The Black Hat event in Las Vegas attracts many of the world’s top cyber security experts, including representatives of major corporations and government agencies. For the first time, this year’s event includes a briefing on using IEC 62351 to provide end-to-end security for power systems.
IEC Technical Committee 57 Working Group 15 has developed IEC 62351 to make power grids secure-by-design, as opposed to the more widespread approach of firefighting after the blaze. Their work covers the end-to-end encryption principle, the definition of roles for all users and identity management, as well as pervasive monitoring of the system itself.
IEC 62351 is for a world where the emergence of the industrial internet of things (IIoT) and the integration of physical machines with networked sensors and software, have blurred the lines between IT and OT. As more and more objects are connected, communicate and interact with each other, there has been a surge in the number of endpoints and potential ways for cyber criminals to gain access to industrial networks and infrastructure systems.
The IEC 62351 series defines network and system management data object models for monitoring the health of networks and systems. It shares best practices for the detection of possible security intrusions, and for efficient management of the performance and reliability of the information infrastructure.
IEC 62351 enables industrial security systems to increase their environment awareness by introducing an active interaction with the devices deployed inside the network. It increases the detection rate, provides better visibility during an incident and offers a cost-effective solution for distributed scenarios.
In Las Vegas, the Nozomi Networks team, who contribute actively to the work of WG 15, will present a live demo of threat detection using IEC 62351 and SNMP (Simple Network Management Protocol) communications.
The Nozomi team will demonstrate how the threat detection rate is increased and incident visibility is improved. They will also show how cost-effective cyber resiliency can be applied to large, distributed systems.
The Black Hat briefing session will include:
- Introduction to the IEC 62351 standard
- SCADA (Supervisory Control and Data Acquisition) active network monitoring
- Threat detection with IEC 62351-7 and SNMP
- Live demo
- Future power grid threat landscape
Read more about IEC 62351: