[secdir] IEC 62351-6 review

"Fred Baker (fred)" <fred@cisco.com> Thu, 12 July 2012 18:27 UTC

Return-Path: <fred@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 4295021F85F1; Thu, 12 Jul 2012 11:27:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.441
X-Spam-Status: No, score=-110.441 tagged_above=-999 required=5 tests=[AWL=0.158, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id gWy-dJF3ZhtJ; Thu, 12 Jul 2012 11:27:40 -0700 (PDT)
Received: from rcdn-iport-9.cisco.com (rcdn-iport-9.cisco.com []) by ietfa.amsl.com (Postfix) with ESMTP id 622FB21F858F; Thu, 12 Jul 2012 11:27:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1682; q=dns/txt; s=iport; t=1342117694; x=1343327294; h=from:to:cc:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=yyp62SAhCwY2nKuak6xUpqs7wD2T5Wh/WLQ1Ropcdvk=; b=h2//z8vy2AS8fy/0ha7A9EErw7v+HPyGw84Usvk0rWEZI9Mq2A37c/c+ E4amu5YsL9iNGG+JBN1Sti8/K8q1rHMAD+zhvTU/yCMU4Ypxf+T4ZvBV3 bTTJd/zrqMLRWY68wv5RvSup7T97vY5FK7hIqfnQ9MLeFi/uNfHh95/V6 E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av0EALIW/0+tJV2d/2dsb2JhbABFuAyBB4InEgEnOAcSAT5CJwQBDSeFb4F8nWagIItbhQFgA5U6jiCBZoJfgV8
X-IronPort-AV: E=Sophos;i="4.77,575,1336348800"; d="scan'208";a="98330518"
Received: from rcdn-core-6.cisco.com ([]) by rcdn-iport-9.cisco.com with ESMTP; 12 Jul 2012 18:28:14 +0000
Received: from xhc-rcd-x02.cisco.com (xhc-rcd-x02.cisco.com []) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id q6CISEiH022778 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Thu, 12 Jul 2012 18:28:14 GMT
Received: from xmb-rcd-x09.cisco.com ([]) by xhc-rcd-x02.cisco.com ([]) with mapi id 14.02.0298.004; Thu, 12 Jul 2012 13:28:13 -0500
From: "Fred Baker (fred)" <fred@cisco.com>
To: "ops-dir@ietf.org" <ops-dir@ietf.org>, "secdir@ietf.org" <secdir@ietf.org>
Thread-Topic: IEC 62351-6 review
Thread-Index: AQHNYFwYYFRC2xFQYkOb0VhldhcMlw==
Date: Thu, 12 Jul 2012 18:27:40 +0000
Message-ID: <F61D99FE-2DE7-4B24-819C-A60B624FB589@cisco.com>
Accept-Language: en-US
Content-Language: en-US
x-originating-ip: []
x-tm-as-product-ver: SMEX-
x-tm-as-result: No--31.674300-8.000000-31
x-tm-as-user-approved-sender: No
x-tm-as-user-blocked-sender: No
Content-Type: text/plain; charset="us-ascii"
Content-ID: <ABE13167C9499F4B8831F8A5C4FC4D52@cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: IETF SmartObjectDir <smartobjectdir@ietf.org>, John Lampe <john.lampe@iapsolutions.com>, Frances Cleveland <fcleve@xanthus-consulting.com>
Subject: [secdir] IEC 62351-6 review
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Jul 2012 18:27:41 -0000

Hello from the SGIP meeting happening this week.

Francis Cleveland, whom some of you no doubt know, is a consultant to NIST and rapporteur-or-something-like-that for IEC 62351-6, which specifies how to secure communication profiles specified within IEC 61850, which in turn specifies the design of electrical substation automation. A large part of that is, surprise, management exchanges, both network and equipment; the remainder is ongoing event communication, maintaining synchronization among equipment. EPRI, which is a company that consults to the power industry, is looking at that with a view to potential updates to make it better and more useful. Francis asked me to work with John Lampe, a consultant to EPRI, on that. Marianne Swanson of NIST tells me that document access can be arranged through the CyberSecurity Working Group of the SGIP, which uses NIST's relationship with ANSI to get access less-onerous access to IEC documents.

To that end, I'd like to get some volunteers to review the document from an "IP Network" perspective. I'm obviously looking for one or two security people to look at the security recommendations, someone from NetConf to look at the network management issues, and someone from opsec to look at the "how does this work in a dual stack network" issues - a total of 3-6 people. I'm happy to have someone that is not a heavily-loaded directorate member; I need your help in identifying whoever that set of people might turn out to be.

BTW, 62351-7 is a bunch of MIBs; they likely need to be updated as well, perhaps with the addition of yang modules for netconf.