Wednesday, November 30, 2016

Draft IEC 62351-90-2 Deep Packet Inspection (DPI) of encrypted communications

IEC TC 57 just published a very crucial draft document proposing a new topic to the security of communication in power delivery systems applicable to DNP3, IEC 60870-5-104, IEC 60870-6 (TASE.2), IEC 61850 and the like:
Proposed draft for IEC TR 62351-90-2, Power systems management and associated information exchange – Data and communications security –
Part 90-2 Deep Packet Inspection (DPI) of encrypted communications

The standard series IEC 62351 comprises methods to secure communication channels between IEDs and between IEDs and SCADA systems. Complex communication networks have to be monitored and health-checked properly, both from an operational and from a security perspective.
The monitoring process used is called Deep Packet Inspection (DPI), and relies on the availability of the whole payload for inspection. The need for DPI on communication channels between IEDs and SCADA and/or between IEDs by an independent third party is really important.
This report serves as a guide for the implementation of DPI in encrypted communications. It is intended as an overview of existing and possible new solutions for DPI, analyzing the impact on several factors, including security, performance and cost.

No comments: