Assessing the Security of IEC 62351

scite shows how a scientific paper has been cited by providing the context of the citation, a classification describing whether it supports, mentions, or contrasts the cited claim, and a label indicating in which section the citation was made.

Header Abstract Content Author and article information References Comments

Record: found
Abstract: found
Conference Proceedings: found

Is Open Access

Assessing the Security of IEC 62351

Published

proceedings-article

Author(s): Roman Schlegel , Sebastian Obermeier , Johannes Schneider

Publication date (Print): September 2015

Conference name: 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015) (ICS-CSR)

Conference theme: Industrial Control System & SCADA Cyber Security Research (ICS-CSR)

Conference date: 17 - 18 September 2015

Keywords: cyber security, IEC 62351, cyber security standard

Bookmark

Abstract

Content

Author and article information

Contributors

Roman Schlegel

Sebastian Obermeier

Johannes Schneider

Conference

Publication date: September 2015

Publication date (Print): September 2015

Pages: 11-19

Affiliations

[0001]ABB Corporate Research

Segelhofstr. 1K, Baden

Switzerland

Article

DOI: 10.14236/ewic/ICS2015.2

SO-VID: a50c986c-4c60-4364-aa14-378516f512c7

License:

This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

Conference name: 3rd International Symposium for ICS & SCADA Cyber Security Research 2015 (ICS-CSR 2015)

Conference acronym: ICS-CSR

Conference number: 3

Conference location: Germany

Conference date: 17 - 18 September 2015

Conference sponsor: Electronic Workshops in Computing (eWiC)

Conference theme: Industrial Control System & SCADA Cyber Security Research (ICS-CSR)

History

Product

1477-9358 BCS Learning & Development

Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/ICS2015.2

Self URI (journal page): https://ewic.bcs.org/

References

N AlFardan 2013 On the security of RC4 in TLS Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 13) Washington D.C 305 320
R AndersonS Fuloria 2010 security Economics and critical national infrastructure Economics of Information Security and Privacy T MooreD PymC Ioannidis Berlin, Germany Springer 55 66
J Case 1990 May Simple network management protocol (SNMP) RFC 1157 (Historic)
J Case 1996 Jan Introduction to community-based SNMPv2 RFC 1901 (Historic)
D Cooper 2008 May Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile RFC 5280 (Proposed Standard). Updated by RFC 6818
J DeepakumaraH. M HeysR Venkatesan, 2003 Performance comparison of message authentication code (MAC) algorithms for Internet protocol security (IPSEC) Proc. Newfoundland Electrical and Computer Engineering Conf
T DierksE Rescorla 2008 Aug The transport layer security (TLS) protocol version 1.2. RFC 5246 (proposed standard) Updated by RFCs 5746, 5878, 6176, 7465
D Eastlake 2011 Jan Transport layer Security (TLS) Extensions: Extension Definitions RFC 6066 (Proposed Standard)
S FriesH HofM Seewald, 2010 May Enhancing IEC 62351 to Improve security for energy automation in smart grid environments Fifth International Conference Internet and Web Applications and Services (ICIW) 135 142
S Fries 2011 Apr Security for the smart grid - enhancing IEC 62351 to improve security in energy automation control Int. J. Adv. Security 3 169 183
S Fuloria 2010 The protection of substation communications Proceedings of SCADA Security Scientific Symposium
P GuthrieT Konaris 2012 Infrastructure and resilience Government Office for Science. Tech. Rep
D HarringtonR PresuhnB Wijnen 2002 Dec An architecture for describing simple network management protocol (SNMP) management frameworks RFC 3411 (INTERNET STANDARD). Updated by RFCs 5343, 5590
IEEE Standards Association 1815-2012 2012 IEEE standard for electric power systems communications-distributed network protocol (DNP3) Available from http://standards.ieee.org/ findstds/standard/1815-2012.html
International Electrotechnical Commission IEC 61850 2010a Power utility automation Available from http://www.iec.ch/smartgrid/standards/
International Electrotechnical Commission IEC 62351 2010b Security Availbale from http://www.iec.ch/smartgrid/standards/
International Organization for Standardization ISO 9506 2014 Industrial automation systems manufacturing message specification Available from http://www.iso.org/iso/cataloguedetail.htm?csnumber=37079
A. K Lenstra 2004 Key length Contribution to The Handbook of Information Security
B MillerD Rowe 2012 A survey of SCADA and critical infrastructure incidents Proceedings of the 1st Annual Conference on Research in Information Technology, RIIT ’12 New York, NY, USA 51 56
National Institute of Standards and Technology (NIST) 2007 Mar Recommendation for key management - Part 1: general (revised) Available from http://csrc.nist.gov/publications/nistpubs/ 800-57/sp800-57-Part1-revised2 Mar08-2007.pdf
CIP (Critical Infrastructure Protection) Standards 2015 North American Electric Reliability Corporation Available from http://www.nerc.com/pa/ Stand/Pages/CIPStandards.aspx
A Popov 2015 Feb Prohibiting RC4 cipher suites RFC 7465 (Proposed Standard)
J Postel 1981a Sept Internet protocol. RFC 791 (INTERNET STANDARD) Updated by RFCs 1349, 2474, 6864
J Postel 1981b Sept Transmission control protocol. RFC 793 (INTERNET STANDARD) Updated by RFCs 1122, 3168, 6093, 6528
M RoseD Cass 1987 May ISO transport service on top of the TCP version: 3. RFC 1006 (INTERNET STANDARD) Updated by RFC 2126
M Stevens 2013 New collision attacks on SHA-1 based on optimal joint local-collision analysis Advances in Cryptology–EUROCRYPT New York Springer 245 261
K. A StoufferJ. A FalcoK. A Scarfone 2011 SP 800-82 Guide to Industrial control systems (ICS) security: Supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC) Gaithersburg, MD, USA Tech. Rep
ISA/IEC 62443 2014 The International Society of Automation (ISA) / International Electrotechnical Commission (IEC) Available from http://isa99.isa.org/ISA99%20Wiki/Home.aspx
V Bernat 2011 SSL/TLS & perfect forward secrecy Available from http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html

