Sunday, March 31, 2013

Security Standard IEC 62351-3 on its way

The Technical Specification IEC TS 62351-3, First edition, 2007-06 is underway to become an International Standard (57/1319/CDV):

Power systems management and associated information exchange –
Data and communications security –
Part 3: Communication network and system security – Profiles including TCP/IP

The CVD is out for ballot until 2013-07-05.

IEC 62351-3 specifies how to secure TCP/IP-based protocols through constraints on the
specification of the messages, procedures, and algorithms of Transport Layer Security (TLS)
(defined in RFC 5246) so that they are applicable to the telecontrol environment of IEC TC57. It is intended that this standard be referenced as a normative part of other IEC TC57 standards that have the need for providing security for their TCP/IP-based protocol.

The conformance is very strict:

8 Conformance
Conformance to this part shall be determined by the implementation of all parts of clause 5.

The definition of clause 5 could be implemented today already: the content is available in the Technical Specification IEC TS 62351-3.

There is no (and never was an) excuse to not implement quite secure communication.

No comments: