Presentation is loading. Please wait.

Presentation is loading. Please wait.

IEC TC57 WG15 - Security Status & Roadmap, TC57 Plenary, May 2007

Published byDinah Fitzgerald Modified over 8 years ago

Similar presentations

Presentation on theme: "IEC TC57 WG15 - Security Status & Roadmap, TC57 Plenary, May 2007"— Presentation transcript:

1 IEC TC57 WG15 - Security Status & Roadmap, TC57 Plenary, May 2007
Frances Cleveland Convenor WG15 Presented at Plenary by Herb Falk US Representative to WG15 I do this presentation on behalf of Frances Cleveland, she is unable to attend the General Assembly.

2 Scope of WG15 on Security Undertake the development of standards for security of the communication protocols defined by the IEC TC 57, specifically the IEC series, the IEC series, the IEC series, the IEC series, and the IEC series. Undertake the development of standards and/or technical reports on end-to-end security issues. Other notes of Interest: WG15 started as Adhoc Working 06 in 1997 (this is the WG’s 10 year anniversary). 13 Participating Countries, 32 individuals The WG15 scope is the security of the IEC TC57 defined protocols and the end-to-end security issues WG15 Status October 2005

3 Status of Security Documents, May 2007
IEC 62351: Data and Communications Security Part 1: Introduction Part 2: Glossary Part 3: Security for profiles including TCP/IP Part 4: Security for profiles including MMS Part 5: Security for IEC and derivatives Part 6: Security for IEC profiles Part 7: Objects for Network Management Part 8: Security process for power industry operations Withdrawn WG15 has elaborated an number of documents in the IEC 62351 1. These parts were sumbitted as CDs in May this year We got comments that were responded to in September and 2. We submitted CDVs for these parts 3. For Part 2 the work is ongoing 4. Part 5 is updated but there is an outstanding issue that may delay the CDV-ing of it. More on that later. Working draft, under review and discussion Submitted as DTS ver 2 January Comments being awaited Submitted as Technical Specifications in Dec 2006, being finalized by IEC WG15 Status October 2005

4 Security Functions vs. Threats
Confidentiality Integrity Availability Non-Repudiation Unauthorized Access to Information Unauthorized Modification or Theft of Information Denial of Service or Prevention of Authorized Access Denial of Action that took place, or Claim of Action that did not take place Listening Interactions Planted in System - Actively Being Addressed Eavesdropping Traffic Analysis EM/RF Interception Indiscretions by Personnel Media Scavenging Masquerade Bypassing Controls Authorization Violation Physical Intrusion Man-in-the-Middle Integrity Violation Theft Replay Virus/Worms Trojan Horse Trapdoor Service Spoofing After-the-Fact We have the requirements on the SECURITY, we have the THREATS that we see onto the requirements And we have the ATTACKS that we see could generate the threats to the requirements. Stolen/Altered - Desired Repudiation Denial of Service Resource Exhaustion Integrity Violation Intercept/Alter Repudiation Modification WG15 Status October 2005

5 Being Addressed by many other bodies
Security Functions, Threats, and WG15 Work Pattern Confidentiality Integrity Availability Non-Repudiation Unauthorized Access to Information Unauthorized Modification or Theft of Information Denial of Service or Prevention of Authorized Access Denial of Action that took place, or Claim of Action that did not take place Identity Establishment, Quality, and Mapping Role-Based Access Control Certificate and Key Management Tele- comm Data Backup Audit Logging Intrusion Detection Systems (IDS) Authentication Firewalls with Access Control Lists (ACL) Anti-Virus/ Spy-ware Credential Establishment, Conversion, and Renewal IEC62351 Security for TASE.2, DNP, 61850 Public Key Infrastructure (PKI) Network and System Management (NSM) Passwords Certificates Transport Level Security (TLS) Virtual Private Network (VPN) WPA2/80211.i for wireless AGA 12-1 “bump-in-the-wire” Digital Signatures CRC For these possible ATTACKS there is a number of COUNTERMEASURES. There is a need for a management of the countermeasures, that need attention from the Corporate Management and from other national and international bodies, like NERC and CIGRE Symmetric and Asymmetric Encryption (AES, DES) Security Management Security Testing, Monitoring, Change Control, and Updating Security Risk Assessment of Assets Security Compliance Reporting Being Addressed by many other bodies During-Attack Coping and Post-Attack Recovery Security Policy Exchange Security Incident and Vulnerability Reporting Security Attack Litigation Cigre, Utilities Corporate Security Policy and Management

6 On-Going Coordination
TC57 Security (62351) Roadmap WG19 As of May 2007 Current Work NWIPs to be Issued On-Going Coordination Parts 1, 3, 4, 6 – Finalized as TS Standards Party 2: Glossary – CDV Part 5: Security for IEC Protocols – CDV Part 7: Network and System Management /MIBs as CD Activities in 2007 To be issued 2007 Current and Future Release Remote Changing of Update Keys for IEC Implementation Specification for IEC Conformance testing and interoperability testing Security for Access to CIM (Interfaces and RBAC) Role-Based Access Control Security Guidelines for Telecommunications Security IEC TC65C WG10 ISA, CIGRE D2.22 EPRI,NERC, PCSF National Labs IEEE PSRC IEEE Security P1711, P1686, P1689 TC57 WG03 TC57 WG07? Features Time Frame WG15 Status October 2005

Download ppt "IEC TC57 WG15 - Security Status & Roadmap, TC57 Plenary, May 2007"

Similar presentations

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
TC 57 IEC TC57 WG15 - Security Status & Roadmap, July 2008 Frances Cleveland Convenor WG15.

TC 57 IEC TC57 WG15 - Security Status & Roadmap, July 2008 Frances Cleveland Convenor WG15.
Protection of Information Assets I. Joko Dewanto 1.

Protection of Information Assets I. Joko Dewanto 1.
HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.

HIPAA: FEDERAL REGULATIONS REGARDING PATIENT SECURITY.
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Cyber Security in Implementing Modern Grid Automation Systems Vijayan SR CIGRE SC D2 Tutorials & Colloquium on SMART GRID Mysore, 13 – 15 November 2013.

Cyber Security in Implementing Modern Grid Automation Systems Vijayan SR CIGRE SC D2 Tutorials & Colloquium on SMART GRID Mysore, 13 – 15 November 2013.
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals

Security+ Guide to Network Security Fundamentals
Building a Successful Security Infrastructure

Building a Successful Security Infrastructure
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
Lecture 10 Security and Control.

Lecture 10 Security and Control.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,

Introduction CS-480b Dick Steflik. X.800 – OSI Security Services Security Service – a service provided by a protocol layer of communicating open systems,
E-Commerce Security and Fraud Issues and Protections

E-Commerce Security and Fraud Issues and Protections
Introduction (Pendahuluan)  Information Security.

Introduction (Pendahuluan)  Information Security.

Similar presentations

Ads by Google