IEC TC57 WG15 - Security Status & Roadmap, TC57 Plenary, May 2007 Frances Cleveland Convenor WG15 Presented at Plenary by Herb Falk US Representative to WG15 I do this presentation on behalf of Frances Cleveland, she is unable to attend the General Assembly.

Scope of WG15 on Security Undertake the development of standards for security of the communication protocols defined by the IEC TC 57, specifically the IEC 60870-5 series, the IEC 60870-6 series, the IEC 61850 series, the IEC 61970 series, and the IEC 61968 series. Undertake the development of standards and/or technical reports on end-to-end security issues. Other notes of Interest: WG15 started as Adhoc Working 06 in 1997 (this is the WG’s 10 year anniversary). 13 Participating Countries, 32 individuals The WG15 scope is the security of the IEC TC57 defined protocols and the end-to-end security issues WG15 Status October 2005

Status of Security Documents, May 2007 IEC 62351: Data and Communications Security Part 1: Introduction Part 2: Glossary Part 3: Security for profiles including TCP/IP Part 4: Security for profiles including MMS Part 5: Security for IEC 60870-5 and derivatives Part 6: Security for IEC 61850 profiles Part 7: Objects for Network Management Part 8: Security process for power industry operations Withdrawn WG15 has elaborated an number of documents in the IEC 62351 1. These parts were sumbitted as CDs in May this year We got comments that were responded to in September and 2. We submitted CDVs for these parts 3. For Part 2 the work is ongoing 4. Part 5 is updated but there is an outstanding issue that may delay the CDV-ing of it. More on that later. Working draft, under review and discussion Submitted as DTS ver 2 January 2007. Comments being awaited Submitted as Technical Specifications in Dec 2006, being finalized by IEC WG15 Status October 2005

Security Functions vs. Threats Confidentiality Integrity Availability Non-Repudiation Unauthorized Access to Information Unauthorized Modification or Theft of Information Denial of Service or Prevention of Authorized Access Denial of Action that took place, or Claim of Action that did not take place Listening Interactions Planted in System - Actively Being Addressed Eavesdropping Traffic Analysis EM/RF Interception Indiscretions by Personnel Media Scavenging Masquerade Bypassing Controls Authorization Violation Physical Intrusion Man-in-the-Middle Integrity Violation Theft Replay Virus/Worms Trojan Horse Trapdoor Service Spoofing After-the-Fact We have the requirements on the SECURITY, we have the THREATS that we see onto the requirements And we have the ATTACKS that we see could generate the threats to the requirements. Stolen/Altered - Desired Repudiation Denial of Service Resource Exhaustion Integrity Violation Intercept/Alter Repudiation Modification WG15 Status October 2005

Being Addressed by many other bodies Security Functions, Threats, and WG15 Work Pattern Confidentiality Integrity Availability Non-Repudiation Unauthorized Access to Information Unauthorized Modification or Theft of Information Denial of Service or Prevention of Authorized Access Denial of Action that took place, or Claim of Action that did not take place Identity Establishment, Quality, and Mapping Role-Based Access Control Certificate and Key Management Tele- comm Data Backup Audit Logging Intrusion Detection Systems (IDS) Authentication Firewalls with Access Control Lists (ACL) Anti-Virus/ Spy-ware Credential Establishment, Conversion, and Renewal IEC62351 Security for TASE.2, DNP, 61850 Public Key Infrastructure (PKI) Network and System Management (NSM) Passwords Certificates Transport Level Security (TLS) Virtual Private Network (VPN) WPA2/80211.i for wireless AGA 12-1 “bump-in-the-wire” Digital Signatures CRC For these possible ATTACKS there is a number of COUNTERMEASURES. There is a need for a management of the countermeasures, that need attention from the Corporate Management and from other national and international bodies, like NERC and CIGRE Symmetric and Asymmetric Encryption (AES, DES) Security Management Security Testing, Monitoring, Change Control, and Updating Security Risk Assessment of Assets Security Compliance Reporting Being Addressed by many other bodies During-Attack Coping and Post-Attack Recovery Security Policy Exchange Security Incident and Vulnerability Reporting Security Attack Litigation Cigre, Utilities Corporate Security Policy and Management

On-Going Coordination TC57 Security (62351) Roadmap WG19 As of May 2007 Current Work NWIPs to be Issued On-Going Coordination Parts 1, 3, 4, 6 – Finalized as TS Standards Party 2: Glossary – CDV Part 5: Security for IEC 60870-5 Protocols – CDV Part 7: Network and System Management /MIBs as CD Activities in 2007 To be issued 2007 Current and Future Release Remote Changing of Update Keys for IEC 60870-5 Implementation Specification for IEC 60870-5 Conformance testing and interoperability testing Security for Access to CIM (Interfaces and RBAC) Role-Based Access Control Security Guidelines for Telecommunications Security IEC TC65C WG10 ISA, CIGRE D2.22 EPRI,NERC, PCSF National Labs IEEE PSRC IEEE Security P1711, P1686, P1689 TC57 WG03 TC57 WG07? Features Time Frame WG15 Status October 2005