GBZ25320.1-2010 English PDFUS$594.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email. GBZ25320.1-2010: Power systems management and associated information exchange -- Data and communications security -- Part 1: Communication network and system security -- Introduction to security issues Status: Valid
Basic dataStandard ID: GB/Z 25320.1-2010 (GB/Z25320.1-2010)Description (Translated English): Power systems management and associated information exchange -- Data and communications security -- Part 1: Communication network and system security -- Introduction to security issues Sector / Industry: National Standard Classification of Chinese Standard: F21 Classification of International Standard: 29.240.30 Word Count Estimation: 30,346 Date of Issue: 2010-11-10 Date of Implementation: 2011-05-01 Quoted Standard: GB/T 18700.1; GB/T 18700.2; GB/T 18700.3; GB/T 18700.6; GB/T 18700.8; DL/T 860.3; DL/T 860.4; DL/T 860.5; DL/T 860.6; DL/T 860.10; DL/T 860.71; DL/T 860.72; DL/T 860.73; DL/T 860.74; DL/T 860.81; DL/T 860.91; DL/T 860.92; IEC 60870-5-1; IEC 60870-5-2; IEC 60870-5-3; IEC 60870-5-4; IEC 60870-5-5; IEC 60870-5-6; IEC 60870-5-101; IEC 60870-5-102; IEC 60870-5-103; IEC 60870 -5-104; IEC/TS 62351-2 Adopted Standard: IEC/TS 62351-1-2007, IDT Regulation (derived from): ?National Standard Approval Announcement 2010 No.8 (Total No.163) Issuing agency(ies): Ministry of Health of the People's Republic of China Summary: This standard specifies the information security control of the power system operation. The main purpose of this section is " safe IECTC57 develop communication protocols, especially IEC60870-5, IEC60870-6, IEC61850, IEC61970 and IEC61968 safety standards bear, assume the end-to- safety standards and technical reports development. " GBZ25320.1-2010: Power systems management and associated information exchange -- Data and communications security -- Part 1: Communication network and system security -- Introduction to security issues---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Power systems management and associated information exchange. Data and communications security. Part 1. Communication network and system security. Introduction to security issues ICS 29.240.30 F21 People's Republic of China national standardization of technical guidance documents Power System Management and Information Exchange Data and communications security Part 1. Communication networks and system security Introduction to safety issues Powersystems management and associated information exchange- Part 1.Communicationnetworkandsystemsecurity- (IEC TS62351-1.2007, IDT) 2010-11-10.2011-05-01 implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Foreword Ⅲ Introduction IV 1 Scope and purpose 1 2 Normative references 2 3 Terms, definitions and abbreviations 2 4 background of information security standards 2 4.1 The information involved in the operation of the power system 2 4.2 IEC TC57 data communication protocol 3 4.3 Develop the history of these safety standards 3 5 GB /Z 25320 Security issues involved 4 5.1 General safety information 4 5.2 types of security threats 4 5.3 Security Needs, Threats, Vulnerability, Attacks and Responses 6 5.4 The importance of safety measures 11 5.5 Security Risk Assessment 11 5.6 Understanding safety needs and the impact of safety precautions on the operation of the power system 12 5.7 five-step safety process 13 5.8 Application safety protection in power system operation 14 6 GB /Z 25320 Overview 15 Range of 6.1 GB /Z 25320 15 6.2 Certification as a Key Security Requirement 15 Target 15 of GB /Z 25320 6.4 GB /Z 25320 various parts of the relationship between the IEC protocol 15 6.5 GB /Z 25320.1 Introduction to safety issues 16 6.6 GB /Z 25320.2 Terminology 16 6.7 GB /Z 25320.3 Protocol Set Containing TCP/IP 17 6.8 GB /Z 25320.4 Protocol set containing MMS 17 6.9 GB /Z 25320.5 Safety of IEC 60870-5 and its derivatives 18 6.10 GB /Z 25320.6 Safety of DL/T 860 19 6.11 GB /Z 25320.7 Network and system management data object model 20 7 Conclusion 23 Appendix NA (informative) IEC 60870-5 parts and the corresponding national standards and consistency 24 References 25 ForewordInternational Electrotechnical Commission 57 Technical Committee (IEC TC57) for the management of power systems and the exchange of information developed by IEC 62351 " Force system management and information exchange data and communications security "standard. We use IEC 62351, prepared GB /Z 25320 guidance Technical documents, including the following sections. --- Part 1. Introduction to communication network and system security and safety issues; --- Part 2. Terms; --- Part 3. Communication network and system security Protocol set containing TCP/IP; --- Part 4. Protocol set containing MMS; --- Part 5. IEC 60870-5 and its derivatives standards; --- Part 6. DL/T 860 security; --- Part 7. Network and system management data object model; --- Part 8. Role-based access control of power system management. This section identical with IEC TS62351-1.2007 "Power System Management and Information Exchange Part 1 Data and Communication Security Sub-communication network and system security and safety issues introduced "(in English). This part adds an informative annex NA, to reflect the normative references IEC 60870-5 (all parts) and the corresponding parts The standard of our country and the degree of consistency. This part is proposed by China Electricity Council. This part of the National Power System Management and Information Exchange Standardization Technical Committee (SAC/TC82) centralized. This section drafted unit. State Grid Electric Power Research Institute, the State Power Dispatching and Communication Center, China Electric Power Research Institute, Fujian Electric Power Co., Ltd., Huazhong Power Grid Co., Ltd., East