1849   Security Service and Properties need clarification

Created: 14 Oct 2022

Status: Discussion (red)

Part: Part 6 (2019; Edition 2.1)

Links:

Page: 78

Clause: 9

Paragraph: Table 11, Table 27, Table 29

Issue

Discussed during interop test triage:
1) It is unclear how the service capability GSESetting.McSecurity rep. SMVSetting.McSecurity are to be understood.
Do they apply to L2 Multicast messages or to L2 and Routable as well.

2) It is unclear how the property securityEnable at the GSEControl resp. SampledValueControl works during te configuration: KDC responsible for distributing the Key determines if encription is selected or not. Does the KDC configuration superseeds the SCL configuration?

Proposal

For 1) it makes sense to indicate that the service capability applies to L2 only, as security is mandated per Part 61850-8-1 for Routable protocol, and 62351-6 is mandating both signature and encryption for Routable protocol. Therefore there is no need to expose securit support for Routable in the capability

2) Probably, subscribers needs to be aware that security is enabled at a message - as per 62351-6 - to verify that the received message is fulfilling the security configuration. A boolean instead of an enumeration would be sufficient.

Discussion Created Status
To be considered 05 Dec 22 Accepted

 

Privacy | Contact | Disclaimer

Tissue DB v. 23.12.13.1