iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
SIST

SIST EN IEC 62351-3:2023

(Main)

Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP (IEC 62351-3:2023)

Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP (IEC 62351-3:2023)

IEC 62351-3:2023 specifies how to provide confidentiality, integrity protection, and message level authentication for protocols that make use of TCP/IP as a message transport layer and utilize Transport Layer Security when cyber-security is required. This may relate to SCADA and telecontrol protocols, but also to additional protocols if they meet the requirements in this document.
IEC 62351-3 specifies how to secure TCP/IP-based protocols through constraints on the specification of the messages, procedures, and algorithms of Transport Layer Security (TLS) (TLSv1.2 defined in RFC 5246, TLSv1.3 defined in RFC 8446). In the specific clauses, there will be subclauses to note the differences and commonalities in the application depending on the target TLS version. The use and specification of intervening external security devices (e.g., "bump-in-the-wire") are considered out-of-scope.
In contrast to previous editions of this document, this edition is self-contained in terms of completely defining a profile of TLS. Hence, it can be applied directly, without the need to specify further TLS parameters, except the port number, over which the communication will be performed. Therefore, this part can be directly utilized from a referencing standard and can be combined with further security measures on other layers. Providing the profiling of TLS without the need for further specifying TLS parameters allows declaring conformity to the described functionality without the need to involve further IEC 62351 documents.
This document is intended to be referenced as a normative part of other IEC standards that have the need for providing security for their TCP/IP-based protocol exchanges under similar boundary conditions. However, it is up to the individual protocol security initiatives to decide if this document is to be referenced.
The document also defines security events for specific conditions, which support error handling, security audit trails, intrusion detection, and conformance testing. Any action of an organization in response to events to an error condition described in this document are beyond the scope of this document and are expected to be defined by the organization’s security policy.
This document reflects the security requirements of the IEC power systems management protocols. Should other standards bring forward new requirements, this document may need to be revised.
This second edition cancels and replaces the first edition published in 2014, Amendment 1:2018 and Amendment 2:2020. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Inclusion of the TLSv1.2 related parameter required in IEC 62351-3 Ed.1.2 to be specified by the referencing standard. This comprises the following parameter:
• Mandatory TLSv1.2 cipher suites to be supported.
• Specification of session resumption parameters.
• Specification of session renegotiation parameters.
• Revocation handling using CRL and OCSP.
• Handling of security events.
b) Inclusion of a TLSv1.3 profile to be applicable for the power system domain in a similar way as for TLSv1.2 session.

Datenmodelle, Schnittstellen und Informationsaustausch für Planung und Betrieb von Energieversorgungsunternehmen - Daten- und Kommunikationssicherheit - Teil 3: Sicherheit von Kommunikationsnetzen und Systemen - Profile einschließlich TCP/IP (IEC 62351-3:2023)

Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des communications et des données - Partie 3: Sécurité des réseaux et des systèmes de communication - Profils comprenant TCP/IP (IEC 62351-3:2023)

IEC 62351-3:2023 spécifie comment assurer la confidentialité, la protection de l’intégrité et l’authentification des niveaux des messages pour les protocoles qui utilisent les protocoles TCP/IP comme couche transport des messages et utilisent la sécurité de la couche transport lorsque la cybersécurité est exigée. Ceci peut concerner les protocoles SCADA/téléconduite, protection, automation et contrôles.
L’IEC 62351-3 spécifie une méthode permettant de sécuriser les protocoles TCP/IP par l’intermédiaire de contraintes sur la spécification des messages, procédures et algorithmes de sécurité de la couche transport (TLS) (version 1.2 de TLS définie dans la RFC 5246 et version 1.3 définie dans la RFC 8446). Des articles spécifiques contiennent des paragraphes indiquant les différences et les points communs d’application en fonction de la version TLS cible. L’utilisation et la spécification des dispositifs de sécurité externe concernés (par exemple "bump-in-the-wire") sont considérées comme ne relevant pas du domaine d’application du présent document.
Contrairement aux précédentes éditions du présent document, la présente édition est autosuffisante, car elle définit entièrement un profil de TLS. De ce fait, elle peut être appliquée directement, sans nécessiter de spécifier de paramètres TLS supplémentaires, à l’exception du numéro du port par lequel la communication est effectuée. Par conséquent, la présente partie peut être directement utilisée à partir d’une norme de référence et peut être combinée avec des mesures de sécurité supplémentaires sur d’autres couches. La définition du profil de TLS sans nécessiter de spécifier de paramètres TLS supplémentaires permet de déclarer la conformité à la fonctionnalité décrite sans nécessiter de recourir à d’autres documents IEC 62351.
Le présent document est destiné à être référencé comme partie normative des autres normes IEC qui traitent de la nécessité d’assurer la sécurité de leurs échanges protocolaires basés sur TCP/IP dans des conditions limites similaires. Cependant, il revient aux initiatives individuelles en matière de sécurité des protocoles de décider si le présent document est à référencer.
Le présent document définit également des événements de sécurité pour des conditions spécifiques, qui prennent en charge la gestion des erreurs, les pistes d’audit de sécurité, la détection d’intrusion et les essais de conformité. Toute action d’un organisme en réponse à des événements dus à une condition d’erreur décrite dans le présent document ne relève pas du domaine d’application du présent document et est susceptible d’être définie par la politique de sécurité de l’organisme.
Le présent document présente les exigences de sécurité des protocoles de gestion des systèmes de puissance de l’IEC. Une révision du présent document pourrait s’avérer nécessaire en cas d’ajout de nouvelles exigences dans d’autres normes.
Cette seconde édition annule et remplace la première édition parue en 2014, l’Amendement 1:2018 et l’Amendement 2:2020. Cette édition constitue une révision technique.
Cette édition inclut les modifications techniques majeures suivantes par rapport à l’édition précédente:
a) inclusion du paramètre lié à la TLSv1.2 exigé dans l’IEC 62351-3 Éd.1.2 à spécifier par la norme de référence. Ce paramètre comprend les éléments suivants:
• les suites chiffrées TLSv1.2 obligatoires à prendre en charge;
• la spécification des paramètres de reprise de session;
• la spécification des paramètres de renégociation de session;
• la gestion des révocations à l’aide de la CRL et du protocole OCSP;
• la ges

Upravljanje elektroenergetskega sistema in pripadajoča izmenjava informacij - Varnost podatkov in komunikacij - 3. del: Varnost komunikacijskih omrežij in sistemov - Profili za TCP/IP (IEC 62351-3:2023)

