IEEE 1711-2010 en Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links《网络分站串行链路协议的安全加密试验用标准》.pdf
《IEEE 1711-2010 en Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links《网络分站串行链路协议的安全加密试验用标准》.pdf》由会员分享,可在线阅读,更多相关《IEEE 1711-2010 en Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links《网络分站串行链路协议的安全加密试验用标准》.pdf(49页珍藏版)》请在麦多课文档分享上搜索。
1、g3g3g3IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links g3Sponsored by the Substations Committee g3IEEE 3 Park Avenue New York, NY 10016-5997 USA 15 February 2011 IEEE Power +1 978 750 8400. Permission to photocopy portions of any individual standard
2、for educational classroom use can also be obtained through the Copyright Clearance Center. iv Copyright 2011 IEEE. All rights reserved. Introduction This introduction is not part of IEEE Std 1711-2010, IEEE Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links
3、. This trial use standard defines a cryptographic protocol called Serial SCADA Protection Protocol (SSPP) to provide integrity, and optionally confidentiality, for cyber security of substation serial links. It focuses exclusively on “formatting bits on the wire” to provide cryptographic assurance of
4、 cyber security properties. It does not address specific applications or hardware implementations and is largely independent of the underlying communications channel and application or SCADA protocol. The requirements of this standard are in addition to any requirements contained in standards for in
5、dividual devices in which this protocol is implemented. SSPP operates by encapsulating each SCADA or application message in a cryptographic envelope that adds minimal overhead to the message. This encapsulation is performed in a manner that is largely independent of the underlying communications pro
6、tocol. While SSPP was originally designed to protect serial SCADA communications, its domain of application is not limited to SCADA. SSPP can also be used to protect other types of serial communications, such as data concentrator links, load management links, dial-in revenue meter reading, dial-in m
7、aintenance connections, etc. SSPP is designed for systems or applications in the following circumstances: Traffic is message-oriented, with messages consisting of contiguous sequences of 7-bit or 8-bit characters, in lengths ranging from a few characters to a few hundred characters. The communicatio
8、ns channel may be either half-duplex or full-duplex. Messages are never reordered by the communications channel. Messages are never fragmented by the communications channel. The communications topology is point-to-point, point-to-multipoint, or broadcast. For point-to-multipoint topologies, messages
9、 include an identifying address of the receiver in the header of the message. Transmission speeds may be slow enough that cryptographic protocol overhead in the form of too many additional header, trailer, or framing characters may significantly impact message latency and roundtrip message delivery
10、times. Message integrity is critical to reliable system operation, and system operation may be adversely impacted if messages are modified, forged, spliced, reordered, or replayed. The system or application is able to tolerate lost messages. SSPP assures message integrity by detecting modified, forg
11、ed, spliced, reordered, or replayed messages and discarding them. Applications such as SCADA systems are designed to accommodate accidental communications errors and, through timeouts, detects and retries lost or damaged messages. Such applications thereby recover from messages discarded by SSPP in
12、the same way as they recover from messages lost or damaged by communications errors. Applications such as dial-in remote maintenance involve a live operator who can reissue commands whose action or response is discarded by SSPP. SSPP is designed to support point-to-point links, point-to-multi-point
13、(or multi-drop) links, and broadcast links. For multi-drop links and broadcast links, SSPP supports mixed-mode operation, where some of the stations use SSPP to achieve protected communications, and other stations communicate in the clear. Mixed-mode operation allows for phased or incremental deploy
14、ment of devices providing SSPP protection so that all stations on a multi-drop or broadcast link do not have to be upgraded simultaneously. SSPP protection can be deployed at the master station first, then incrementally added to slave stations as needed. v Copyright 2011 IEEE. All rights reserved. S
15、SPP may be implemented in standalone security devices, integrated in communications modems, or embedded in applications or systems. When implemented in standalone bump-in-the-wire security devices, SSPP may be used to retrofit protection of legacy serial systems with little or no modification of exi
16、sting systems and equipment. Figure a illustrates a typical deployment of SSPP implemented with a multi-channel Ethernet-to-Serial SSPP gateway in the control center and SSPP bump-in-the-wire (BITW) devices in the substations. Figure aRetrofit bump-in-the-wire SSPP deployment Key management for the
17、long-term cryptographic keys used by SSPP is specifically not addressed in this standard. Key management is a complex issue, and including key management would significantly increase the size and complexity of the standard. But more significantly, key management for SSPP keys is not markedly differe
18、nt from key management for other cryptographic systems. Including a specific mechanism for key management in SSPP could preclude integration with existing commercial key management systems and inhibit adoption of SSPP in products. It is expected that key management systems for SSPP keys follow good
19、security practices, and the quality, flexibility, and usability of such systems should be evaluated by prospective purchasers of SSPP implementations. Goals This standard has several goals. Designing cryptographic algorithms and protocols that operate correctly and are free of undiscovered flaws is
20、difficult at best. There is general agreement in the cryptography community that openly published and time-tested cryptographic algorithms and protocols are less likely to contain security flaws than secretly developed ones because their publication enables scrutiny by the entire community. Historic
21、ally, proprietary and secret protocols have frequently been found to contain flaws when their designs become public. However, well-known and time-tested protocols such as TLS and SSH that are designed for high-speed IP networks add too much overhead when used on slow serial communications links. The
22、re are no suitable cryptographic protocols for protecting the integrity of asynchronous serial communications of a SCADA-like nature. By defining such a protocol that can be used with a wide variety of systems and vi Copyright 2011 IEEE. All rights reserved. application protocols, this standard aims
23、 to help manufacturers build secure systems, products, and applications, and avoid the pitfalls of proprietary and secret cryptographic designs. By utilizing a common framework, different implementations of this protocol built by different vendors may be able to interoperate. Adherence to this stand
24、ard is by no means a guarantee of interoperability, but this standard does provide a significant step toward interoperable implementations. Interoperability can foster competition and lead to more and better choices for end users. Interoperability can also simplify merging diverse operational infras
- 1.请仔细阅读文档,确保文档完整性,对于不预览、不比对内容而直接下载带来的问题本站不予受理。
- 2.下载的文档,不会出现我们的网址水印。
- 3、该文档所得收入(下载+内容+预览)归上传者、原创作者;如果您是本文档原作者,请点此认领!既往收益都归您。
下载文档到电脑,查找使用更方便
10000 积分 0人已下载
下载 | 加入VIP,交流精品资源 |
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- IEEE17112010ENTRIALUSESTANDARDFORACRYPTOGRAPHICPROTOCOLFORCYBERSECURITYOFSUBSTATIONSERIALLINKS 网络 分站

链接地址:http://www.mydoc123.com/p-1248439.html