1、 IEC/TS 62351-5 Edition 2.0 2013-04 TECHNICAL SPECIFICATION Power systems management and associated information exchange Data and communications security Part 5:Security for IEC 60870-5 and derivatives IEC/TS 62351-5:2013(E)Copyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.
2、,downloaded on Nov-27-2014 by James Madison.No further reproduction or distribution is permitted.Uncontrolled when printed.THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2013 IEC,Geneva,Switzerland All rights reserved.Unless otherwise specified,no part of this publication may be reproduced or uti
3、lized in any form or by any means,electronic or mechanical,including photocopying and microfilm,without permission in writing from either IEC or IECs member National Committee in the country of the requester.If you have any questions about IEC copyright or have an enquiry about obtaining additional
4、rights to this publication,please contact the address below or your local IEC member National Committee for further information.IEC Central Office Tel.:+41 22 919 02 11 3,rue de Varemb Fax:+41 22 919 03 00 CH-1211 Geneva 20 infoiec.ch Switzerland www.iec.ch About the IEC The International Electrotec
5、hnical Commission(IEC)is the leading global organization that prepares and publishes International Standards for all electrical,electronic and related technologies.About IEC publications The technical content of IEC publications is kept under constant review by the IEC.Please make sure that you have
6、 the latest edition,a corrigenda or an amendment might have been published.Useful links:IEC publications search-www.iec.ch/searchpub The advanced search enables you to find IEC publications by a variety of criteria(reference number,text,technical committee,).It also gives information on projects,rep
7、laced and withdrawn publications.IEC Just Published-webstore.iec.ch/justpublished Stay up to date on all new IEC publications.Just Published details all new publications released.Available on-line and also once a month by email.Electropedia-www.electropedia.org The worlds leading online dictionary o
8、f electronic and electrical terms containing more than 30 000 terms and definitions in English and French,with equivalent terms in additional languages.Also known as the International Electrotechnical Vocabulary(IEV)on-line.Customer Service Centre-webstore.iec.ch/csc If you wish to give us your feed
9、back on this publication or need further assistance,please contact the Customer Service Centre:csciec.ch.Copyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-27-2014 by James Madison.No further reproduction or distribution is permitted.Uncontrolled when prin
10、ted.IEC/TS 62351-5 Edition 2.0 2013-04 TECHNICAL SPECIFICATION Power systems management and associated information exchange Data and communications security Part 5:Security for IEC 60870-5 and derivatives INTERNATIONAL ELECTROTECHNICAL COMMISSION XE ICS 33.200 PRICE CODE ISBN 978-2-83220-732-1 Regis
11、tered trademark of the International Electrotechnical Commission Warning!Make sure that you obtained this publication from an authorized distributor.Copyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-27-2014 by James Madison.No further reproduction or dist
12、ribution is permitted.Uncontrolled when printed.2 TS 62351-5 IEC:2013(E)CONTENTS FOREWORD.6 1 Scope and object.8 2 Normative references.9 3 Terms and definitions.10 4 Abbreviated terms.11 5 Problem description(informative).11 5.1 Overview of clause.11 5.2 Specific threats addressed.11 5.3 Design iss
13、ues.11 5.3.1 Overview of subclause.11 5.3.2 Asymmetric communications.11 5.3.3 Message-oriented.12 5.3.4 Poor sequence numbers or no sequence numbers.12 5.3.5 Limited processing power.12 5.3.6 Limited bandwidth.12 5.3.7 No access to authentication server.12 5.3.8 Limited frame length.13 5.3.9 Limite
14、d checksum.13 5.3.10 Radio systems.13 5.3.11 Dial-up systems.13 5.3.12 Variety of protocols affected.13 5.3.13 Differing data link layers.14 5.3.14 Long upgrade intervals.14 5.3.15 Remote sites.14 5.3.16 Multiple users.14 5.3.17 Unreliable media.14 5.4 General principles.14 5.4.1 Overview of subclau
15、se.14 5.4.2 Authentication only.14 5.4.3 Application layer only.15 5.4.4 Generic definition mapped onto different protocols.15 5.4.5 Bi-directional.15 5.4.6 Challenge-response.15 5.4.7 Pre-shared keys as default option.15 5.4.8 Backwards tolerance.15 5.4.9 Upgradeable.16 5.4.10 Perfect forward secre
16、cy.16 5.4.11 Multiple users and auditing.16 6 Theory of operation(informative).16 6.1 Overview of clause.16 6.2 Narrative description.16 6.2.1 Basic concepts.16 6.2.2 Initiating the challenge.17 6.2.3 Replying to the challenge.17 6.2.4 Authenticating.18 6.2.5 Authentication failure.18 Copyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-27-2014 by James Madison.No further reproduction or distribution is permitted.Uncontrolled when printed.TS 62351-5
