IEC 62351 Overview
The IEC 62351 series of standards include cyber security technologies for some communication protocols specifically :
As shown in Figure below there is not a one-to-one correlation between the IEC TC57 communication protocol standards and the IEC 62351 security standards. This is because many of the communication protocols rely on the same underlying standards at different layers.
The IEC 62351 series also defines the cyber security requirements for implementing security technologies in the operational environment, including objects for network and system management (e.g. with SNMP), role-based access control (RBAC), cryptographic key management, and security event logging.
Technical specifications for conformance testing, applicable for these standards, are also being developed as part of this series as IEC/TS 62351-100-xx.
IEC 62351 standards profile the use of existing Internet standards whenever possible to meet domain-specific needs. Reusing the same security standards across different communication protocols supports the interoperability of these protocols.
IEC 62351 Cyber Security Standards for Communication Standards
The following parts of the IEC 62351 cyber security standards series provide security for different communication protocol standards :
IEC/TS 62351-1: Introduction: This first part of the standard covers the background on security for power system operations, and introductory information on the series of IEC 62351 security standards.
IEC/TS 62351-2: Glossary of Terms: This part includes the definition of terms and acronyms used in the IEC 62351 standards. These definitions are based on existing security and communications industry standard definitions as much as possible, given that security terms are widely used in other industries as well as in the power system industry. The terms in this glossary are provided for free access on the IEC web site
IEC 62351-3: Data and Communication Security – Profiles Including TCP/IP. These security standards cover those profiles used by:
IEC 62351-4: Data and Communication Security – Profiles Including MMS and Similar Payloads. These security standards cover those profiles used by:
IEC 62351-5: Data and Communication Security – Security for IEC 60870-5 and Derivatives (i.e. DNP 3.0). These security standards cover both serial and networked profiles used by:
IEC 62351-6: Data and Communication Security – Security for IEC 61850 Peer-to-Peer Profiles. These security standards cover profiles in:
IEC 62351 Additional Cyber Security Standards and Technical Reports
Additional IEC 62351 cyber security standards provide requirements while technical reports (TR) provide guidelines for implementing security technologies :
Network and System Management (NSM) of the information infrastructure, which defines abstract NSM data objects for the power system operational environment and reflects what information is needed to manage the information infrastructure as reliably as the power system infrastructure is managed. A mapping to SNMP MIBs was also developed and is available as code components
Role-Based Access Control for Power System Management. The purpose of this standard is to:
Key Management. This standard specifies how to generate, distribute, revoke, and handle digital certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and X.509 certificates), as well as symmetric keys (e.g. session keys).
Security Architecture. This technical report targets the description of security architecture guidelines for power systems based on essential security controls, i.e., on security-related components and functions and their interaction.
Security for XML Files. This standard defines the security requirements for exchanges of XML-based documents which are used for IEC 61970 as well as for some types of information exchanges in IEC 61850
Resilience for Power Systems with DER Systems. This technical report provides resiliency recommendations for engineering/operational strategies and cyber security techniques that are applied to Distributed Energy Resources (DER) systems. It covers the resilience requirements for the many different stakeholders of these dispersed cyber-physical generation and storage devices, with the goal of enhancing the safety, reliability, power quality, and other operational aspects of power systems, particularly those with high penetrations of DER systems
What Security Topics Should Be Covered in Standards and Specifications. This technical report provides guidelines whose purpose is to support the developers of standards with addressing cyber security at the appropriate level for their standard. This document provides suggestions on what security topics should be covered in standards and specifications that are to be used in the power industry, and was a major source of information for IEC Guide 120, “Security Aspects – Guidelines for their Inclusion into Publications”.
Cyber Security Event Logging. Based on Syslog, this part of the IEC 62351 series specifies technical details for the implementation of security logs: communication, content and semantics
IEC 62351 Technical Specifications for Conformance Testing
The IEC 62351 cyber security technical specifications for conformance testing are being developed and planned. They consist of the following: