TC57 WG15

Introduction

DNP TECH COMMITTEE WORKS WITH IEC TO ADDRESS SECURITY

The DNP Technical Committee is providing a member to the International Electrotechnical Commission (IEC) Working Group on Data and Communications Security, at the Working Group's request. Technical Committee 57, Working Group 15 has agreed that it should address DNP security issues because DNP was originally derived from the IEC 60870-5 specifications. Also a factor in the group's decision was DNP's widespread use and the Working Group's desire to address security issues throughout as much of the utility industry as possible. A member of the technical committee will therefore serve as DNP Liaison to Working Group 15.
The first task to be accomplished in this effort will be the development of a Protection Profile document describing a plan for addressing DNP and IEC 60870-5 security needs. The Working Group plans to produce security standards within the next two years. A PowerPoint presentation describing the mandate, status, and methodology of IEC TC57 Working Group 15 in more detail has been posted to the User Group web site, Member Forum, PowerPoint Presentations. Thank you to Grant Gilchrist for his efforts in providing this.

Introduction to IEC TC57WG15

Data and Communications Security
Grant Gilchrist, GE Harris Energy Control Systems September 2000

TC57 WG15

Whats in a Name?

IEC: International Electrotechnical Commission Technical Committee 57: Power System Control and Associated Communications Working Group 15: Data and Communications Security

TC57 WG15

Why Security? Why Now?

Everythings changing: Use of radios allows eavesdropping Use of others networks: X.25, CDPD, frame relay, etc. Integration into Corporate I.T. Control, monitoring over Internet Deregulation creates financial incentives for attacks

TC57 WG15

Mandate

Finalize the report of Ad-hoc Working Group 6 into an IEC Technical Report Generate New Work Items for TC57 working groups Limited to security of TC57 protocols and their derivatives Implement those security work items other TC57 groups choose not to.

TC57 WG15

Protocols and Groups Affected

Scope Telecontrol Control Center Meter Reading Substations CC Application Interfaces Protocols 101, 102, 103, 1 104, DNP TASE.2 (ICCP) DLMS TC57 WGs 3 7 9 and TC13

Number IEC 60870-5 IEC 60870-6 IEC 61334 IEC 61850 IEC 61970, 61968

MMS, 60870-5, others? 10,11,12 None yet

2

13,14

1Based

on 60870-5 and is in widespread use; therefore in scope 2In scope insofar as the APIs provide networking capability

TC57 WG15

Ad-Hoc WG 6 Report
Tutorial on Security:
Defines terms Lists threats Lists vulnerabilities in TC57 protocols Describes analysis process

High-level analysis of our industry Recommends how to proceed

TC57 WG15

Ad-Hoc WG 6 Recommendations

Create permanent WG15 with tasks: Use consequence-based analysis Provide multiple levels of security Focus on application layer Work together with other WGs Address key management Address the complete system Use ISO Standard 15408 process

TC57 WG15

Consequence-Based Analysis

Look at the business processes of the industry:

Identify stakeholders Identify processes vital to the stakeholders Determine the worst consequences Determine root cause of these consequences

Initial analysis by AHWG6 determined:

Focus on TASE.2 (Inter-Control Center) first Focus on application layer security first

TC57 WG15

Process for WG15

Based on ISO 15408: Common Criteria Describe the Target of Evaluation Identify assumptions about the context Identify security threats Identify security goals to counter threats Make recommendations to meet the goals Document in a Protection Profile Create Security Target(s) to implement it.

TC57 WG15

Examples of Assumptions
The target is physically secure The link cannot be eavesdropped upon All operators are authorized users All users on an authorized device are authorized Security is always well-administered

TC57 WG15

Examples of Threats

Denial of Service Replay Traffic Analysis Impersonation Hijacking connections Disgruntled insiders Access to strong points via weak points

TC57 WG15

Examples of Goals

Confidentiality Authentication of Data Authentication of Source Integrity of Data

TC57 WG15

Examples of Requirements
Authentication Methods Digital Signatures Encryption
Algorithms Key Sizes

Audit Trails Replay Detection

TC57 WG15

The Protection Profile

assumptions goals threats requirements rationale policy issues

Contains:

May share one between several protocol suites May be more than one per protocol (i.e. levels) The WG may produce one, or many

TC57 WG15

The Security Target

An implementation of the Protection Profile The bits and bytes to implement the requirements Specific to one Target of Evaluation (protocol) Can be tested against the threats

TC57 WG15

Process Summary
Define Target of Evaluation
Assumptions Threats Goals Recommendations Protection Profile

Security Target

TC57 WG15

The Plan

Concentrating on three priority work items:

Protection Profile(s) for MMS-Based Protocols Protection Profile(s) for 60870-5-Based Protocols A Roadmap of Protection Profiles,Tutorial

Security Targets developed afterwards Liaisons to the other working groups, bodies
Do they accept the work, or do we do it?

Review by power community Review by security community

TC57 WG15

Deliverables

The AHWG 6 Technical Report New Work Item Proposals Protection Profiles, Security Targets, Roadmap May document in either:
The protocols spec A WG15 standard

No std. numbers yet Two-year schedule

TC57 WG15

Membership

Tor Aalborg, Statnett SF (Norway) Lars Andersson ABB (Switzerland) Rudolf Bauman, EGL (Switzerland) Rolf Carlson, Sandia National Labs (USA) - U.S. TAG Lead Frances Cleveland, UCI (USA) - WG14 Herb Falk, SISCO (USA) - Convenor Frank Frenzel, ABB (Germany) Grant Gilchrist, GE Harris (Canada) - DNP Technical Committee Stan Klein, Stan Klein Associates (USA) Norm Nielson, SRI Consulting (Stanford) (USA) John Ryan, The Electricity Association (UK) - WG9 Thomas Schaub, Siemens (Switzerland) - WG3, WG9 Werner Schmitz,Siemens (Germany) Andy Turke, Siemens (USA) - WG7 Barry Shephard, Schneider Electric (UK) - WG10, WG11, WG12 Joe Weiss, EPRI (USA) - EPRI, Instrument Society of America

TC57 WG15

Duties to the Industry

Be thorough Be clear and concise Consult all stakeholders Make it interoperable Make it safe and secure!