IEC62351standard_IEC62351资源-CSDN文库

共6个文件

pdf：6个

62351

4星 · 超过85%的资源需积分: 19 199 浏览量 2010-04-29 17:17:32 上传评论收藏 1.45MB RAR 举报

资源推荐

资源详情

资源评论

收起资源包目录

IEC 62351.rar （6个子文件）

IEC 62351-5.pdf 508KB

IEC 62351-2.pdf 272KB

IEC 62351-6.pdf 220KB

IEC 62351-4.pdf 164KB

IEC 62351-3.pdf 164KB

IEC 62351-1.pdf 417KB

57/756/CD

COMMITTEE DRAFT (CD)

IEC/TC or SC:

TC 57

Project number

IEC 62351-5 TS Ed. 1.0

Title of TC/SC:

POWER SYSTEMS MANAGEMENT AND

ASSOCIATED INFORMATION EXCHANGE

Date of circulation

2005-05-06

Closing date for comments

2005-08-12

Also of interest to the following committees

TC 8; TC 13, TC 88, ISO TC184/SC5

Supersedes document

57/675/NP – 57/715/RVN

Functions concerned:

Safety EMC Environment Quality assurance

Secretary:

Germany

THIS DOCUMENT IS STILL UNDER STUDY AND SUBJECT TO

CHANGE

. IT SHOULD NOT BE USED FOR REFERENCE PURPOSES.

RECIPIENTS OF THIS DOCUMENT ARE INVITED TO SUBMIT, WITH

THEIR COMMENTS

, NOTIFICATION OF ANY RELEVANT PATENT

RIGHTS OF WHICH THEY ARE AWARE AND TO PROVIDE

SUPPORTING DOCUMENTATION

Title:

Data and Communication Security – Part 5: Security for IEC 60870-5 and Derivatives

Introductory note

NOTE:

At the request of the WG 15 convenor and in agreement with IEC Central Office, the TC 57 chairman and

secretary, the structure of the IEC 62351 series has been re-arranged as follows:

IEC 62351-1: Data and Communication Security – Part 1: Introduction and Overview

IEC 62351-2: Data and Communication Security – Part 2: Glossary of Terms

IEC 62351-3: Data and Communication Security – Part 3: Profiles Including TCP/IP.

IEC 62351-4: Data and Communication Security – Part 4: Profiles Including MMS.

IEC 62351-5: Data and Communication Security – Part 5: Security for IEC 60870-5 and Derivatives

IEC 62351-6: Data and Communication Security – Part 6: Security for IEC 61850 Profiles.

IEC 62351-7: Data and Communication Security – Part 7: Management Information Base (MIB)

Requirements for End-to-End Network Management

Parts 1, 3, 4, 5, and 6 are circulated in May 2005, parts 2 and 7 will be circulated by the end of the year

2005.

All above-mentioned part numbers were covered by the original NWIPs and therefore no extra NWIP is

required.

(see next page)

permitted to download this electronic file, to make a copy and to print out the content for the sole

purpose of preparing National Committee positions. You may not copy or "mirror" the file or

printed version of the document, or any part of it, for any other purpose without permission in

writing from IEC.

57/756/CD

This document on cyber security cut across many traditional boundaries, and needs to be reviewed by a

larger audience than the usual IEC TC57 working groups (although they are the primary audience).

Therefore, it is suggested that the following organizations and groups be invited to review the document

(as appropriate to their interests):

● IEC TC57: WG03, WG07, WG10, WG15, WG16, WG17, WG18, WG19

● Other IEC TCs: TC8, TC13 WG 14, TC88 WG25

● ISO TC184/SC5 WG2

● Cigre: CIGRÉ JWG D2/B3/C2 on Security - A. Torkilseng (NO)

● ISA – SP99 "Bryan L Singer" bryan_singer@entegreat.com

● American Gas Association (AGA) – Bill Rush

● UCA International Users Group – Kay Clinard

● DNP Users Group – Grant Gilchrist

● IEEE: PSCC WG on Security Risk Assessment – Frances Cleveland, SCC36 – Frances Cleveland

57/756/CD

IEC 62351-5

Committee Draft (CD)

Version 1

April, 2005

Data and

Communications Security

Security for IEC 60870-5

and Derivatives

IEC 62351-5/CD#1  IEC:2005 57/756/CDV

Contents

1 Scope and purpose.................................................................................................................10

1.1 Intended audience and use................................................................................................10

1.2 Items outside of scope ......................................................................................................10

1.3 Use with other specifications............................................................................................10

1.4 Document organization and approach...............................................................................11

1.5 Compliance......................................................................................................................11

2 Normative references ............................................................................................................11

3 Terms and definitions ...........................................................................................................11

4 Abbreviated terms.................................................................................................................12

5 Problem Description (informative) .......................................................................................12

5.1 Specific Threats Addressed...............................................................................................12

5.1.1 Spoofing ...................................................................................................................12

5.1.2 Modification .............................................................................................................12

5.1.3 Replay ......................................................................................................................12

5.2 Specific Threats Not Addressed.........................................................................................12

5.2.1 Eavesdropping ..........................................................................................................12

5.2.2 Traffic analysis .........................................................................................................12

5.2.3 Repudiation ..............................................................................................................13

5.2.4 Denial of Service.......................................................................................................13

5.3 Design issues ...................................................................................................................13

5.3.1 Asymmetric communications .....................................................................................13

5.3.2 Non-connection oriented............................................................................................13

5.3.3 Little or no sequence numbers ...................................................................................13

5.3.4 Limited processing power..........................................................................................13

5.3.5 Limited bandwidth ....................................................................................................13

5.3.6 No access to authentication server..............................................................................13

5.3.7 Limited frame length .................................................................................................13

5.3.8 Limited checksum .....................................................................................................14

5.3.9 Radio systems ...........................................................................................................14

5.3.10 Variety of protocols affected .....................................................................................14

5.3.11 Differing data link layers...........................................................................................14

5.3.12 Long upgrade intervals ..............................................................................................14

5.3.13 Capability to add data to ASDUs................................................................................14

5.4 General principles ...........................................................................................................14

5.4.1 Authentication only...................................................................................................14

5.4.2 Application layer only ...............................................................................................14

5.4.3 Generic definition mapped onto different protocols ....................................................14

5.4.4 Bi-directional............................................................................................................15

5.4.5 Challenge-Response ..................................................................................................15

5.4.6 Pre-Shared keys as default option ..............................................................................15

5.4.7 Backward compatibility.............................................................................................15

5.4.8 Upgradeable..............................................................................................................15

IEC 62351-5/CD#1  IEC:2005 57/756/CDV

Theory of operation (informative).........................................................................................15

6.1 Overview .........................................................................................................................15

6.1.1 Initiating the challenge..............................................................................................15

6.1.2 Responding to the challenge ......................................................................................16

6.1.3 Authenticating ..........................................................................................................16

6.1.4 Authentication failure................................................................................................16

6.1.5 Aggressive mode.......................................................................................................16

6.1.6 Changing keys...........................................................................................................17

6.1.7 Changing asymmetric keys ........................................................................................18

6.2 Example message sequences .............................................................................................19

6.2.1 Challenge of a Critical ASDU....................................................................................19

6.2.2 Periodic Challenge ....................................................................................................20

6.2.3 Aggressive Mode ......................................................................................................21

6.3 Summary of implementations ............................................................................................22

7 Formal specification (normative) ..........................................................................................23

7.1 Message Definitions (normative) ......................................................................................23

7.1.1 Challenge message ....................................................................................................23

7.1.2 Response message .....................................................................................................25

7.1.3 Aggressive mode request ...........................................................................................26

7.1.4 Key Change message.................................................................................................28

7.1.5 Certificate Change message .......................................................................................29

7.1.6 Error message ...........................................................................................................30

7.1.7 Confirmation message ...............................................................................................31

7.2 Formal procedures...........................................................................................................32

7.2.1 Challenger procedures ...............................................................................................32

7.2.2 Responder procedures................................................................................................38

7.2.3 Controlling Station Procedures ..................................................................................39

7.2.4 Controlled station procedures ....................................................................................42

8 Interoperability requirements...............................................................................................44

8.1 Minimum requirements (normative) ..................................................................................44

8.1.1 Hashing Algorithms ..................................................................................................44

8.1.2 Encryption Algorithms ..............................................................................................44

8.1.3 Fixed values..............................................................................................................45

8.1.4 Configurable values...................................................................................................45

8.2 Options (normative) .........................................................................................................46

8.2.1 Hash algorithms ........................................................................................................46

8.2.2 Encryption algorithms ...............................................................................................46

8.2.3 Configurable values...................................................................................................46

9 Implementation in IEC 60870-5-101 .....................................................................................47

9.1 Selected options and functions..........................................................................................47

9.2 Operations considered critical..........................................................................................47

9.3 Changes to data definitions ..............................................................................................47

9.4 Changes to ASDU definitions............................................................................................47

9.5 Changes to interoperability tables ....................................................................................47

9.6 Changes to test procedures...............................................................................................47

评论收藏

内容反馈

坐井观井

2015-09-22

是草稿版本。还不如直接下载GB25320。
liyi174748

2016-05-04

这个是IEC62351规范第1到第6部分的委员会草稿版，内容描述可能比较简略，但是对于初次了解和接触IEC62351的学习者来说还是比较不错的。
literal

2015-11-30

不错。不过只是草稿版，且仅有前6部分。
murhpy

2014-07-01

不错，是1-6部分，英文的，7-11部分有的还没有发布，网上也没有什么资源。另外1-6部分英文版已经有对应的中文国标翻译版了，就是GB25320，当然并不包含在本资源内。
立辉Haniel

2012-09-03

第六部分以后的章节就没有了