Standard IEC 62351-3:2023 določa, kako zagotoviti zaupnost, zaščito celovitosti in preverjati pristnost na ravni sporočil za protokole, ki za sporočilno transportno plast uporabljajo TCP/IP, ter zagotoviti varnost na transportni plasti, ko je zahtevana kibernetska varnost. To se lahko nanaša na protokole sistema nadzora in pridobivanja podatkov ter protokole za daljinsko vodenje, pa tudi na dodatne protokole, če izpolnjujejo zahteve v tem dokumentu.
Standard IEC 62351-3 določa, kako zaščititi protokole, ki temeljijo na TCP/IP, z omejitvami na specifikacijo sporočil, postopkov in algoritmov varnosti na transportni plasti (TLS) (TLSv1.2 opredeljen v RFC 5246, TLSv1.3 opredeljen v RFC 8446 ). Posebne točke bodo vsebovale podtočke z razlikami in skupnimi značilnostmi v aplikaciji glede na ciljno različico varnosti na transportni plasti. Uporaba in specifikacija vmesnih zunanjih varnostnih naprav (npr. »bump-in-the-wire«) se štejeta izven področja uporabe.
V nasprotju s prejšnjimi izdajami tega dokumenta je ta izdaja samozadostna v smislu popolne opredelitve profila varnosti na transportni plasti. Zato ga je mogoče uporabiti neposredno, brez potrebe po določanju nadaljnjih parametrov varnosti na transportni plasti, razen številke vrat, prek katerih se bo komunikacija izvajala. Tako je ta del mogoče neposredno uporabiti iz referenčnega standarda in ga je mogoče kombinirati z nadaljnjimi varnostnimi ukrepi na drugih plasteh. Zagotavljanje profiliranja varnosti na transportni plasti brez potrebe po nadaljnjem določanju parametrov varnosti na transportni plasti omogoča izjavo o skladnosti z opisano funkcionalnostjo brez potrebe po vključitvi nadaljnjih dokumentov IEC 62351.
Ta dokument naj bi bil normativni del drugih standardov IEC, ki morajo zagotoviti varnost za svoje izmenjave protokolov na osnovi TCP/IP pod podobnimi mejnimi pogoji. Vendar pa se o tem, ali naj se sklicuje na ta dokument, odločijo posamezne varnostne pobude protokola.
Dokument določa tudi varnostne dogodke za posebne pogoje, ki podpirajo obravnavanje napak, varnostne revizijske sledi, odkrivanje vdorov in preskušanje skladnosti. Kakršno koli dejanje organizacije kot odgovor na dogodke zaradi stanja napake, opisanega v tem dokumentu, ne spada v področje uporabe tega dokumenta in pričakuje se, da bo določeno z varnostno politiko organizacije.
Ta dokument odraža varnostne zahteve protokolov za upravljanje elektroenergetskega sistema IEC. Če bodo drugi standardi uvedli nove zahteve, bo morda treba ta dokument revidirati.
Druga izdaja razveljavlja in nadomešča prvo izdajo, objavljeno leta 2014, dopolnilo 1 iz leta 2018 in dopolnilo 2 iz leta 2020. Ta izdaja je tehnično popravljena izdaja.
Ta izdaja v primerjavi s prejšnjo vključuje naslednje pomembne tehnične spremembe:
a) Vključitev s TLSv1.2 povezanega parametra, zahtevanega v standardu IEC 62351-3, izdaja1.2, je treba določiti z referenčnim standardom. To vključuje naslednji parameter:
• Podprti morajo biti obvezni paketi šifre TLSv1.2.
• Specifikacija parametrov za nadaljevanje seje.
• Specifikacija parametrov za vnovično pogajanje za vzpostavitev seje.
• Obravnavanje ukinitve s CRL in OCSP.
• Obravnavanje varnostnih dogodkov.
b) Vključitev profila TLSv1.3, ki se uporablja za domeno elektroenergetskega sistema na podoben način kot za sejo TLSv1.2.

General Information

Status
Published
Publication Date
20-Aug-2023
ICS
29.240.30 - Control equipment for electric power systems
33.200 - Telecontrol. Telemetering
35.240.50 - IT applications in industry
Technical Committee
PSE - Power systems management
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
02-Aug-2023
Due Date
07-Oct-2023
Completion Date
21-Aug-2023
Mandate
M/490 - Standardisation mandate to the European Standardisation Organisations (ESOs) to support European Smart Grid deployment
Ref Project
EN IEC 62351-3:2023 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP

Relations

Revised
SIST EN 62351-3:2015 - Power systems management nd associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Effective Date
31-Aug-2021
Revised
SIST EN 62351-3:2015/A1:2018 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Effective Date
31-Aug-2021
Revised
SIST EN 62351-3:2015/A2:2020 - Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
Effective Date
31-Aug-2021

Buy Standard

EN IEC 62351-3:2023 - BARVEEN IEC 62351-3:2023 - BARVE
PreviousNext
Standard
EN IEC 62351-3:2023 - BARVE
English language
52 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day
EN IEC 62351-3:2023 - BARVEEN IEC 62351-3:2023 - BARVE
PreviousNext
Standard
EN IEC 62351-3:2023 - BARVE
English language
52 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN IEC 62351-3:2023
01-oktober-2023
Upravljanje elektroenergetskega sistema in pripadajoča izmenjava informacij -
Varnost podatkov in komunikacij - 3. del: Varnost komunikacijskih omrežij in
sistemov - Profili za TCP/IP (IEC 62351-3:2023)
Power systems management and associated information exchange - Data and
communications security - Part 3: Communication network and system security - Profiles
including TCP/IP (IEC 62351-3:2023)
Datenmodelle, Schnittstellen und Informationsaustausch für Planung und Betrieb von
Energieversorgungsunternehmen - Daten- und Kommunikationssicherheit - Teil 3:
Sicherheit von Kommunikationsnetzen und Systemen - Profile einschließlich TCP/IP
(IEC 62351-3:2023)
Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des
communications et des données - Partie 3: Sécurité des réseaux et des systèmes de
communication - Profils comprenant TCP/IP (IEC 62351-3:2023)
Ta slovenski standard je istoveten z: EN IEC 62351-3:2023
ICS:
29.240.30 Krmilna oprema za Control equipment for electric
elektroenergetske sisteme power systems
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
SIST EN IEC 62351-3:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62351-3:2023

---------------------- Page: 2 ----------------------
SIST EN IEC 62351-3:2023


EUROPEAN STANDARD EN IEC 62351-3

NORME EUROPÉENNE

EUROPÄISCHE NORM July 2023
ICS 33.200 Supersedes EN 62351-3:2014; EN 62351-
3:2014/A1:2018; EN 62351-3:2014/A2:2020
English Version
Power systems management and associated information
exchange - Data and communications security - Part 3:
Communication network and system security - Profiles including
TCP/IP
(IEC 62351-3:2023)
Gestion des systèmes de puissance et échanges Datenmodelle, Schnittstellen und Informationsaustausch für
d'informations associés - Sécurité des communications et Planung und Betrieb von Energieversorgungsunternehmen
des données - Partie 3: Sécurité des réseaux et des - Daten- und Kommunikationssicherheit - Teil 3: Sicherheit
systèmes de communication - Profils comprenant TCP/IP von Kommunikationsnetzen und Systemen - Profile
(IEC 62351-3:2023) einschließlich TCP/IP
(IEC 62351-3:2023)
This European Standard was approved by CENELEC on 2023-07-11. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2023 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN IEC 62351-3:2023 E

---------------------- Page: 3 ----------------------
SIST EN IEC 62351-3:2023
EN IEC 62351-3:2023 (E)
European foreword
The text of document 57/2578/FDIS, future edition 2 of IEC 62351-3, prepared by IEC/TC 57 "Power
systems management and associated information exchange" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN IEC 62351-3:2023.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2024-04-11
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2026-07-11
document have to be withdrawn
This document supersedes EN 62351-3:2014 and all of its amendments and corrigenda (if any).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a Standardization Request g
...

SLOVENSKI STANDARD
SIST EN IEC 62351-3:2023
01-oktober-2023
Upravljanje elektroenergetskega sistema in pripadajoča izmenjava informacij -
Varnost podatkov in komunikacij - 3. del: Varnost komunikacijskih omrežij in
sistemov - Profili za TCP/IP
Power systems management and associated information exchange - Data and
communications security - Part 3: Communication network and system security - Profiles
including TCP/IP
Datenmodelle, Schnittstellen und Informationsaustausch für Planung und Betrieb von
Energieversorgungsunternehmen - Daten- und Kommunikationssicherheit - Teil 3:
Sicherheit von Kommunikationsnetzen und Systemen - Profile einschließlich TCP/IP
Gestion des systèmes de puissance et échanges d'informations associés - Sécurité des
communications et des données - Partie 3: Sécurité des réseaux et des systèmes de
communication - Profils comprenant TCP/IP
Ta slovenski standard je istoveten z: EN IEC 62351-3:2023
ICS:
29.240.30 Krmilna oprema za Control equipment for electric
elektroenergetske sisteme power systems
35.240.50 Uporabniške rešitve IT v IT applications in industry
industriji
SIST EN IEC 62351-3:2023 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST EN IEC 62351-3:2023

