IEC TS 62351-100-1:2018

IEC TS 62351-100-1 ®
Edition 1.0 2018-11
TECHNICAL
SPECIFICATION
colour
inside
Power systems management and associated information exchange – Data and
communications security –
Part 100-1: Conformance test cases for IEC TS 62351-5 and IEC TS 60870-5-7
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester. If you have any questions about IEC
copyright or have an enquiry about obtaining additional rights to this publication, please contact the address below or
your local IEC member National Committee for further information.

IEC Central Office Tel.: +41 22 919 02 11
3, rue de Varembé info@iec.ch
CH-1211 Geneva 20 www.iec.ch
Switzerland
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.

IEC Catalogue - webstore.iec.ch/catalogue Electropedia - www.electropedia.org
The stand-alone application for consulting the entire The world's leading online dictionary of electronic and
bibliographical information on IEC International Standards, electrical terms containing 21 000 terms and definitions in
Technical Specifications, Technical Reports and other English and French, with equivalent terms in 16 additional
documents. Available for PC, Mac OS, Android Tablets and languages. Also known as the International Electrotechnical
iPad. Vocabulary (IEV) online.

IEC publications search - webstore.iec.ch/advsearchform IEC Glossary - std.iec.ch/glossary
The advanced search enables to find IEC publications by a 67 000 electrotechnical terminology entries in English and
variety of criteria (reference number, text, technical French extracted from the Terms and Definitions clause of
committee,…). It also gives information on projects, replaced IEC publications issued since 2002. Some entries have been
and withdrawn publications. collected from earlier publications of IEC TC 37, 77, 86 and

CISPR.
IEC Just Published - webstore.iec.ch/justpublished
Stay up to date on all new IEC publications. Just Published IEC Customer Service Centre - webstore.iec.ch/csc
details all new publications released. Available online and If you wish to give us your feedback on this publication or
also once a month by email. need further assistance, please contact the Customer Service
Centre: sales@iec.ch.
IEC TS 62351-100-1 ®
Edition 1.0 2018-11
TECHNICAL
SPECIFICATION
colour
inside
Power systems management and associated information exchange – Data and

communications security –
Part 100-1: Conformance test cases for IEC TS 62351-5 and IEC TS 60870-5-7

INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
ICS 33.200 ISBN 978-2-8322-6182-8

– 2 – IEC TS 62351-100-1:2018 © IEC 2018
CONTENTS
FOREWORD . 6
INTRODUCTION . 8
1 Scope . 9
2 Normative references . 9
3 Terms, definitions and abbreviated terms . 10
3.1 Terms and definitions. 10
3.2 Abbreviated terms . 12
4 General . 12
4.1 Normatives covered by this technical specification . 12
4.2 Conformance testing structure . 12
4.2.1 General . 12
4.2.2 Conformance testing of security extension procedures . 13
4.2.3 Conformance testing addressed per station type . 14
4.2.4 Normal procedure tests and resiliency tests . 14
4.3 Conformance testing requirements . 14
4.3.1 Testing base protocols with security extension. . 14
4.3.2 Testing of profiles including TCP/IP . 14
4.3.3 Requirements for the device under test . 14
4.3.4 Requirements for the test facility . 15
4.3.5 Test logging . 15
5 Verification of configuration parameters . 16
5.1 General . 16
5.2 System definition . 16
5.3 Application security extension . 18
6 Verification of Communication . 21
6.1 General . 21
6.2 ASDU segmentation control . 21
6.3 Verification of ASDUs . 23
6.3.1 User management ASDUs . 23
6.3.2 Update key maintenance ASDUs . 26
6.3.3 Session key maintenance ASDUs . 32
6.3.4 Challenge/reply and aggressive mode authentication ASDUs . 35
6.3.5 Security statistics ASDU . 39
7 Verification of procedures . 39
7.1 General . 39
7.2 User management . 40
7.2.1 General . 40
7.2.2 Controlling station. 41
7.2.3 Controlled station . 43
7.3 Update key maintenance - Symmetric . 48
7.3.1 General . 48
7.3.2 Controlling station. 48
7.3.3 Controlled station . 52
7.4 Update key maintenance - Asymmetric . 54
7.4.1 General . 54
7.4.2 Controlling station. 55

