Limitations of IEC62351-3's public key management

James Wright, Stephen Wolthusen

Research output: Chapter in Book/Report/Conference proceedingConference contribution

311 Downloads (Pure)


The ISO/IEC 62351 standard provides a set of security controls and protocols for communications in smart grids based on the ISO/IEC 60870, 61850, and DNP3 standards. It offers the protection goals of confidentiality, integrity, and authentication. In this paper we perform a systematic study of the ISO/IEC 62351-3 standard regarding the use of public key infrastructure in smart grid communication. We show that the standard at present does not align with the quality of service requirements for performance and interoperability in the ISO/IEC 61850 standard and thereby may jeopardise effective operations. We demonstrate that it is possible to claim conformance with the ISO/IEC 62351-3 standard but be vulnerable to denial of service attacks arising from insufficiently specified behaviour for public key certificate validation and revocation. Further issues can give rise to downgrade attacks against cipher suites and protocols used, allowing a man-in-the-middle attacks contrary to the standard's claims.
Original languageEnglish
Title of host publication2016 IEEE 24th International Conference on Network Protocols (ICNP)
PublisherIEEE Press
Number of pages6
ISBN (Electronic)978-1-5090-3281-5
Publication statusPublished - 19 Dec 2016


  • Public key, Protocols, IEC Standards, Authentication, Conferences

Cite this