8/13/2019 IEC-TC57WG15

1/21

TC57 WG15 IntroductionDNP TECH COMMITTEE WORKS WITH IEC TO ADDRESS SECURITY

The DNP Technical Committee is providing a member to the International

Electrotechnical Commission (IEC) Working Group on Data and Communications

Security, at the Working Group's request. Technical Committee 57, Working

Group 15 has agreed that it should address DNP security issues because DNP

was originally derived from the IEC 60870-5 specifications. Also a factorin the group's decision was DNP's widespread use and the Working Group's

desire to address security issues throughout as much of the utility industry

as possible. A member of the technical committee will therefore serve as DNP

Liaison to Working Group 15.

The first task to be accomplished in this effort will be the development of

a Protection Profile document describing a plan for addressing DNP and IEC

60870-5 security needs. The Working Group plans to produce security

standards within the next two years.

A PowerPoint presentation describing the mandate, status, and

methodology of IEC TC57 Working Group 15 in more detail has been posted

to the User Group web site, Member Forum, PowerPoint Presentations.

Thank you to Grant Gilchrist for his efforts in providing this.

8/13/2019 IEC-TC57WG15

2/21

Introduction to IEC TC57WG15Data and Communications Security

Grant Gilchrist, GE Harris Energy Control SystemsSeptember 2000

8/13/2019 IEC-TC57WG15

3/21

TC57 WG15 Whats in a Name?

IEC: International Electrotechnical

Commission

Technical Committee 57:Power System Control and

Associated Communications

Working Group 15:Data and Communications

Security

8/13/2019 IEC-TC57WG15

4/21

TC57 WG15 Why Security? Why Now?

Everythings changing:

Use of radios allows eavesdropping

Use of others networks: X.25, CDPD,

frame relay, etc.

Integration into Corporate I.T.

Control, monitoring over Internet

Deregulation creates financialincentives for attacks

8/13/2019 IEC-TC57WG15

5/21

TC57 WG15 Mandate

Finalize the report of Ad-hoc Working

Group 6 into an IEC Technical Report

Generate New Work Items for TC57

working groups Limited to security of TC57 protocols

and their derivatives

Implement those security work items

other TC57 groups choose not to.

8/13/2019 IEC-TC57WG15

6/21

TC57 WG15 Protocols and Groups Affected

Number Scope Protocols TC57 WGs

IEC 60870-5 Telecontrol 101, 102, 103,104, DNP

13

IEC 60870-6 Control Center TASE.2 (ICCP) 7

IEC 61334 Meter Reading DLMS 9 and TC13

IEC 61850 Substations MMS, 60870-5, oth 10,11,12

IEC 61970,

61968

CC Application

Interfaces

None yet2

13,14

1Based on 60870-5 and is in widespread use; therefore in scope2In scope insofar as the APIs provide networking capability

8/13/2019 IEC-TC57WG15

7/21

TC57 WG15 Ad-Hoc WG 6 Report Tutorial on Security:

Defines terms

Lists threats

Lists vulnerabilities in TC57 protocols Describes analysis process

High-level analysis of our industry

Recommends how to proceed

8/13/2019 IEC-TC57WG15

8/21

TC57 WG15 Ad-Hoc WG 6 Recommendations

Create permanent WG15 with tasks:

Use consequence-based analysis

Provide multiple levels of security

Focus on application layer

Work together with other WGs

Address key management

Address the complete system

Use ISO Standard 15408 process

8/13/2019 IEC-TC57WG15

9/21

TC57 WG15 Consequence-Based Analysis

Look at the business processes of the industry:

Identify stakeholders

Identify processes vital to the stakeholders

Determine the worst consequences

Determine root cause of these consequences

Initial analysis by AHWG6 determined:

Focus on TASE.2 (Inter-Control Center) first Focus on application layer security first

8/13/2019 IEC-TC57WG15

10/21

TC57 WG15 Process for WG15

Based on ISO 15408: Common Criteria

Describe the Target of Evaluation

Identify assumptions about the context Identify security threats

Identify security goals to counter threats

Make recommendations to meet the goals Document in a Protection Profile

Create Security Target(s)to implement it.

8/13/2019 IEC-TC57WG15

11/21

TC57 WG15 Examples of Assumptions

The target is physically secure

The link cannot be eavesdropped upon

All operators are authorized users All users on an authorized device are

authorized

Security is always well-administered

8/13/2019 IEC-TC57WG15

12/21

TC57 WG15 Examples of Threats

Denial of Service

Replay

Traffic Analysis

Impersonation

Hijacking connections

Disgruntled insiders

Access to strong

points via weak points

8/13/2019 IEC-TC57WG15

13/21

8/13/2019 IEC-TC57WG15

14/21

TC57 WG15 Examples of Requirements

Authentication Methods

Digital Signatures

Encryption Algorithms

Key Sizes

Audit Trails

Replay Detection

8/13/2019 IEC-TC57WG15

15/21

TC57 WG15 The Protection Profile

Contains:

assumptions

goals

threats

requirements

rationale

policy issues

May share one between several protocol suites

May be more than one per protocol (i.e. levels)

The WG may produce one, or many

8/13/2019 IEC-TC57WG15

16/21

TC57 WG15 The Security Target

An implementation of the Protection Profile

The bits and bytes to implement the requirements

Specific to one Target of Evaluation (protocol)

Can be tested against the threats

8/13/2019 IEC-TC57WG15

17/21

TC57 WG15 Process Summary

Define Target of Evaluation

Recommendations

Goals

Threats

Protect ion Prof i le

Securit y Target

Assumptions

8/13/2019 IEC-TC57WG15

18/21

TC57 WG15 The Plan

Concentrating on three priority work items:

Protection Profile(s) for MMS-Based Protocols

Protection Profile(s) for 60870-5-Based Protocols

A Roadmap of Protection Profiles,Tutorial

Security Targets developed afterwards

Liaisons to the other working groups, bodies

Do they accept the work, or do we do it? Review by power community

Review by security community

8/13/2019 IEC-TC57WG15

19/21

TC57 WG15 Deliverables The AHWG 6 Technical Report

New Work Item Proposals

Protection Profiles, Security Targets, Roadmap

May document in either: The protocols spec

A WG15 standard

No std. numbers yet Two-year schedule

8/13/2019 IEC-TC57WG15

20/21

TC57 WG15 Membership Tor Aalborg, Statnett SF (Norway)

Lars Andersson ABB (Switzerland)

Rudolf Bauman, EGL (Switzerland)

Rolf Carlson, Sandia National Labs (USA) - U.S. TAG Lead

Frances Cleveland, UCI (USA) - WG14

Herb Falk, SISCO (USA) - Convenor

Frank Frenzel, ABB (Germany)

Grant Gilchrist, GE Harris (Canada) - DNP Technical Committee

Stan Klein, Stan Klein Associates (USA)

Norm Nielson, SRI Consulting (Stanford) (USA)

John Ryan, The Electricity Association (UK) - WG9 Thomas Schaub, Siemens (Switzerland) - WG3, WG9

Werner Schmitz,Siemens (Germany)

Andy Turke, Siemens (USA) - WG7

Barry Shephard, Schneider Electric (UK) - WG10, WG11, WG12

Joe Weiss, EPRI (USA) - EPRI, Instrument Society of America

8/13/2019 IEC-TC57WG15

21/21

TC57 WG15 Duties to the Industry

Be thorough

Be clear and concise

Consult all stakeholders Make it interoperable

Make it safe and secure!