---------------------- Page: 2 ----------------------
SIST EN IEC 62351-3:2023


EUROPEAN STANDARD EN IEC 62351-3

NORME EUROPÉENNE

EUROPÄISCHE NORM July 2023
ICS 33.200 Supersedes EN 62351-3:2014; EN 62351-
3:2014/A1:2018; EN 62351-3:2014/A2:2020
English Version
Power systems management and associated information
exchange - Data and communications security - Part 3:
Communication network and system security - Profiles including
TCP/IP
(IEC 62351-3:2023)
Gestion des systèmes de puissance et échanges Datenmodelle, Schnittstellen und Informationsaustausch für
d'informations associés - Sécurité des communications et Planung und Betrieb von Energieversorgungsunternehmen
des données - Partie 3: Sécurité des réseaux et des - Daten- und Kommunikationssicherheit - Teil 3: Sicherheit
systèmes de communication - Profils comprenant TCP/IP von Kommunikationsnetzen und Systemen - Profile
(IEC 62351-3:2023) einschließlich TCP/IP
(IEC 62351-3:2023)
This European Standard was approved by CENELEC on 2023-07-11. CENELEC members are bound to comply with the CEN/CENELEC
Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration.
Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN-CENELEC
Management Centre or to any CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CENELEC member into its own language and notified to the CEN-CENELEC Management Centre has the
same status as the official versions.
CENELEC members are the national electrotechnical committees of Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic,
Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, the
Netherlands, Norway, Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland,
Türkiye and the United Kingdom.


European Committee for Electrotechnical Standardization
Comité Européen de Normalisation Electrotechnique
Europäisches Komitee für Elektrotechnische Normung
CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2023 CENELEC All rights of exploitation in any form and by any means reserved worldwide for CENELEC Members.
 Ref. No. EN IEC 62351-3:2023 E

---------------------- Page: 3 ----------------------
SIST EN IEC 62351-3:2023
EN IEC 62351-3:2023 (E)
European foreword
The text of document 57/2578/FDIS, future edition 2 of IEC 62351-3, prepared by IEC/TC 57 "Power
systems management and associated information exchange" was submitted to the IEC-CENELEC
parallel vote and approved by CENELEC as EN IEC 62351-3:2023.
The following dates are fixed:
• latest date by which the document has to be implemented at national (dop) 2024-04-11
level by publication of an identical national standard or by endorsement
• latest date by which the national standards conflicting with the (dow) 2026-07-11
document have to be withdrawn
This document supersedes EN 62351-3:2014 and all of its amendments and corrigenda (if any).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CENELEC shall not be held responsible for identifying any or all such patent rights.
This document has been prepared under a Standardization Request given to CENELEC by the
European Commission and the European Free Trade Assoc
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

SIST
SIST EN IEC 62351-9:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment (IEC 62351-9:2023)
EN IEC 62351-9:2023

IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used.
This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles.
The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as:
• IEC 62351-3 for TLS by profiling the TLS options
• IEC 62351-4 for the application layer end-to-end security
• IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101/104 and IEEE 1815 (DNP3)
The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP.
This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy.
In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided.
This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Certificate components and verification of the certificate components have been added;
b) GDOI has been updated to include findings from interop tests;
c) GDOI operation considerations have been added;
d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC/IEEE 61850-9-3 Power Profile;
e) Cyber security event logging has been added as well as the mapping to IEC 62351-14;
f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added.

  • Standard
    147 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62351-4:2019/A1:2020(Amendment)
Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives
EN IEC 62351-4:2018/A1:2020
  • Amendment
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 62351-3:2015/A2:2020(Amendment)
Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
EN 62351-3:2014/A2:2020
  • Amendment
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62351-9:2023(Main)
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment (IEC 62351-9:2023)
EN IEC 62351-9:2023