7.4.3 Controlled station . 59
7.5 Session key maintenance . 61
7.5.1 General . 61
7.5.2 Controlling station. 62
7.5.3 Controlled station . 67
7.6 Challenge/reply authentication . 69
7.6.1 General . 69
7.6.2 Controlling station. 70
7.6.3 Controlled station . 76
7.7 Aggressive mode authentication . 80
7.7.1 General . 80
7.7.2 Controlling station. 81
7.7.3 Controlled station . 84
8 Tests results chart . 87
8.1 Verification of configuration parameters . 87
8.2 Verification of communication . 88
8.2.1 ASDUs segmentation control . 88
8.2.2 User management ASDUs . 89
8.2.3 Update key maintenance ASDUs . 90
8.2.4 Session key maintenance ASDUs . 92
8.2.5 Challenge/reply and aggressive mode authentication ASDUs . 93
8.2.6 Security statistics ASDU . 94
8.3 Verification of procedures . 95
8.3.1 User management . 95
8.3.2 Update key maintenance - Symmetric . 98
8.3.3 Update key maintenance - Asymmetric . 100
8.3.4 Session key maintenance . 102
8.3.5 Challenge/reply authentication . 105
8.3.6 Aggressive mode authentication . 109

Figure 1 – IEC TS 62351-5 Security extension procedures . 13

Table 1 – Configuration parameters: System definition . 17
Table 2 – Configuration parameters: Application security extension . 19
Table 3 – ASDU segmentation control. 22
Table 4 – User management ASDUs . 23
Table 5 – Update key maintenance ASDUs . 26
Table 6 – Session key maintenance ASDUs . 32
Table 7 – Challenge/reply and aggressive mode authentication ASDUs . 35
Table 8 – Security statistics ASDU . 39
Table 9 – User management: Controlling station normal procedure tests . 41
Table 10 – User management: Controlling station resiliency tests . 42
Table 11 – User management: Controlled station normal procedure tests . 43
Table 12 – User management: Controlled station resiliency tests . 44
Table 13 – Update key maintenance - Symmetric: Controlling station triggering

conditions . 48

– 4 – IEC TS 62351-100-1:2018 © IEC 2018
Table 14 – Update key maintenance - Symmetric: Controlling station normal procedure
tests . 49
Table 15 – Update key maintenance - Symmetric: Controlling station resiliency tests . 50
Table 16 – Update key maintenance - Symmetric: Controlled station normal procedure
tests . 52
Table 17 – Update key maintenance - Symmetric: Controlled station resiliency tests . 53
Table 18 – Update key maintenance - Asymmetric: Controlling station triggering
conditions . 55
Table 19 – Update key maintenance - Asymmetric: Controlling station normal
procedure tests . 56
Table 20 – Update key maintenance - Asymmetric: Controlling station resiliency tests . 57
Table 21 – Update key maintenance - Asymmetric: Controlled station normal procedure
tests . 59
Table 22 – Update key maintenance - Asymmetric: Controlled station resiliency tests . 60
Table 23 – Session key maintenance: Controlling station triggering conditions . 62
Table 24 – Session key maintenance: Controlling station normal procedure tests . 63
Table 25 – Session key maintenance: Controlling station resiliency tests . 64
Table 26 – Session key maintenance: Controlled station invalidating session key . 67
Table 27 – Session key maintenance: Controlled station normal procedure tests . 68
Table 28 – Session key maintenance: Controlled station resiliency tests . 69
Table 29 – Challenge/reply authentication: Controlling station triggering conditions . 70
Table 30 – Challenge/reply authentication: Controlling station normal procedure tests . 71
Table 31 – Challenge/reply authentication: Controlling station resiliency tests . 72
Table 32 – Challenge/reply authentication: Controlled station normal procedure tests . 76
Table 33 – Challenge/reply authentication: Controlled station resiliency tests . 77
Table 34 – Aggressive mode authentication: Controlling station normal procedure tests . 81
Table 35 – Aggressive mode authentication: Controlling station resiliency tests . 82
Table 36 – Aggressive mode authentication: Controlled station normal procedure tests . 84
Table 37 – Aggressive Mode Authentication: Controlled station resiliency tests . 85
Table 38 – Test results chart: Configuration parameters . 87
Table 39 – Test results chart: ASDU segmentation control . 88
Table 40 – Test results chart: User managements ASDUs . 89
Table 41 – Test results chart: Update key maintenance ASDUs . 90
Table 42 – Test results chart: Session key maintenance ASDUs . 92
Table 43 – Test results chart: Challenge/reply and aggressive mode authentication
ASDUs . 93
Table 44 – Test results chart: Security statistics ASDU . 94
Table 45 – Test results chart: User management procedure – Controlling station . 95
Table 46 – Test results chart: User management procedure – Controlled Station . 96
Table 47 – Test results chart: Update key maintenance – Symmetric – Controlling
station . 98
Table 48 – Test results chart: Update key maintenance – Symmetric – Controlled
station . 99
Table 49 – Test results chart: Update key maintenance – Asymmetric – Controlling
station . 100

