Skip to content
Please enter a keyword to search

  • IEC 62351-9:2017

    View superseded by
    Superseded A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
    View superseded by

    Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment

    Available format(s):  Hardcopy, PDF, PDF 3 Users, PDF 5 Users, PDF 9 Users

    Superseded date:  06-06-2023

    Language(s):  English - French, English

    Published date:  18-05-2017

    Publisher:  International Electrotechnical Committee

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    FOREWORD
    1 Scope
    2 Normative references
    3 Terms and definitions
    4 Abbreviations and acronyms
    5 Cryptographic applications for power system
       implementations
    6 Key management concepts and methods in power
       system operations
    7 General key management requirements
    8 Asymmetric key management
    9 Symmetric key management
    10 Connections to the IEC 62351 parts and other
       IEC documents
    Annex A (normative) - Protocol Implementation
            Conformance Statement (PICS)
    Annex B (informative) - Random Number Generation
            (RNG)
    Annex C (informative) - Certificate enrolment and
            renewal flowcharts
    Annex D (informative) - Examples of certificate
            profiles
    Bibliography

    Abstract - (Show below) - (Hide below)

    IEC 62351-9:2017 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.

    General Product Information - (Show below) - (Hide below)

    Committee TC 57
    Development Note Stability Date: 2018. (05/2017)
    Document Type Standard
    Publisher International Electrotechnical Committee
    Status Superseded
    Superseded By

    Standards Referenced By This Book - (Show below) - (Hide below)

    BS EN 62351-7:2017 Power systems management and associated information exchange. Data and communications security Network and System Management (NSM) data object models
    CEI EN 62351-11 : 1ED 2017 POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 11: SECURITY FOR XML DOCUMENTS
    13/30282299 DC : 0 BS EN 62351-3 - POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 3 : COMMUNICATION NETWORK AND SYSTEM SECURITY - PROFILES INCLUDING TCP/IP
    17/30355602 DC : 0 BS EN 62351-4 ED.1.0 - POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 4: PROFILES INCLUDING MMS
    IEC 62351-3:2014+AMD1:2018 CSV Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
    IEC 62351-7:2017 Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models
    IEC TR 62351-12:2016 Power systems management and associated information exchange - Data and communications security - Part 12: Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems
    17/30358185 DC : 0 BS EN 61850-8-1+A1 - COMMUNICATION NETWORKS AND SYSTEMS FOR POWER UTILITY AUTOMATION - PART 8-1: SPECIFIC COMMUNICATION SERVICE MAPPING (SCSM) - MAPPINGS TO MMS (ISO 9506-1 AND ISO 9506-2) AND TO ISO/IEC 8802-3
    IEC TR 62351-90-1:2018 Power systems management and associated information exchange - Data and communications security - Part 90-1: Guidelines for handling role-based access control in power systems
    PD IEC/TR 62351-12:2016 Power systems management and associated information exchange. Data and communications security Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems
    PD IEC/TR 61850-90-2:2016 Communication networks and systems for power utility automation Using IEC 61850 for communication between substations and control centres
    EN 62351-7:2017 Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models
    I.S. EN 62351-7:2017 POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 7: NETWORK AND SYSTEM MANAGEMENT (NSM) DATA OBJECT MODELS
    IEC TR 62351-13:2016 Power systems management and associated information exchange - Data and communications security - Part 13: Guidelines on security topics to be covered in standards and specifications
    IEC TR 61850-90-2:2016 Communication networks and systems for power utility automation - Part 90-2: Using IEC 61850 for communication between substations and control centres

    Standards Referencing This Book - (Show below) - (Hide below)

    FIPS PUB 140 : 0001 SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
    IEC TS 62351-3:2007 Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP
    IEC TS 62351-6:2007 Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850
    ISO/IEC 11770-2:2008 Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques
    IEC TS 62351-4:2007 Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS
    ISO/IEC 9834-1:2012 Information technology — Procedures for the operation of object identifier registration authorities — Part 1: General procedures and top arcs of the international object identifier tree
    IEC TS 62351-2:2008 Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms
    ISO/IEC 8802-3:2000 Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 3: Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications
    ISO/IEC 19790:2012 Information technology — Security techniques — Security requirements for cryptographic modules
    ISO/IEC 9594-8:2017 Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
    IEC TS 62351-5:2013 Power systems management and associated information exchange - Data and communications security - Part 5: Security for IEC 60870-5 and derivatives
    IEC TR 62351-12:2016 Power systems management and associated information exchange - Data and communications security - Part 12: Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems
    IEEE 1686-2013 IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities
    IEC TS 62351-1:2007 Power systems management and associated information exchange - Data and communications security - Part 1: Communication network and system security - Introduction to security issues
    IEEE 1588-2008 REDLINE IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems
    ISO/IEC 11770-1:2010 Information technology Security techniques Key management Part 1: Framework
    IEC TS 62351-8:2011 Power systems management and associated information exchange - Data and communications security - Part 8: Role-based access control
    ISO/IEC 11770-3:2015 Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective