IEC 62351 - Securing Data Communication in the Power Sector

The power industry, a fundamental backbone of any developed and developing nation, requires the robustness of secure communication systems to ensure reliable operations. As power systems transitioned from isolated, standalone entities to interconnected, communicative networks, the necessity for a comprehensive security standard became evident.

In this digital age, the dependence on computer networks for managing power grid systems is escalating, bringing along the risk of cybersecurity threats. Recognizing this growing need, the International Electrotechnical Commission (IEC) embarked on developing the IEC 62351 standard, a security protocol for power system management and associated information exchange. It specifically addresses the issue of data and communication security in modern power systems, which is of paramount importance in the power industry.

?

IEC 62351: An Overview

IEC62351 is a series of standards designed to provide end-to-end cybersecurity for power system communication. These standards are developed by IEC's Technical Committee 57, working group 15, and cover communication protocols commonly used in the electric power industry.

Its primary objective is to develop standards for securing communication protocols defined by IEC TC 57, including IEC 60870-5, IEC 60870-6, IEC 61850, IEC 61970, and IEC 61968. The series also aims to address end-to-end security issues.

IEC TC57 Scope:

IEC's Technical Committee 57 (TC 57) is tasked with preparing international standards for power systems control equipment and systems. This encompasses Energy Management Systems (EMS), Supervisory Control And Data Acquisition (SCADA), distribution automation, teleprotection, and associated real-time and non-real-time information exchange. These systems are crucial for the planning, operation, and maintenance of power systems.

TC 57 consists of several working groups. Each of these working groups would typically be tasked with developing and maintaining standards within their area of focus.

Some of the key standards developed by TC57 are listed below:

IEC 60870-5: This is a standard for power system control and associated communications. It provides telecontrol protocol specifications for sending electrically isolated information between control systems and remote devices such as switches and sensors. It's designed to send control information over various types of networks, including direct wired connection, fiber optic, and wireless.

IEC 60870-6: This standard defines methods for inter-control center communication. It enables the exchange of information and commands among different control centers, supporting coordinated operations across wider regions. This is particularly important for synchronized operations in interconnected power networks.

IEC 61850: This standard focuses on the communication within substations, defining a unified method of communication for equipment from different vendors. It includes a broad suite of services, including real-time data transmission, logging, and diagnostics. Its goal is to ensure interoperability, a key factor in modern power grid operations.

IEC 61970: This is the Energy Management System Application Program Interface (EMS-API) standard, and it pertains to the exchange of information for network analysis and power system management. It provides a common data model and messaging structure to ensure reliable and efficient communication between energy management systems.

IEC 61968: This standard is for the interfaces for distribution management. These set of standards is used for information exchange in distribution management systems including functions like network operations, work management, supply chain and outage management. It's part of the Common Information Model (CIM), which is a unified data model to enable different systems and software to communicate effectively.

IEC62351 Consists of the following Standards (Technical Specifications + Technical Reports):

IEC TS 62351-1:2007

Introduction to the standard

IEC TS 62351-2:2008

Glossary of terms

IEC 62351-3:2023

Communication network and system security - Profiles including TCP/IP

IEC 62351-4:2018

Profiles including MMS and derivatives

IEC 62351-5: 2023

Security for IEC 60870-5 and derivatives

IEC 62351-6: 2020

Security for IEC 61850

IEC 62351-7: 2017

Network and System Management (NSM) data object models

IEC 62351-8: 2020

Role-based access control for power system management

IEC 62351-9: 2023

Cyber security key management for power system equipment

IEC TR 62351-10: 2012

Security architecture guidelines

IEC 62351-11: 2016

Security for XML documents

IEC TR 62351-12: 2016

Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems

IEC TR 62351-13: 2016

Guidelines on security topics to be covered in standards and specifications

IEC TR 62351-90-1:2018

Guidelines for handling role-based access control in power systems

IEC TR 62351-90-2:2018

Deep packet inspection of encrypted communications

IEC TR 62351-90-3:2021

Guidelines for network and system management

IEC TS 62351-100-1:2018

Conformance test cases for IEC TS 62351-5 and IEC TS 60870-5-7

IEC TS 62351-100-3:2020

Conformance test cases for the IEC 62351-3, the secure communication extension for profiles including TCP/IP

IEC TS 62351-100-6:2022

Cybersecurity conformance testing for IEC 61850-8-1 and IEC 61850-9-2

The specific objectives of the IEC 62351 series are as follows:

IEC 62351-1 serves as an introduction to the other parts of the standard, providing an overview of information security in power system operations.

IEC 62351-3 to IEC 62351-6 specify security standards for the communication protocols (like TCP/IP, MMS, IEC60870-5, IEC 61850) defined by IEC TC 57. These standards offer different levels of protocol security based on specific implementations, ensuring backward compatibility and phased deployments.

IEC 62351-7 focuses on enhancing the management of communication networks supporting power system operations. It addresses a specific area of end-to-end information security.

Additional parts of the standard are expected to be developed to cover more areas of information security in power system operations.

The IEC TC57 communication standards and the IEC 62351 security standards do not align on a one-to-one basis because many of the communication standards leverage the same foundational standards at various layers. This means that a single IEC 62351 security standard might apply to several IEC TC57 communication standards, rather than having a separate corresponding security standard for each one. This complex interplay between the communication and security standards of IEC TC57 and IEC 62351 is visually represented in Figure 1.

With the rising dependence on data for power system operations, the power industry must now oversee two integral infrastructures: the traditional Power System Infrastructure, as well as the emerging Information Infrastructure. The power system's management is becoming more reliant on this information infrastructure, driven by factors such as the ongoing shift from manual to automated operations, the need for precise and real-time information due to market pressures, and the ageing of power system equipment. Consequently, any issues within the information infrastructure can have a significant impact on the reliability of the power system. This necessitates that the information infrastructure is managed with an equivalent degree of reliability to support the essential stability of the power system infrastructure.

Applying Security to Power System Operations

The power industry's growing reliance on digital technologies makes it crucial to apply robust security measures to power system operations. The integration of physical security with cybersecurity measures, including the implementation of standards such as IEC62351, can help to protect these critical infrastructures. As the landscape of threats continues to evolve, the industry must remain proactive in enhancing its security measures, ensuring the reliability and resilience of power systems now and in the future.

Physical Security: This includes measures designed to protect physical assets such as power plants, substations, transformers, and transmission lines. These can range from surveillance systems and controlled access mechanisms to disaster-resistant structures and regular inspections.

Cybersecurity: As power systems become more reliant on digital communication and control, ensuring the integrity and confidentiality of data is essential. Cybersecurity measures include secure communication protocols, encryption, intrusion detection systems, firewalls, secure hardware, and secure access controls.

Applying the IEC62351 Standards:

Secure Communication: By providing standards for encrypted and authenticated communication, IEC62351 helps to ensure the integrity and confidentiality of operational data.

Role-Based Access Control: IEC62351 outlines standards for managing access rights for different users, helping to prevent unauthorized access to critical systems.

Key Management: With guidelines for managing encryption keys in power system equipment, IEC62351 aids in maintaining the confidentiality of sensitive data.

System and Network Management: By defining data objects for network and system management, IEC62351 helps in managing the overall security of power system operations.

?