Table 50 – Test results chart: Update key maintenance – Asymmetric – Controlled
station . 101
Table 51 – Test results chart: Session key maintenance – Controlling station . 102
Table 52 – Test results chart: Session key maintenance – Controlled station . 104
Table 53 – Test results chart: Challenge/reply authentication – Controlling station . 105
Table 54 – Test results chart: Challenge/reply authentication – Controlled station . 107
Table 55 – Test results chart: Aggressive mode authentication – Controlling station . 109
Table 56 – Test results chart: Aggressive mode authentication – Controlled station . 110

– 6 – IEC TS 62351-100-1:2018 © IEC 2018
INTERNATIONAL ELECTROTECHNICAL COMMISSION
____________
POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION
EXCHANGE – DATA AND COMMUNICATIONS SECURITY –

Part 100-1: Conformance test cases for IEC TS 62351-5
and IEC TS 60870-5-7
FOREWORD
1) The International Electrotechnical Commission (IEC) is a worldwide organization for standardization comprising
all national electrotechnical committees (IEC National Committees). The object of IEC is to promote
international co-operation on all questions concerning standardization in the electrical and electronic fields. To
this end and in addition to other activities, IEC publishes International Standards, Technical Specifications,
Technical Reports, Publicly Available Specifications (PAS) and Guides (hereafter referred to as “IEC
Publication(s)”). Their preparation is entrusted to technical committees; any IEC National Committee interested
in the subject dealt with may participate in this preparatory work. International, governmental and non-
governmental organizations liaising with the IEC also participate in this preparation. IEC collaborates closely
with the International Organization for Standardization (ISO) in accordance with conditions determined by
agreement between the two organizations.
2) The formal decisions or agreements of IEC on technical matters express, as nearly as possible, an international
consensus of opinion on the relevant subjects since each technical committee has representation from all
interested IEC National Committees.
3) IEC Publications have the form of recommendations for international use and are accepted by IEC National
Committees in that sense. While all reasonable efforts are made to ensure that the technical content of IEC
Publications is accurate, IEC cannot be held responsible for the way in which they are used or for any
misinterpretation by any end user.
4) In order to promote international uniformity, IEC National Committees undertake to apply IEC Publications
transparently to the maximum extent possible in their national and regional publications. Any divergence
between any IEC Publication and the corresponding national or regional publication shall be clearly indicated in
the latter.
5) IEC itself does not provide any attestation of conformity. Independent certification bodies provide conformity
assessment services and, in some areas, access to IEC marks of conformity. IEC is not responsible for any
services carried out by independent certification bodies.
6) All users should ensure that they have the latest edition of this publication.
7) No liability shall attach to IEC or its directors, employees, servants or agents including individual experts and
members of its technical committees and IEC National Committees for any personal injury, property damage or
other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees) and
expenses arising out of the publication, use of, or reliance upon, this IEC Publication or any other IEC
Publications.
8) Attention is drawn to the Normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
9) Attention is drawn to the possibility that some of the elements of this IEC Publication may be the subject of
patent rights. IEC shall not be held responsible for identifying any or all such patent rights.
The main task of IEC technical committees is to prepare International Standards. In
exceptional circumstances, a technical committee may propose the publication of a technical
specification when
• the required support cannot be obtained for the publication of an International Standard,
despite repeated efforts, or
• the subject is still under technical development or where, for any other reason, there is the
future but no immediate possibility of an agreement on an International Standard.
Technical specifications are subject to review within three years of publication to decide
whether they can be transformed into International Standards.
IEC TS 62351-100-1, which is a technical specification, has been prepared by IEC technical
committee 57: Power systems management and associated information exchange.

The text of this technical specification is based on the following documents:
Enquiry draft Report on voting
57/1980/DTS 57/2016/RVDTS
Full information on the voting for the approval of this technical specification can be found in
the report on voting indicated in the above table.
This document has been drafted in accordance with the ISO/IEC Directives, Part 2.
A list of all parts in the IEC 62351 series, published under the general title Power systems
management and associated information exchange – Data and communications security, can
be found on the IEC website.
The committee has decided that the contents of this document will remain unchanged until the
stability date indicated on the IEC website under "http://webstore.iec.ch" in the data related to
the specific document. At this date, the document will be
• reconfirmed,
• withdrawn,
• replaced by a revised edition, or
• amended.
A bilingual version of this publication may be issued at a later date.

IMPORTANT – The 'colour inside' logo on the cover page of this publication indicates
that it contains colours which are considered to be useful for the correct
understanding of its contents. Users should therefore print this document using a
colour printer.
– 8 – IEC TS 62351-100-1:2018 © IEC 2018
INTRODUCTION
This technical specification describes test cases for conformance testing of telecontrol
equipment or systems using the IEC TS 62351-5 security extension and its application in
IEC TS 60870-5-7 for IEC 60870-5-101 and IEC 60870-5-104 communication protocols.

POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION
EXCHANGE – DATA AND COMMUNICATIONS SECURITY –

Part 100-1: Conformance test cases for IEC TS 62351-5
and IEC TS 60870-5-7
1 Scope
This part of IEC 62351, which is a technical specification, describes test cases of data and
communication security for telecontrol equipment, substation automation systems (SAS) and
telecontrol systems, including front-end functions of SCADA.
The goal of this document is to enable interoperability by providing a standard method of
testing protocol implementations to verify that a device fulfils the requirement of the standard.
Note that conformity to the standard does not guarantee interoperability between devices
using different implementations. It is expected that using this specification during testing will
minimize the risk of non-interoperability. A basic condition for this interoperability is a passed
conformance test of both devices.
The scope of this document is to specify commonly available procedures and definitions for
conformance and/or interoperability testing of IEC TS 62351-5 and IEC TS 60870-5-7. The
conformance test cases defined herein are focused to verify the conformant integration of the
underlying authentication, as specified in IEC TS 62351-5 and IEC TS 60870-5-7, to protect
IEC 60870-5-101 and IEC 6870-5-104-based communications.
This document deals with data and communication security conformance testing; therefore,
other requirements, such as safety or EMC, are not covered. These requirements are covered
by other standards (if applicable) and the proof of compliance for these topics is done
according to these standards.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their
content constitutes requirements of this document. For dated references, only the edition
cited applies. For undated references, the latest edition of the referenced document (including
any amendments) applies.
IEC 60870-5-6:2006, Telecontrol equipment and systems – Part 5-6: Guidelines for
conformance testing for the IEC 60870-5 companion standardsI
IEC TS 60870-5-7:2013, Telecontrol equipment and systems – Part 5-7: Transmission
protocols – Security extensions to IEC 60870-5-101 and IEC 60870-5-104 protocols (applying
IEC 62351)
IEC 60870-5-101:2003, Telecontrol equipment and systems – Part 5-101: Transmission
protocols – Companion standard for basic telecontrol tasks
—————————
1 The base standard always takes precedence. In case of ambiguity between this document and the base
standards (IEC TS 62351-5 and IEC TS 60870-5-7), this part of IEC 62351 needs to be clarified or amended.
When testing, negative behaviour is not described in the base standard. The behaviour described in this
document prevails and should be observed. The conformance statement produced after testing indicates any
lack of conformance to either the test plan or the base standard.

– 10 – IEC TS 62351-100-1:2018 © IEC 2018
IEC 60870-5-104:2006, Telecontrol equipment and systems – Part 5-104: Transmission
protocols – Network access for IEC 60870-5-101 using standard transport profiles
IEC TS 60870-5-601:2015, Telecontrol equipment and systems – Part 5-601: Transmission
protocols – Conformance test cases for the IEC 60870-5-101 companion standard
IEC TS 60870-5-604:2016, Telecontrol equipment and systems – Part 5-604: Conformance
test cases for the IEC 60870-5-104 companion standard
IEC TS 62351-2, Power systems management and associated information exchange – Data
and communications security – Part 2: Glossary of terms
IEC TS 62351-5:2013, Power systems management and associated information exchange –
Data and communications security – Part 5: Security for IEC 60870-5 and derivatives
IEC 62351-9:2017, Power systems management and associated information exchange – Data
and communications security – Part 9: Cyber security key management for power system
equipment
3 Terms, definitions and abbreviated terms
For the purposes of this document, the terms and definitions given in IEC TS 62351-2 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following
addresses:
• IEC Electropedia: available at http://www.electropedia.org/
• ISO Online browsing platform: available at http://www.iso.org/obp
3.1 Terms and definitions
3.1.1
Application Service Data Unit
ASDU
application layer message submitted to lower layers for transmission
3.1.2
control direction
direction of transmission from the controlling station to a controlled station
3.1.3
controlled station
station which is monitored, or commanded and monitored by a master (controlling) station
Note 1 to entry: This is commonly called an “outstation” or “slave” or “server” in some specifications.
3.1.4
controlling station
station which performs the telecontrol of outstations (controlled station)
Note 1 to entry: This is commonly called a “master” or “master station” or “client” in some specifications.
3.1.5
interoperability
ability of two or more telecontrol devices from the same vendor, or different vendors, to
exchange information and use that information for correct cooperation

3.1.6
Message Authentication Code
MAC
calculated value used by a receiving station to authenticate and check the integrity of an
information
3.1.7
monitor direction
direction of transmission from a controlled station to a controlling station
3.1.8
normal procedure tests
set of test cases to verify that the device fulfils the requirements of the standard in the
expected (normal) conditions
3.1.9
Protocol Implementation Conformance Statement
PICS
summary of the referencing standard capabilities of the system to be tested
3.1.10
Protocol Implementation Document
PID
document which describes complete functionalities and system specific information
Note 1 to entry: The PID consists of the PICS and the PIXIT.
3.1.11
Protocol Implementation eXtra Information for Testing
PIXIT
document containing system specific information regarding the capabilities of the system to
be tested and specifying which items are optional
3.1.12
resiliency tests
set of test cases to verify that the device fulfils the requirements of the standard in reacting to
the unexpected (error) conditions
3.1.13
test equipment
all tools and instruments which simulate and verify the communication traffic, input or outputs
of the system under test
3.1.14
test initiator
party initiating a conformance test of a device that is executed by a test facility
3.1.15
test facility
supplier-independent organization which is able to provide appropriate test equipment and
trained staff for conformance testing
3.1.16
user number
USR
numeric value that unambiguously identifying a user in the protocol

– 12 – IEC TS 62351-100-1:2018 © IEC 2018
3.2 Abbreviated terms
For the purposes of this document, the abbreviated terms given in IEC TS 62351-2 and the
following apply.
ASDU Application service data unit
CASDU Common address of ASDU
COT Cause of transmission
DUT Device under test
IOA Information object address
IP Inter-networking protocol
MAC Message authentication code
PICS Protocol implementation conformance statement
PID Protocol implementation document (=PICS + PIXIT)
PIXIT Protocol implementation extra information for testing
SAS Substation automation system
SCADA Supervisory control and data acquisition
TCP Transport control protocol
USR User number
4 General
4.1 Normatives covered by this technical specification
This document defines the conformance test cases for IEC TS 62351-5 and IEC TS 60870-5-7
and the security extensions for IEC 60870-5-101 and IEC 60870-5-104 base protocols.
Test cases for IEC 60870-5-101 and IEC 60870-5-104 base protocols are not in the scope of
this document since they are already defined respectively in IEC TS 60870-5-601 and
IEC TS 60870-5-604.
4.2 Conformance testing structure
4.2.1 General
The security extension defined in IEC TS 62351-5 and IEC TS 60870-5-7 introduces new
procedures and new ASDU types to be exchanged at application level, each procedure has its
own set of messages exchanged during execution.
The conformance test cases are divided into five clauses:
• Clause 5: Verification of configuration parameters. This clause contains the configuration
parameters affecting the message contents and/or the protocol behaviour.
• Clause 6: Verification of communication. The goal of this clause is to verify that DUT is
able to implement the security extension messages as described in IEC TS 60870-5-7.
• Clause 7: Verification of procedures. The goal of this clause is to verify that DUT is able to
execute the security extension procedures as described in IEC TS 62351-5.
• Clause 8: Test result chart. This clause contains the results of the test cases listed in
Clauses 6 and 7 for each supported value of the configuration parameters listed in
Clause 5.
The test cases are organized in tables (see Tables 4 to 56). They are numbered; their
numbering syntax is: Subclause number (where the Table is located) + test case number.

In the column ‘reference’ each test case has a direct reference to IEC TS 62351-5 or IEC TS
60870-5-7 where the clause under test is defined.
Test cases are mandatory depending on the description in the column ‘Required’. The
following situations are possible:
M = Mandatory test case. The test is referencing a clause that is mandatory in
IEC TS 62351-5 or IEC TS 60870-5-7.
PICS x, x = Mandatory test case if the functionality is enabled in the PICS (by marking the
applicable check box), with a reference to the section number of the PICS (x.x).
4.2.2 Conformance testing of security extension procedures
The security extension procedures can be summarized as follows:
• User management
• Update key maintenance
• Session key maintenance
• Challenge/Reply authentication
• Aggressive Mode authentication
In general, these procedures are executed in sequence as shown in Figure 1.
Entry point if no User was
User
added (or pre-configured)
and the Central Authority Management
acts to add a User
Update Key
Maintenance
Entry point if at least
Session Key Default User (USR1)
Maintenance was already added
(or pre-configured)
Challenge/
Reply
Authentication
Aggressive
Mode
Authentication
The normal method
used to exchange
application data
IEC
Figure 1 – IEC TS 62351-5 Security extension procedures

– 14 – IEC TS 62351-100-1:2018 © IEC 2018
This document follows this approach. Conformance tests listed in Clauses 6 and 7 are
organized into subclauses for each security extension procedure.
4.2.3 Conformance testing addressed per station type
The security extension procedures defined in IEC TS 62351-5 and the messages exchanged
in each of them defined in IEC TS 60870-5-7 are almost asymmetric per station type
(controlling or controlled). The test cases in Clause 7 are addressed per station type.
4.2.4 Normal procedure tests and resiliency tests
The IEC TS 62351-5 state machine specifies how each station (controlling and controlled)
shall execute the procedures in normal conditions (expected behavior) and also how it shall
behave when unexpected or fault events occur during their execution (negative behaviours).
So, for each procedure in Clause 7 the tests cases are also divided in two sections: the
normal procedures test cases addressing the expected behaviours and the resiliency test
cases addressing unexpected or fault events.
Normal Procedure tests and resiliency tests shall be performed for ALL mandatory and
optional security extension procedures implemented (declared in the PICS document).
Normal Procedure tests shall be performed AT LEAST ONCE for all mandatory and optional
authentication and key encryption algorithms implemented (declared in the PICS document).
The resiliency test shall be performed AT LEAST ONCE with an authentication algorithm and
an encryption algorithm defined as mandatory in IEC TS 62351-5.
4.3 Conformance testing requirements
4.3.1 Testing base protocols with security extension
The implementations claiming conformance to the IEC TS 62351-5 shall permit the
authentication (the security extension) to be disabled (see IEC TS 62351-5:2013, 8.2.5.8).
When the security extension is disabled the communication is achieved through the
IEC 60870-5-101 or IEC 60870-5-104 base protocol so the conformance tests shall also be
executed on the base protocol following its own conformance testing standard
(IEC 60870-5-601 or IEC TS 60870-5-604).
The conformance testing of the base protocol shall be performed prior to execution of the
security extension conformance testing. The test initiator shall provide the evidence that the
base protocol conformance testing was successfully performed for the DUT. Once the base
protocol conformance test is successfully completed, the security extension shall be enabled
and tested as defined in this technical specification.
While testing the security extension, some test cases require the use of base protocol ASDU
to be sent/received and authenticated. The test facility shall verify that the base protocol data
exchanged and the base protocol procedures executed by the DUT also are in accordance
with the type of base protocol ASDU used for authentication, as specified in IEC 60870-5-101
or IEC 60870-5-104. This verification shall be performed by following the base protocol
conformance testing standard (IEC 60870-5-601 or IEC TS 60870-5-604).
4.3.2 Testing of profiles including TCP/IP
For profiles including TCP/IP (i.e. IEC 60870-5-104) the conformance testing of IEC 62351-3
(defined in IEC 62351-100-3) is also required.
4.3.3 Requirements for the device under test
The entity submitting the device for testing shall provide the following:

a) The device ready for testing;
b) The Protocol Implementation Document (PID);
c) Instruction manuals detailing the installation and operation of the device or assistance for
operating the DUT during the test.
A device is ready for testing when the following conditions are satisfied:
d) The DUT is able to operate as a controlling or controlled station according to the PID
(depending of the type of DUT).
e) The DUT shall be fully configured according to the PID, and shall be able to execute all
the functionality of the protocol implementation as described in the PID.
f) The functionality described in the PID related to data points such as parameter loading,
read procedure, command transmission, etc. is implemented with a representative sub-set
of data points.
g) Verification of the data points shall be possible in a human readable way or format, and
the verification of analogue and digital status changes is possible.
4.3.4 Requirements for the test facility
The following requirements shall be satisfied by the test facility:
• Conformance testing shall be customized for the DUT based on the capabilities identified
in the PID (=PICS+PIXIT). Upon this customization, the test facility shall communicate
what the tailored test plan will cover.
• The test cases listed in Clauses 5 to 7 shall be performed with no errors detected during
testing.
• The test cases listed in Clause 6 (verification of communication) are automatically tested
while executing the test cases listed in Clause 7 (verification of procedures).
• The test cases in Clause 7 should be performed in the order listed and the steps in each
test case shall be followed, which means that the DUT is able to function as described in
the specific test case.
• For each test case listed in Clauses 5, 6 and 7 the test results need to be marked in the
appropriate column of the test result chart in Clause 8. Each test case can either pass the
test (Passed), fail the test (Failed), not applicable, when the configuration value is not
supported by the device (N.A.), or the test case was not performed (Empty). Ideally, there
should be no empty boxes when testing is complete.
• Release a conformance test report of the DUT to the initiator (refer to
IEC 60870-5-6:2006, 5.7).
All test cases listed in Clauses 6 and 7 should be verified automatically by a testing software
or verified manually by review of the test history log after execution of the test procedures.
The simulator is preferably flexible in adding or changing test cases in order to be
adaptable to changes in the protocol standard and the PID provided with the DUT. In all cases,
the test shall be reproducible over time by test-engineers in the test-facility.
In operational use, the device may show communication and/or behaviour errors which forces
the supplier to reproduce the complete conformance test (for example for verification
afterwards) or for reproducing only the tests that were shown to have errors.
The test focuses only on the protocol elements and functions as described in the PID; the test
does not include the application logic and the operation of the tested system.
4.3.5 Test logging
During the execution of conformance testing the following information shall be logged by the
DUT for test results analysis:

– 16 – IEC TS 62351-100-1:2018 © IEC 2018
• Communication events (messages received/sent and their fields content).
Furthermore, the DUT should be able to log the following:
• Internal events (timeouts, statistic threshold exceeded).
• Internal actions (key status changes, statistic counters changes, messages discarded,
timers start/stop).
5 Verification of configuration parameters
5.1 General
The scope of this clause is to verify the configuration of all the parameters that affect security
extension procedures and protocol behaviour so that the whole or part of conformance testin
...