A security evaluation of IEC 62351

被引：24

作者：

Schlegel, Roman ^{[1
]}

Obermeier, Sebastian ^{[1
]}

Schneider, Johannes ^{[1
]}

机构：

[1] ABB Corp Res, Segelhofstr 1K, Baden, Switzerland

来源：

JOURNAL OF INFORMATION SECURITY AND APPLICATIONS | 2017年 / 34卷

关键词：

Cyber security; IEC; 62351; Cyber security standard;

D O I：

10.1016/j.jisa.2016.05.007

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

IEC 62351 is an industry standard aimed at improving security in automation systems in the power system domain. It contains provisions to ensure the integrity, authenticity and confidentiality for different protocols used in power systems. In this article we look at the different parts of IEC 62351 and assess to what extent the standard manages to improve security in automation systems. We also point out some incongruities in the algorithms or parameters chosen in parts of the standard. Overall, we conclude that the standard can significantly improve security in power systems if applied comprehensively, but we also note that the need to preserve (partial) backwards-compatibility has led to some design choices that provide less security than could have been achieved with a more ambitious approach. (C) 2016 Elsevier Ltd. All rights reserved.

引用

页码：197 / 204

页数：8

共 50 条

[41] 变电站内传输IEC 62351通信密钥的加密传输方法
方芳
李广华
汪冬辉
宣晓华
中国电力, 2019, 52 (10) : 26 - 30+122
[42] Security, Cost, and Operational Benefits of IEC-61850
Klein, Stanley A.
2008 IEEE POWER & ENERGY SOCIETY GENERAL MEETING, VOLS 1-11, 2008, : 2618 - 2620
[43] The Research on the Configurating Technology and Application Security of IEC 61850
Huang Wen-hua
Li Yong
12TH ANNUAL MEETING OF CHINA ASSOCIATION FOR SCIENCE AND TECHNOLOGY ON INFORMATION AND COMMUNICATION TECHNOLOGY AND SMART GRID, 2010, : 448 - +
[44] Use of IEC 61850 to increase the security of the protection system
Bonetti, Andrea
Zhu, Hongliang
Ignatovski, Nikolay
2021 IEEE 3RD GLOBAL POWER, ENERGY AND COMMUNICATION CONFERENCE (IEEE GPECOM2021), 2021, : 220 - 226
[45] Standardizing Industrial IT Security - A First Look at the IEC approach
Naedele, Martin
ETFA 2005: 10TH IEEE INTERNATIONAL CONFERENCE ON EMERGING TECHNOLOGIES AND FACTORY AUTOMATION, VOL 2, PROCEEDINGS, 2005,
[46] ISO/IEC Competence Requirements for Information Security Professionals
Miloslayskaya, Natalia
Tolstoy, Alexander
INFORMATION SECURITY EDUCATION FOR A GLOBAL DIGITAL SOCIETY, WISE 10, 2017, 503 : 135 - 146
[47] Security Improvement of an RFID Security Protocol of ISO/IEC WD 29167-6
Song, Boyeon
Hwang, Jung Yeon
Shim, Kyung-Ah
IEEE COMMUNICATIONS LETTERS, 2011, 15 (12) : 1375 - 1377
[48] Analysis the priority of security requirement items for the process improvement by ISO/IEC 15504 and ISO/IEC 15408
Lee, Eun-Ser
Kim, Haeng-Kon
Hwang, Sun-Myoung
SERA 2007: 5TH ACIS INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING RESEARCH, MANAGEMENT, AND APPLICATIONS, PROCEEDINGS, 2007, : 25 - +
[49] IEC-based neutron generator for security inspection system
Miley, GH
Wu, L
Kim, HJ
JOURNAL OF RADIOANALYTICAL AND NUCLEAR CHEMISTRY, 2005, 263 (01) : 159 - 164
[50] Supporting Verification and Validation of Security Targets with ISO/IEC 15408
Bao, Da
Miura, Junichi
Zhang, Ning
Goto, Yuichi
Cheng, Jingde
PROCEEDINGS 2013 INTERNATIONAL CONFERENCE ON MECHATRONIC SCIENCES, ELECTRIC ENGINEERING AND COMPUTER (MEC), 2013, : 2621 - 2628

← 1 2 3 4 5 →