IEC 62351-9:2023 specifies cryptographic key management, primarily focused on the management of long-term keys, which are most often asymmetric key pairs, such as public-key certificates and corresponding private keys. As certificates build the base this document builds a foundation for many IEC 62351 services (see also Annex A). Symmetric key management is also considered but only with respect to session keys for group-based communication as applied in IEC 62351-6. The objective of this document is to define requirements and technologies to achieve interoperability of key management by specifying or limiting key management options to be used.
This document assumes that an organization (or group of organizations) has defined a security policy to select the type of keys and cryptographic algorithms that will be utilized, which may have to align with other standards or regulatory requirements. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. This document assumes that the reader has a basic understanding of cryptography and key management principles.
The requirements for the management of pairwise symmetric (session) keys in the context of communication protocols is specified in the parts of IEC 62351 utilizing or specifying pairwise communication such as:
• IEC 62351-3 for TLS by profiling the TLS options
• IEC 62351-4 for the application layer end-to-end security
• IEC TS 62351-5 for the application layer security mechanism for IEC 60870-5-101/104 and IEEE 1815 (DNP3)
The requirements for the management of symmetric group keys in the context of power system communication protocols is specified in IEC 62351-6 for utilizing group security to protect GOOSE and SV communication. IEC 62351-9 utilizes GDOI as already IETF specified group-based key management protocol to manage the group security parameter and enhances this protocol to carry the security parameter for GOOSE, SV, and PTP.
This document also defines security events for specific conditions which could identify issues which might require error handling. However, the actions of the organisation in response to these error conditions are beyond the scope of this document and are expected to be defined by the organizations security policy.
In the future, as public-key cryptography becomes endangered by the evolution of quantum computers, this document will also consider post-quantum cryptography to a certain extent. Note that at this time being no specific measures are provided.
This second edition cancels and replaces the first edition published in 2017. This edition constitutes a technical revision.
This edition includes the following significant technical changes with respect to the previous edition:
a) Certificate components and verification of the certificate components have been added;
b) GDOI has been updated to include findings from interop tests;
c) GDOI operation considerations have been added;
d) GDOI support for PTP (IEEE 1588) support has been added as specified by IEC/IEEE 61850-9-3 Power Profile;
e) Cyber security event logging has been added as well as the mapping to IEC 62351-14;
f) Annex B with background on utilized cryptographic algorithms and mechanisms has been added.

  • Standard
    147 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN IEC 62351-4:2019/A1:2020(Amendment)
Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS and derivatives
EN IEC 62351-4:2018/A1:2020
  • Amendment
    44 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 62351-3:2015/A2:2020(Amendment)
Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
EN 62351-3:2014/A2:2020
  • Amendment
    13 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 2876:2023(Main)
Aerospace series - Nuts, hexagon, plain, reduced height, normal across flats, in aluminium alloy, anodized - Classification: 450 MPa (at ambient temperature)/120 °C
EN 2876:2023

This document specifies the characteristics of hexagonal plain nuts, reduced height, normal across flats, in aluminium alloy, anodized, for aerospace applications.

  • Standard
    8 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 13757-8:2023(Main)
Communication systems for meters - Part 8: Adaptation layer
EN 13757-8:2023

This document describes the functionalities and specifies the requirements of an Adaptation Layer to be applied when transporting M-Bus upper layers using a wireless communication protocol other than Wireless M-Bus. These alternative radio technologies developed outside CEN/TC 294 could be based on Internet Protocol or not and operate either in licensed or unlicensed frequency bands.

  • Standard
    72 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    76 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN 2591-508:2023(Main)
Aerospace series - Elements of electrical and optical connection - Part 508: Measurement of thickness of coating on contacts - Test methods
EN 2591-508:2023

This document specifies methods of measuring thickness of electro-deposited gold or gold alloys coatings on contacts of elements of connection.

  • Standard
    4 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    5 pages
    English language
    sale 10% off
    e-Library read for
    1 day
SIST
SIST EN ISO 11243:2023(Main)
Cycles - Luggage carriers for bicycles - Requirements and test methods (ISO 11243:2023)
EN ISO 11243:2023

This document specifies safety and performance requirements for the design and testing of both non cycle specific luggage carriers intended for mounting (with or without tools) and cycle specific luggage carriers mounted on complete cycles. It applies to luggage carriers intended to be positioned above and adjacent to the wheels of cycles. This document lays down guidelines for instructions on the use and care of such luggage carriers.
This document does not apply to removable luggage (for example, handlebar bags or baskets that are not permanently attached).
Toy carrier intended to be mounted on bicycles for young children in the scope of ISO 8098 are not covered by this document.

  • Standard
    40 pages
    English language
    sale 10% off
    e-Library read for
    1 day
  • Draft
    38 pages
    English language
    sale 10% off
    e-Library read for
    1 day