A security evaluation of IEC 62351
| Autor: | Sebastian Obermeier, Johannes Schneider, Roman Schlegel |
|---|---|
| Rok vydání: | 2017 |
| Předmět: |
Control system security
021103 operations research Computer Networks and Communications Computer science 020208 electrical & electronic engineering 0211 other engineering and technologies IEC 62351 02 engineering and technology Information security Computer security computer.software_genre Security testing ITIL security management Security service Risk analysis (engineering) Information security standards 0202 electrical engineering electronic engineering information engineering Safety Risk Reliability and Quality computer Software Information security management system |
| Zdroj: | Journal of Information Security and Applications. 34:197-204 |
| ISSN: | 2214-2126 |
| DOI: | 10.1016/j.jisa.2016.05.007 |
| Popis: | IEC 62351 is an industry standard aimed at improving security in automation systems in the power system domain. It contains provisions to ensure the integrity, authenticity and confidentiality for different protocols used in power systems. In this article we look at the different parts of IEC 62351 and assess to what extent the standard manages to improve security in automation systems. We also point out some incongruities in the algorithms or parameters chosen in parts of the standard. Overall, we conclude that the standard can significantly improve security in power systems if applied comprehensively, but we also note that the need to preserve (partial) backwards-compatibility has led to some design choices that provide less security than could have been achieved with a more ambitious approach. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|
Full Text from ScienceDirect