The model descriptions in this document provide specifications for each type of dynamic model as well as the information that needs to be included in dynamic case exchanges between planning/study applications.
The scope of the CIM Dynamics package specified in this document includes:
• standard models: a simplified approach to describing dynamic models, where models representing dynamic behaviour of elements of the power system are contained in predefined libraries of classes which are interconnected in a standard manner. Only the names of the selected elements of the models along with their attributes are needed to describe dynamic behaviour.
• proprietary user-defined models: an approach providing users the ability to define the parameters of a dynamic behaviour model representing a vendor or user proprietary device where an explicit description of the model is not provided by this document. The same libraries and standard interconnections are used for both proprietary user-defined models and standard models. The behavioural details of the model are not documented in this document, only the model parameters.
• A model to enable exchange of models’ descriptions. This approach can be used to describe user defined and standard models.
• A model to enable exchange of simulation results.
This second edition cancels and replaces the first edition published in 2018. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) The majority of issues detected in IEC 61970-302:2018 are addressed;
b) IEEE 421.5-2016 on Excitation systems is fully covered;
c) The IEEE turbine report from 2013 was considered and as a result a number of gas, steam and hydro turbines/governors are added;
d) IEC 61400-27-1:2020 on wind turbines is fully incorporated;
e) WECC Inverter-Based Resource (IBR) models, Hybrid STATCOM models and storage models are added;
f) The user defined models are enhanced with a model which enables modelling of detailed dynamic model;
g) A model to enable exchange of simulation results is added;
h) The work on the HVDC models is not complete. The HVDC dynamics models are a complex domain in which there are no models that are approved or widely recognised on international level, i.e. there are only project-based models. At this stage IEC 61970-302:2022 only specifies some general classes. However, it is recognised that better coverage of HVDC will require a further edition of this document;
i) Models from IEEE 1547-2018 "IEEE Standard for Interconnection and Interoperability of Distributed Energy Resources with Associated Electric Power Systems Interfaces" are added.
j) Statements have been added to certain figures, tables, schemas, and enumerations throughout the document that indicate that they are reproduced with the permission of the UCA International User Group (UCAIug). These items are derived from the CIM.

  • Standard
    1752 pages
    English and French language
    sale 15% off
IEC
IEC TS 62351-100-4:2023(Main)
Power systems management and associated information exchange - Data and communication security - Part 100-4: Cybersecurity conformance testing for IEC 62351-4

IEC TS 62351-100-4:2023, which is a technical specification, describes test procedures for interoperability conformance testing of data and communication security for power system automation and protection systems which implement MMS, IEC 61850-8-1 (MMS), IEC 61850-8-2 (XMPP) or any other protocol implementing IEC 62351-4:2018/AMD1:2020. The tests described in this document cover only E2E security testing and do not evaluate A-security profile implementation. Thus, citing conformance to this document does not imply that any particular security level has been achieved by the corresponding product, or by the system in which it is used.
The goal of this document is to enable interoperability by providing a standard method of testing protocol implementations, but it does not guarantee the full interoperability of devices. It is expected that using this document during testing will minimize the risk of non interoperability. Additional testing and assurance measures will be required to verify that a particular implementation of IEC 62351-4:2018/AMD1:2020 has correctly implemented all the security functions and that they can be assured to be present in the delivered products. This topic is covered in other IEC standards, for example IEC 62443.
The scope of this document is to specify available common procedures and definitions for conformance and/or interoperability testing of IEC 62351-4:2018/AMD1:2020.
This document deals mainly with cyber security conformance testing; therefore, other requirements, such as safety or EMC are not covered. These requirements are covered by other standards (if applicable) and the proof of compliance for these topics is done according to these standards.
T-profile testing is to be performed prior to E2E security profile testing. T-profile testing is described in IEC 62351-100-3 in the context of IEC 61850-8-1. T-profile testing for IEC 61850-8-2 is to be described in the corresponding IEC 61850-8-2 test specification.

  • Technical specification
    109 pages
    English language
    sale 15% off
IEC
IEC 60870-5-104:2006/AMD1:2016/COR1:2023(Amendment)
Corrigendum 1 - Amendment 1 - Telecontrol equipment and systems - Part 5-104: Transmission protocols - Network access for IEC 60870-5-101 using standard transport profiles
  • Standard
    1 page
    English and French language
    sale 15% off
IEC
IEC TR 61850-90-7:2023(Main)
Communication networks and systems for power utility automation - Part 90-7: Object models for power converters in distributed energy resources (DER) systems

IEC TR 61850-90-7:2023 is available as IEC TR 61850-90-7:2023 RLV which contains the International Standard and its Redline version, showing all changes of the technical content compared to the previous edition.IEC TR 61850-90-7:2023, which is a Technical Report, describes functions for power converter-based distributed energy resources (DER) systems, focused on DC-to-AC and AC-to-AC conversions and including photovoltaic systems (PV), battery storage systems, electric vehicle (EV) charging systems, and any other DER systems with a controllable power converter. The functions defined in this document were used to help define the information models described in IEC 61850-7-420 and which can be used in the exchange of information between these power converter-based DER systems and the utilities, energy service providers (ESPs), or other entities which are tasked with managing the volt, var, and watt capabilities of these power converter-based systems. These power converter-based DER systems can range from very small grid-connected systems at residential customer sites, to medium-sized systems configured as microgrids on campuses or communities, to very large systems in utility-operated power plants, and to many other configurations and ownership models. They may or may not combine different types of DER systems behind the power converter, such as a power converter-based DER system and a battery that are connected at the DC level. This second edition cancels and replaces the first edition published in 2013. This edition is primarily an editorial revision in order to be consistent with the publication of Edition 2 of IEC 61850-7-420:2021. This edition includes the following significant changes with respect to the previous edition:
a) Clause 3 has been updated.
b) Clause 8 (IEC 61850 information models for power converter-based functions) has been deleted. This clause defined data models with the transitional namespace “(Tr) IEC 61850-90-7:2012”. The data models are now defined in IEC 61850-7-420.

  • Technical report
    62 pages
    English language
    sale 15% off
  • Technical report
    163 pages
    English language
    sale 15% off
IEC
IEC TR 61850-90-27:2023(Main)
Communication networks and systems for power utility automation - Part 90-27: Use of IEC 61850 for thermal energy systems connected to electric power grid

IEC TR 61850-90-27:2023, which is a Technical Report, is to provide basic aspects that need to be considered when using IEC 61850 for information exchange between systems and components to support applications for thermal systems connected to electric power networks. Thermal systems isolated from electric power networks are outside the scope of this document.
From the perspective of category, this document considers thermal systems that provide thermal energy services for residential and/or commercial buildings and districts. In other words, industrial thermal systems are outside the scope of this document.
From the perspective of energy transformation, this document deals with ones between electricity and thermal energy. Other types of energy such as gas will be documented in a future report.
From the perspective of resource, this document considers generic aspects of thermal energy generators, storage, and loads that may contribute to the operations and management of electric power networks. It also deals with specific types of resources that have electric parts such as power to heat (P2H) that is a kind of electric load, and combined heat and power (CHP) that is an electric generator. This document models the characteristics for such specific units of resources including alarms and ratings. On the other hand, it does not deal with other types of specific units according to the scope of this document. For example, gas boilers, thermal energy tanks, heat exchangers, HVAC, auxiliary devices for thermal systems are not modelled as logical nodes in this document.
As a summary, this document
- gives an overview of thermal energy resources connected to electric power networks.
- provides use cases for typical operations of thermal system and deducts exchanged information necessary for information modelling.
- provides mapping of requirements on LNs based on the use cases.
- defines generic logical nodes for resources in thermal systems.
- defines logical nodes for specific unit types of P2H and CHP.
- defines logical nodes for operations that may contribute to the operations of electric power networks.

  • Technical report
    180 pages
    English language
    sale 15% off
IEC
IEC 62351-9:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used.
This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles.
The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as:
• IEC 62351-3 for TLS by profiling the TLS options
• IEC 62351-4 for the application layer end-to-end security
• IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101/104 and IEEE 1815 (DNP3)
The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP.
This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy.
In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided.
This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Certificate components and verification of the certificate components have been added;
b) GDOI has been updated to include findings from interop tests;
c) GDOI operation considerations have been added;
d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC/IEEE 61850-9-3 Power Profile;
e) Cyber security event logging has been added as well as the mapping to IEC 62351-14;
f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added.

  • Standard
    296 pages
    English and French language
    sale 15% off
IEC
IEC 62351-3:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP

IEC 62351-3:2023 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize Transport Layer Security when cyber-security is required. This may relate to SCADA and telecontrol protocols, but also to additional protocols if they meet the requirements in this document.
IEC 62351-3 specifies how to secure TCP/IP-based protocols through constraints on the specification of the messages, procedures, and algorithms of Transport Layer Security (TLS) (TLSv1.2 defined in RFC 5246, TLSv1.3 defined in RFC 8446). In the specific clauses, there will be subclauses to note the differences and commonalities in the application depending on the target TLS version. The use and specification of intervening external security devices (e.g., "bump-in-the-wire") are considered out-of-scope.
In contrast to previous editions of this document, this edition is self-contained in terms of completely defining a profile of TLS. Hence, it can be applied directly, without the need to specify further TLS parameters, except the port number, over which the communication will be performed. Therefore, this part can be directly utilized from a referencing standard and can be combined with further security measures on other layers. Providing the profiling of TLS without the need for further specifying TLS parameters allows declaring conformity to the described functionality without the need to involve further IEC 62351 documents.
This document is intended to be referenced as a normative part of other IEC standards that have the need for providing security for their TCP/IP-based protocol exchanges under similar boundary conditions. However, it is up to the individual protocol security initiatives to decide if this document is to be referenced.
The document also defines security events for specific conditions, which support error handling, security audit trails, intrusion detection, and conformance testing. Any action of an organization in response to events to an error condition described in this document are beyond the scope of this document and are expected to be defined by the organization’s security policy.
This document reflects the security requirements of the IEC power systems management protocols. Should other standards bring forward new requirements, this document may need to be revised.
This second edition cancels and replaces the first edition published in 2014, Amendment 1:2018 and Amendment 2:2020. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Inclusion of the TLSv1.2 related parameter required in IEC 62351-3 Ed.1.2 to be specified by the referencing standard. This comprises the following parameter:
• Mandatory TLSv1.2 cipher suites to be supported.
• Specification of session resumption parameters.
• Specification of session renegotiation parameters.
• Revocation handling using CRL and OCSP.
• Handling of security events.
b) Inclusion of a TLSv1.3 profile to be applicable for the power system domain in a similar way as for TLSv1.2 session.

  • Standard
    103 pages
    English and French language
    sale 15% off
IEC
IEC 62488-2:2017/COR2:2023(Corrigendum)
Corrigendum 2 - Power line communication systems for power utility applications - Part 2: Analogue power line carrier terminals or APLC
  • Standard
    1 page
    English and French language
    sale 15% off