Non-repudiation Services for the MMS Protocol of IEC 61850

摘要

In Smart Grids various processes can be automated using communication between the components of the grid. The standard IEC 61850 defines, among other requirements and parts of the system, different communication protocols, that shall be used for different purposes. Although the scope of IEC 61850 is the automation of substations, there are also use cases beyond that can be addressed by IEC 61850. The standard IEC 62351 sets the focus on security in Smart Grids and lists various security requirements, that should be met, and further a series of measures to accomplish the required level of security. However, there are additional security requirements, such as non-repudiation and traceabil-ity of transactions, which cannot be sufficed using only the mechanisms provided by IEC 62351. In this paper a security solution will be presented that meets these additional requirements. Basically, it uses certificates for the proof of identity of the system participants and provides the two non-repudiation services Non-repudiation of Origin and Non-repudiation of Delivery using mechanisms described by the standard ISO 13888-3. The focus is set on the MMS protocol that is used for end-to-end communication between client and server. However, due to the flexibility of the mechanisms used, the security solution can also be transferred to different protocols. Finally, this paper describes a way to implement the solution using XML signatures and X.509 certificates.