China Power Grid Co., Ltd., Liaoning Provincial Power Co., Ltd. The main drafters of this section. Xu Mu Liang, South Guilin, Deng Zhaoyun, Yang Qiuheng, Han Shui Bao, Li Genwei, Cao Lianjun, Yuan and Lin, Lin Weimin. This guideline is for reference only. For advice or comments on this guidance document, be directed to the Director of Standardization Administration of the State Council Department reflected.IntroductionComputer, communications and networking technologies are currently widely used in power systems. There are various kinds of information in communications and computer networks Possible security attacks pose a threat to the security of data and communications in power systems. These potential possible attacks target the power system Security vulnerabilities in communication protocols at various levels of the system and imperfections in the security management of power system information infrastructure. To this end, we adopted the international standard to develop GB /Z 25320 "Power System Management and its information exchange data and communication security", pass Over the relevant communication protocols and in the information infrastructure management to add specific security measures to enhance and enhance the power system data and communications Security. Power System Management and Information Exchange Data and communications security Part 1. Communication networks and system security Introduction to safety issues1 Scope and purpose1.1 Scope The scope of this part of GB /Z 25320 is the information security of power system control operation. The main purpose of this section is "as IEC TC57 Safety of communication protocols developed, in particular safety of IEC 60870-5, IEC 60870-6, IEC 61850, IEC 61970 and IEC 61968 All, to undertake the development of standards; commitment to end-to-end safety standards and technical report of the development. " 1.2 purpose Specific purpose includes. ● GB /Z 25320.1 introduced the other parts of GB /Z 25320, the main introduction to the reader applied to the power system operation information All aspects of safety knowledge ● GB /Z 25320.3 ~ GB /Z 25320.6 specifies the IEC TC57 communication protocol safety standards. Can use these standards mentioned It is safe for protocols at all levels, depending on the protocols and parameters selected for a particular implementation. Again, they have been designed For backward compatibility and can be phased implementation; ● GB /Z 25320.7 relates to one of many possible areas of end-to-end information security that enhances support for power system transport Line communication network to conduct a comprehensive management; ● The rest of GB /Z 25320 follow more areas of information security. Safety, security and reliability in the power industry are always important issues in system design and operation. As the industry grows more and more dependent on Depending on the information infrastructure, the information security is becoming increasingly important, which is the reason for the development of information security standards. Some new threats are already around To deregulated electricity markets, where knowledge of competitors' assets and their systems operations may benefit, intercepted Such information is very likely to happen. In addition, unintended behavior (such as carelessness and natural disasters) can create information Into danger. The additional threats now posed by terrorism have become apparent. 1) ATIS (Aliance for Telecommunications Industry Solutions) [The United States for Communication and Related Information Technology rapid development and promotion of technology And running standards organizations. ATIS has been accredited by the American National Standards Institute (ANSI). ] .FS-1037C expansion, US federal government telecommunications items Purpose Standard terminology. Although there are many definitions of "end-to-end" security, a standard definition (multiple representations) is. "1. The use of cryptographic technology Security of information in a messaging system or a protected distribution system means protection from the point of origin to the point of destination. 2. Information system In the information from the starting point to the point of security "1). Based on this definition to start the four standards for IEC TC57 The security of communication protocol sets is enhanced because these communication protocol sets are considered to be the obvious first for security control of power system control operations step. However, these security enhancements address only the security needs between the two systems and do not address the real "end-to-end" End "security, including security measures, security enforcement, intrusion detection, robustness of internal systems and applications, and broader security needs. Therefore, the present concluding remarks of this chapter is very important.I recognize the addition of a firewall or simply the use of protocol encryption, such as adding links Bump-in-the-wire or even Virtual Private Network (VPN) technology does not seem to be sufficient in many cases. Security is True "end-to-end" requirements to ensure certified access to sensitive power system equipment, authorized access to sensitive market data, Rely on timely and timely implementation of equipment functions and equipment failure information, backup of critical systems and audits that allow the detection and reproduction of decisive events ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GBZ25320.1-2010_English be delivered?Answer: Upon your order, we will start to translate GBZ25320.1-2010_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GBZ25320.1-2010_English with my colleagues?Answer: Yes. The purchased PDF of GBZ25320.1-2010_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