Comments

Comment on this article

[1] N AlFardan 2013 On the security of RC4 in TLS Presented as Part of the 22nd USENIX Security Symposium (USENIX Security 13) Washington D.C 305 320

[2] R AndersonS Fuloria 2010 security Economics and critical national infrastructure Economics of Information Security and Privacy T MooreD PymC Ioannidis Berlin, Germany Springer 55 66

[3] J Case 1990 May Simple network management protocol (SNMP) RFC 1157 (Historic)

[4] J Case 1996 Jan Introduction to community-based SNMPv2 RFC 1901 (Historic)

[5] D Cooper 2008 May Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile RFC 5280 (Proposed Standard). Updated by RFC 6818

[6] J DeepakumaraH. M HeysR Venkatesan, 2003 Performance comparison of message authentication code (MAC) algorithms for Internet protocol security (IPSEC) Proc. Newfoundland Electrical and Computer Engineering Conf

[7] T DierksE Rescorla 2008 Aug The transport layer security (TLS) protocol version 1.2. RFC 5246 (proposed standard) Updated by RFCs 5746, 5878, 6176, 7465

[8] D Eastlake 2011 Jan Transport layer Security (TLS) Extensions: Extension Definitions RFC 6066 (Proposed Standard)

[9] S FriesH HofM Seewald, 2010 May Enhancing IEC 62351 to Improve security for energy automation in smart grid environments Fifth International Conference Internet and Web Applications and Services (ICIW) 135 142

[10] S Fries 2011 Apr Security for the smart grid - enhancing IEC 62351 to improve security in energy automation control Int. J. Adv. Security 3 169 183

[11] S Fuloria 2010 The protection of substation communications Proceedings of SCADA Security Scientific Symposium

[12] P GuthrieT Konaris 2012 Infrastructure and resilience Government Office for Science. Tech. Rep

[13] D HarringtonR PresuhnB Wijnen 2002 Dec An architecture for describing simple network management protocol (SNMP) management frameworks RFC 3411 (INTERNET STANDARD). Updated by RFCs 5343, 5590

[14] IEEE Standards Association 1815-2012 2012 IEEE standard for electric power systems communications-distributed network protocol (DNP3) Available from http://standards.ieee.org/ findstds/standard/1815-2012.html

[15] International Electrotechnical Commission IEC 61850 2010a Power utility automation Available from http://www.iec.ch/smartgrid/standards/

[16] International Electrotechnical Commission IEC 62351 2010b Security Availbale from http://www.iec.ch/smartgrid/standards/

[17] International Organization for Standardization ISO 9506 2014 Industrial automation systems manufacturing message specification Available from http://www.iso.org/iso/cataloguedetail.htm?csnumber=37079

[18] A. K Lenstra 2004 Key length Contribution to The Handbook of Information Security

[19] B MillerD Rowe 2012 A survey of SCADA and critical infrastructure incidents Proceedings of the 1st Annual Conference on Research in Information Technology, RIIT ’12 New York, NY, USA 51 56

[20] National Institute of Standards and Technology (NIST) 2007 Mar Recommendation for key management - Part 1: general (revised) Available from http://csrc.nist.gov/publications/nistpubs/ 800-57/sp800-57-Part1-revised2 Mar08-2007.pdf

[21] CIP (Critical Infrastructure Protection) Standards 2015 North American Electric Reliability Corporation Available from http://www.nerc.com/pa/ Stand/Pages/CIPStandards.aspx

[22] A Popov 2015 Feb Prohibiting RC4 cipher suites RFC 7465 (Proposed Standard)

[23] J Postel 1981a Sept Internet protocol. RFC 791 (INTERNET STANDARD) Updated by RFCs 1349, 2474, 6864

[24] J Postel 1981b Sept Transmission control protocol. RFC 793 (INTERNET STANDARD) Updated by RFCs 1122, 3168, 6093, 6528

[25] M RoseD Cass 1987 May ISO transport service on top of the TCP version: 3. RFC 1006 (INTERNET STANDARD) Updated by RFC 2126

[26] M Stevens 2013 New collision attacks on SHA-1 based on optimal joint local-collision analysis Advances in Cryptology–EUROCRYPT New York Springer 245 261

[27] K. A StoufferJ. A FalcoK. A Scarfone 2011 SP 800-82 Guide to Industrial control systems (ICS) security: Supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and other control system configurations such as programmable logic controllers (PLC) Gaithersburg, MD, USA Tech. Rep

[28] ISA/IEC 62443 2014 The International Society of Automation (ISA) / International Electrotechnical Commission (IEC) Available from http://isa99.isa.org/ISA99%20Wiki/Home.aspx

[29] V Bernat 2011 SSL/TLS & perfect forward secrecy Available from http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html

UK Computing Summit 2025: Navigating change (surviving and beyond) - 29-30 April @ Sheffield Hallam University - Register here.

Assessing the Security of IEC 62351

Contributors

Conference

Affiliations

Article

History

Product

Categories

Comment on this article