Monday, July 21, 2014

Security for XML based System and Device Configuration Information

Discussion on the protection of configuration information can be found HERE (just one blog post down). Please note that IEC TC 57 is working on a new part for series IEC 62351 (Data and communications security):

IEC 62351-11 Ed.1:
Power systems management and associated information exchange - Data and communications security – Part 11: Security for XML Files

The key objectives of this proposal are:

  • Provide a mechanism to authenticate the source of the file.
  • Provide a mechanism for tamper detection.
  • Provide these security mechanisms in a manner that maintains as much compatibility with the current CIM, SCL, and other XML formats as possible.
  • Provide a mechanism so that a source of data can identify what data may or may not be made available to other entities in addition to the initial receiving entity.

It is crucial for the whole industry to support these kinds of standardization projects. The user communities have to pay anyway: now or later.

We have that many good standards and draft material that should be implemented soon to make sure that we can keep control over a wide range of infrastructures.

Click HERE to download an White Paper on Security Standards in IEC TC57 written by Frances Cleveland, WG 15 Convenor [pdf].

No comments: