IEC 62351-9:2017
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Power systems management and associated information exchange - Data and communications security - Part 9: Cyber security key management for power system equipment
Hardcopy , PDF , PDF 3 Users , PDF 5 Users , PDF 9 Users
06-06-2023
English - French, English
18-05-2017
Important note : Users cannot be edited or removed once added to your Multi user PDF.
FOREWORD
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations and acronyms
5 Cryptographic applications for power system
implementations
6 Key management concepts and methods in power
system operations
7 General key management requirements
8 Asymmetric key management
9 Symmetric key management
10 Connections to the IEC 62351 parts and other
IEC documents
Annex A (normative) - Protocol Implementation
Conformance Statement (PICS)
Annex B (informative) - Random Number Generation
(RNG)
Annex C (informative) - Certificate enrolment and
renewal flowcharts
Annex D (informative) - Examples of certificate
profiles
Bibliography
IEC 62351-9:2017 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle public-key certificates and cryptographic keys to protect digital data and its communication. Included in the scope is the handling of asymmetric keys (e.g. private keys and public-key certificates), as well as symmetric keys for groups (GDOI). This document assumes that other standards have already chosen the type of keys and cryptography that will be utilized, since the cryptography algorithms and key materials chosen will be typically mandated by an organization’s own local security policies and by the need to be compliant with other international standards. This document therefore specifies only the management techniques for these selected key and cryptography infrastructures. The objective is to define requirements and technologies to achieve interoperability of key management. The purpose of this document is to guarantee interoperability among different vendors by specifying or limiting key management options to be used. This document assumes that the reader understands cryptography and PKI principles.
| Committee |
TC 57
|
| DevelopmentNote |
Stability Date: 2018. (05/2017)
|
| DocumentType |
Standard
|
| Pages |
191
|
| PublisherName |
International Electrotechnical Committee
|
| Status |
Superseded
|
| SupersededBy |
| Standards | Relationship |
| EN 62351-9:2017 | Identical |
| BS EN 62351-9:2017 | Identical |
| NEN EN IEC 62351-9 : 2017 | Identical |
| DS EN 62351-9 : 2017 | Identical |
| IS/IEC 62351 : Part 9 : 2017 | Identical |
| PNE-prEN 62351-9:2016 | Identical |
| DIN EN 62351-9 : 2018 | Identical |
| PN EN 62351-9 : 2017 | Identical |
| UNE-EN 62351-9:2017 | Identical |
| VDE 0112-351-9 : 2018 | Identical |
| CEI EN 62351-9 : 1ED 2017 | Identical |
| BS EN 62351-7:2017 | Power systems management and associated information exchange. Data and communications security Network and System Management (NSM) data object models |
| CEI EN 62351-11 : 1ED 2017 | POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 11: SECURITY FOR XML DOCUMENTS |
| 13/30282299 DC : 0 | BS EN 62351-3 - POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 3 : COMMUNICATION NETWORK AND SYSTEM SECURITY - PROFILES INCLUDING TCP/IP |
| 17/30355602 DC : 0 | BS EN 62351-4 ED.1.0 - POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 4: PROFILES INCLUDING MMS |
| IEC 62351-3:2014+AMD1:2018 CSV | Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP |
| IEC 62351-7:2017 | Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models |
| IEC TR 62351-12:2016 | Power systems management and associated information exchange - Data and communications security - Part 12: Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems |
| 17/30358185 DC : 0 | BS EN 61850-8-1+A1 - COMMUNICATION NETWORKS AND SYSTEMS FOR POWER UTILITY AUTOMATION - PART 8-1: SPECIFIC COMMUNICATION SERVICE MAPPING (SCSM) - MAPPINGS TO MMS (ISO 9506-1 AND ISO 9506-2) AND TO ISO/IEC 8802-3 |
| IEC TR 62351-90-1:2018 | Power systems management and associated information exchange - Data and communications security - Part 90-1: Guidelines for handling role-based access control in power systems |
| PD IEC/TR 62351-12:2016 | Power systems management and associated information exchange. Data and communications security Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems |
| PD IEC/TR 61850-90-2:2016 | Communication networks and systems for power utility automation Using IEC 61850 for communication between substations and control centres |
| EN 62351-7:2017 | Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models |
| I.S. EN 62351-7:2017 | POWER SYSTEMS MANAGEMENT AND ASSOCIATED INFORMATION EXCHANGE - DATA AND COMMUNICATIONS SECURITY - PART 7: NETWORK AND SYSTEM MANAGEMENT (NSM) DATA OBJECT MODELS |
| IEC TR 62351-13:2016 | Power systems management and associated information exchange - Data and communications security - Part 13: Guidelines on security topics to be covered in standards and specifications |
| IEC TR 61850-90-2:2016 | Communication networks and systems for power utility automation - Part 90-2: Using IEC 61850 for communication between substations and control centres |
| FIPS PUB 140 : 0001 | SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES |
| IEC TS 62351-3:2007 | Power systems management and associated information exchange - Data and communications security - Part 3: Communication network and system security - Profiles including TCP/IP |
| IEC TS 62351-6:2007 | Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850 |
| ISO/IEC 11770-2:2008 | Information technology Security techniques Key management Part 2: Mechanisms using symmetric techniques |
| IEC TS 62351-4:2007 | Power systems management and associated information exchange - Data and communications security - Part 4: Profiles including MMS |
| ISO/IEC 9834-1:2012 | Information technology — Procedures for the operation of object identifier registration authorities — Part 1: General procedures and top arcs of the international object identifier tree |
| IEC TS 62351-2:2008 | Power systems management and associated information exchange - Data and communications security - Part 2: Glossary of terms |
| ISO/IEC 8802-3:2000 | Information technology Telecommunications and information exchange between systems Local and metropolitan area networks Specific requirements Part 3: Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications |
| ISO/IEC 19790:2012 | Information technology — Security techniques — Security requirements for cryptographic modules |
| ISO/IEC 9594-8:2017 | Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks |
| IEC TS 62351-5:2013 | Power systems management and associated information exchange - Data and communications security - Part 5: Security for IEC 60870-5 and derivatives |
| IEC TR 62351-12:2016 | Power systems management and associated information exchange - Data and communications security - Part 12: Resilience and security recommendations for power systems with distributed energy resources (DER) cyber-physical systems |
| IEEE 1686-2013 | IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities |
| IEC TS 62351-1:2007 | Power systems management and associated information exchange - Data and communications security - Part 1: Communication network and system security - Introduction to security issues |
| IEEE 1588-2008 REDLINE | IEEE Standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems |
| ISO/IEC 11770-1:2010 | Information technology Security techniques Key management Part 1: Framework |
| IEC TS 62351-8:2011 | Power systems management and associated information exchange - Data and communications security - Part 8: Role-based access control |
| ISO/IEC 11770-3:2015 | Information technology Security techniques Key management Part 3: Mechanisms using asymmetric techniques |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.