IEC/TS 62351-5-2013 pdf free.Power systems management and associated information exchange – Data and communications security – Part 5: Security for IEC 60870-5 and derivatives.
Clause 5 describes:
• the security threats that this specification is intended to address;
• the unique design problems in implementing authentication for IEC 60870-5 and derived protocols:
• the resulting design principles behind the mechanism.
5.2 Specific threats addressed
This specification shall address only the following security threats, as defined in
IEC/TS 62351-2:
• spoof in9:
• modification;
• replay;
• eavesdropping — on exchanges of cryptographic keys only. not on other data.
5.3 Design issues
5.3.1 Overview of subclause
Subclause 5.3 describes the challenges faced in developing an authentication proposal that can be applied to all the lEG 60870-5 and derivative protocols. Subclause 5,3 is supplied for the benefit of security experts reviewing this document who may not be familiar with the electrical utility protocol environment.
5.3.2 Asymmetric communications
All the protocols affected by this specification share the concept of inequality between the communication stations. In each of these protocols there is a designated controlling station and a designated controlled station, each having different roles, responsibilities, procedures and message formats. In particular, the controlling station is in many cases responsible for flow control and media access control.
The existence of a definite controlled/controlling station designation has two impacts on the design of this authentication mechanism:
• the format of messages in each direction will differ, even if the functions are the same;
• key distribution is simplified because they will always be issued by the controlling station.
5.3.3 Message-oriented
All of the affected protocols are message-oriented. This means that authentication must be performed on a message-by-message basis, rather than authenticating only at the beginning of a data stream and occasionally thereafter, as some connection-oriented protocols do.
5.3.4 Poor sequence numbers or no sequence numbers
A common security technique to address the threat of replay is to include in the message a sequence number. Combined with tests for message integrity, the sequence number makes it harder for an attacker to simulate a legitimate user by ust copying an existing message, because the messages must be transmitted in a particular order.
Unfortunately, none of the affected protocols includes a sequence number that would provide adequate protection. Those sequence numbers that do exist have very low maximum values, permitting an attacker to attempt a replay after gathering only a small number of messages.
Therefore, the design of this specification must include its own sequence numbers and other time-varying data to protect against replay.
5.3.5 Limited processing power
The lack of processing power available on many power utility devices has been a major design concern for the affected protocols since their creation. This design requirement necessarily affects the authentication mechanism also. The concern is heightened by the fact that many of these devices are single-processor machines; a denial-of-service attack would affect not only the communications capability of such devices but their function as an electrical control, protection, or monitoring device also.
Therefore, the use of security measures requiring extremely high processing power, such as public-key encryption and very large key sizes, has been avoided as much as possible.
5.3.6 Limited bandwidth
The limited amount of bandwidth available in utility networks has been the prime design concern (after message integrity) of the affected protocols. Links of 1 200 bits per second and lower are still a reality for many applications of these protocols. Some communications links also charge costs per octet transmitted.IEC/TS 62351-5 pdf download.