Showing posts with label IEC 62351-8. Show all posts
Showing posts with label IEC 62351-8. Show all posts

Monday, March 25, 2019

New TC 57 CDVs For Public Comments Posted

IEC TC 57 has posted two new CDVs for public comments (for everybody to read the document for free):

57/2068/CDV
IEC 62351-3/AMD2 ED1: Amendment 2 - Power systems management and associated information exchange - Data and communications security -
Part 3: Communication network and system security - Profiles including TCP/IP 

57/2069/CDV (67 pages)
IEC 62351-8 ED1: Power systems management and associated information exchange - Data and communications security -
Part 8: Role-based access control 
This effort will transform the existing IEC TS 62351-8 ED1 from an IEC TS (Technical Specification) into an IS (International Standard) ED1
Excerpt from the Scope:
"The scope of this standard is to facilitate role-based access control (RBAC) for power system management. RBAC assigns human users, automated systems, and software applications (called “subjects” in this document) to specified “roles”, and restricts their access to only those resources, which the security policies identify as necessary for their roles.
As electric power systems become more automated and cyber security concerns become more prominent, it is becoming increasingly critical to ensure that access to data (read, write, control, etc.) is restricted. As in many aspects of security, RBAC is not just a technology; it is a way of running a business. RBAC is not a new concept; in fact, it is used by many operating systems to control access to system resources. Specifically, RBAC provides an alternative to the all-or-nothing super-user model in which all subjects have access to all data, including control commands. ..."
Be aware that RBAC is required in systems where multiple clients (in the sense of, e.g., IEC 61850) need to access a server. One use case is where multiple power market participants want to manage a power resource. 
Posted by at No comments:
Labels: , , , , , ,

Sunday, July 8, 2018

Role-based Access Control - On its way to become Standard

IEC 62351-8 is on its way to become an IEC Standard (57/2017/CD):

Power systems management and associated information exchange – Data and communications security –
Part 8: Role-based access control

The part 8 is currently a Technical Specification. This will change in the next step.

The 62 page CD has been published for commenting until 2018-09-28

"This document provides standard for access control in power systems. The power system
environment supported by this standard is enterprise-wide and extends beyond traditional
borders to include external providers, suppliers, and other energy partners. ...

The following interactions are in scope:

  • local (direct wired) access to the object by a human user;
  • local (direct wired) access to the object by a local and automated computer agent, e.g. another object at the field site;
  • direct access by a user to the object using the objects’ built-in HMI or panel;
  • remote (via dial-up or wireless media) access to the object by a human user;
  • remote (via dial-up or wireless media) access to the object by a remote automated computer agent, e.g. another object at another substation, a distributed energy resource at an end-user’s facility, or a control centre application."
Posted by at No comments:
Labels: , , ,
Subscribe to: Posts (Atom)