관심표준 등록 : 표준업데이트 시 알림을 받을 수 있습니다.
PDF : 직접 파일 다운로드 및 인쇄 (마이페이지 확인)
PRINT : 인쇄본 우편발송, 2~3일 소요(PDF파일 미제공)
표준
판매
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
| 분야 | TC 57 : Power systems management and associated information exchange |
|---|---|
| 적용범위 | IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used. This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles. The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as: • IEC 62351-3 for TLS by profiling the TLS options • IEC 62351-4 for the application layer end-to-end security • IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101/104 and IEEE 1815 (DNP3) The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP. This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy. In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided. This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision. This edition includes the following significant technical changes with respect to the previous edition: a) Certificate components and verification of the certificate components have been added; b) GDOI has been updated to include findings from interop tests; c) GDOI operation considerations have been added; d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC/IEEE 61850-9-3 Power Profile; e) Cyber security event logging has been added as well as the mapping to IEC 62351-14; f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added. |
| 국제분류(ICS)코드 | 33.200 : 원격 제어. 원격 측정 |
| 페이지수 | 296 |
| Edition | 2.0 |
| No. | 표준번호 | 표준명 | 발행일 | 상태 |
|---|---|---|---|---|
| 1 | IEC 62351-9:2023 | Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment | 2023-06-06 | 표준 |
| 2 | IEC 62351-9:2017 | Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment | 2017-05-18 | 구판 |
IEC TS 62351-1:2007 - Power systems management and associated information exchange - Data and communications security - Part 1: Communication network and system security - Introduction to security issues 상세보기
IEC TS 62351-6:2007 - Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850 상세보기
IEC TS 62351-3:2007 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP 상세보기
IEC TS 62351-4:2007 - Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS 상세보기
IEC TS 62351-2:2008 - Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms 상세보기
함께 구입한 상품이 존재하지 않습니다.
IEC TS 63134:2020 - Active assisted living (AAL) use cases 상세보기
IEC 60034-5:2020 RLV - Rotating electrical machines - Part 5: Degrees of protection provided by the integral design of rotating electrical machines (IP code) - Classification 상세보기
KS B ISO TS 25740-1 - 에스컬레이터 및 무빙워크에 대한 안전요건 — 제1부: 세계공통 필수 안전요건(GESRs) 상세보기
KS B ISO TS 8100-21 - 승객 및 화물 운송용 엘리베이터 —제21부: 세계공통 필수안전요건(GESRs)을 충족하는 세계공통 안전 파라미터(GSPs) 상세보기
KS C IEC TS 62872 - 산업 시설과 스마트 그리드 사이의 산업 공정 측정, 제어 및 자동화 시스템 인터페이스 상세보기
KS표준
핸드북
