HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (19 Oct 2025)

GB/T 25320.11-2023 English PDF

US$694.00 ยท In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 25320.11-2023: Power systems management and associated information exchange - Data and communications security - Part 11: Security for XML documents
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 25320.11-2023English694 Add to Cart 6 days [Need to translate] Power systems management and associated information exchange - Data and communications security - Part 11: Security for XML documents Valid GB/T 25320.11-2023

PDF similar to GB/T 25320.11-2023


Standard similar to GB/T 25320.11-2023

GB/T 40427   GB/T 40588   GB/T 33593   GB/T 25320.4   GB/T 25320.6   GB/Z 25320.7   

Basic data

Standard ID GB/T 25320.11-2023 (GB/T25320.11-2023)
Description (Translated English) Power systems management and associated information exchange - Data and communications security - Part 11: Security for XML documents
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard F21
Classification of International Standard 29.240.01
Word Count Estimation 38,333
Date of Issue 2023-12-28
Date of Implementation 2024-07-01
Issuing agency(ies) State Administration for Market Regulation, China National Standardization Administration

GB/T 25320.11-2023: Power systems management and associated information exchange - Data and communications security - Part 11: Security for XML documents


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
ICS 29:240:01 CCSF21 National Standards of People's Republic of China Power system management and information exchange Data and communications security Part 11: Security of XML files (IEC 62351-11:2016,IDT) Published on 2023-12-28 2024-07-01 Implementation State Administration for Market Regulation Released by the National Standardization Administration Committee

Table of contents

Preface III Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and Definitions 2 4 Security issues covered by this document 2 4:1 Overview 2 4:2 Responding to security threats 3 4:3 Dealing with security attacks 3 5 XML files 3 6 XML file encapsulation 4 6:1 Overview 4 6:2 Information header type HeaderType 5 6:3 Information 6 6:4 Encrypted 14 6:5 SignatureTypeSignatureType 16 6:6 Supported XSD types 19 6:7 Security algorithm selection 20 7 Sample files (informative) 20 7:1 Non-encrypted example 20 7:2 Encryption Example 22 8 IANA signature, digest and encryption method list (informative) 23 Reference 29 Figure 1 Overview of the XML file structure of IEC 62351-11 1 Figure 2 Data transfer example 3 Figure 3 Security encapsulation of XML files 4 Figure 4 General IEC 62351-11XSD structure 4 Figure 5 XSD type definition of information header type HeaderType 5 Figure 6 XSD complex type definition of Information Information 6 Figure 7 XSD complex type definition of AccessControl 7 Figure 8 XSD complex type definition of access control type AccessControlType 7 Figure 9 XSD complex type definition of ACL restriction type ACLRestrictionType 8 Figure 10 XSD complex type definition of entity type EntityType 10 Figure 11 Access control AccessControl and XML path XPATH example 11 Figure 12 IEC 62351-11 body example 13 with CIM file Figure 13 Structure of IEC 62351-11 Encrypted 14 Figure 15 Structure of ciphertext data type CipherDataType 15 Figure 16 Encrypted data EncryptedData definition 15 Figure 17 W3C signature type SignatureType definition 16 Figure 18 XML structure of signature information type SignedInfoType 17 Figure 19 Structure of signature method type SignatureMethodType 17 Figure 20 Structure of reference type ReferenceType 18 Figure 21 Structure of key information type KeyInfoType 19 Figure 22 Definition of name sequence type NameSeqType 20 Table 1 General structure definition of XML files of IEC 62351-11 5 Table 2 Definition of information header type HeaderType element 6 Table 3 Definition of Information 7 Table 4 Definition of Contractual and ACL elements 8 Table 5 Definition of ACLRestrictionType element 9 Table 6 Definition of ACLType enumeration values 9 Table 7 Definition of enumeration value of Constraint 9 Table 8 Definition of entity type EntityType 10

Foreword

This document complies with the provisions of GB/T 1:1-2020 "Standardization Work Guidelines Part 1: Structure and Drafting Rules of Standardization Documents" Drafting: This document is Part 11 of GB/T (Z) 25320 "Power System Management and Information Exchange Data and Communication Security": GB/T 25320 The following sections have been published: ---Part 1: Introduction to communication network and system security issues; ---Part 2: Terminology; ---Part 3: Communication network and system security including TCP/IP protocol set; ---Part 4: Protocol set including MMS; ---Part 5: Safety of GB/T 18657 and other standards and their derivatives; ---Part 6: Safety of IEC 61850; ---Part 7: Data Object Model for Network and System Management (NSM); ---Part 11: Security of XML files; ---Part 100-1: Conformance test cases for IEC TS62351-5 and IEC TS60870-5-7; ---Part 100-3: Conformance test cases for IEC 62351-3 and secure communication extensions including the TCP/IP protocol set: This document is equivalent to IEC 62351-11:2016 "Power system management and its information exchange data and communication security Part 11: Security of XML Files": Certain contents of this document may be covered by patents: The publisher of this document assumes no responsibility for identifying patents: This document is proposed by the China Electricity Council: This document is under the jurisdiction of the National Electric Power System Management and Information Exchange Standardization Technical Committee (SAC/TC82): This document was drafted by: State Grid Electric Power Research Institute Co:, Ltd:, Guodian Nari Energy Co:, Ltd:, Nanjing Nari Relay Protection Electric Co:, Ltd: Company, China Electric Power Research Institute Co:, Ltd:, State Grid Smart Grid Research Institute Co:, Ltd:, Southeast University, Guodian Nanjing Automation Co:, Ltd: Co:, Ltd:, China Southern Power Grid Power Dispatch Control Center, State Grid Shanghai Electric Power Company, Jiangsu Hongyuan Electric Co:, Ltd:, State Grid Jilin PROVINCIAL POWER LIMITED: The main drafters of this document: Sun Dan, Guo Wangyong, Zhang Dan, Wen Shufeng, Kong Honglei, Wang Zhenzhen, Li Guanghua, Ji Guanglong, Yuan Li, Wang Yu, Wang Tiantian, Dou Renhui, Zhang Tao, Shi Weijun, Wu Zaijun, Chen Xinzhi, Dou Xiaobo, Fei Jiaxuan, Zhang Xiaofei, Zhu Xinquan, Tao Wenwei, Wang Zhihua, Li Xiang, Xu Honghai, Liu Changxu, Yang Song:

Introduction

GB/T (Z) 25320 "Power System Management and Information Exchange Data and Communication Security", which aims to reduce communication and computing as much as possible In order to avoid the harm caused by malicious attacks in the computer network to the data and communication security of the power system, it is necessary to improve the communication protocols at all levels used in the power system: discuss security vulnerabilities and improve the security management of power system information infrastructure: It is planned to consist of the following parts: ---Part 1: Introduction to communication network and system security security issues: The purpose is to introduce other parts of GB/T (Z)25320 It mainly introduces readers to all aspects of information security applied to power system operation: ---Part 2: Terminology: The purpose is to introduce the key terms used in GB/T (Z) 25320: ---Part 3: Communication Network and System Security includes the TCP/IP protocol set: The purpose is to specify how transmission is limited to specifications of the messages, processes and algorithms of layer security protocols, and provide security protection for TCP/IP-based protocols so that these protocols can Suitable for IEC TC57 telecontrol environment: ---Part 4: Contains the protocol set of MMS: The purpose is to stipulate the manufacturing message specifications based on GB/T 16720 (ISO 9506) The process, protocol extensions and algorithms for security protection of MMS applications: ---Part 5: Security of GB/T 18657 and other standards and their derivatives: The purpose is to define the application configuration file (a-profile) Secure communication mechanism that specifies the secure operation of all protocols based on or derived from IEC 60870-5 Protected messages, processes and algorithms: ---Part 6: Safety of IEC 61850: The purpose is to specify the operation of all protocols based on or derived from IEC 61850: Messages, processes and algorithms for security protection: ---Part 7: Data Object Model for Network and System Management (NSM): The purpose is to define the characteristics unique to power system operation: A data object model for network and systems management: ---Part 8: Role-based access control: The purpose is to provide role-based access control for power system management: ---Part 9: Network security key management of power system equipment: The purpose is to manage by specifying or restricting the keys to be used Options to define requirements and technologies for achieving key management interoperability: ---Part 10: Security Architecture Guidelines: The purpose is to describe guidelines for a power system security architecture based on basic security controls: ---Part 11: Security of XML files: The purpose is to standardize the configuration file (XML file) in the communication process of smart substations security: ---Part 12: Rapid recovery and security recommendations for distributed energy resources (DER) systems: The aim is to improve distributed energy (DER) system security and reliability: ---Part 13: Guidance on safety topics covered in standards and specifications: The purpose is to provide standards and regulations for use in the power industry What safety issues could or should be covered in the specification (IEC or other): ---Part 90-1: Guidelines for handling role-based access control in power systems: The purpose is to develop custom A standardized approach to defining roles and role mapping: ---Part 90-2: Deep packet inspection of encrypted communications: The purpose is to describe the methods applied to communication channels protected by IEC 62351 DPI latest technology: ---Part 90-3: Network and System Administration Guide: The purpose is to provide guidelines for handling IT and OT data: ---Part 100-1: Conformance test cases for IEC 62351-5 and IEC TS60870-5-7: The purpose is to provide Test cases for conformance and/or interoperability testing of IEC 62351-5:2023 and IEC TS60870-5-7:2013: ---Part 100-3: Conformance test cases for IEC 62351-3 and secure communication extensions including the TCP/IP protocol set: Purpose It provides IEC 62351-3:2023 conformance test cases and verifies all aspects that affect security extensions and protocol behavior: Configuration of parameters: ---Part 100-6: Network security conformance testing of IEC 61850-8-1 and IEC 61850-9-2: The purpose is to provide changes Test cases for conformance testing of data and communication security interoperability of power plant automation systems and telecontrol systems: GB/T (Z) 25320 "Power System Management and Information Exchange Data and Communication Security" defines power system-related communication protocols (IEC 60870-5, IEC 60870-6, IEC 61850, IEC 61970 and IEC 61968 series) data and communication security: defines the pass Security threats and security attacks that may be encountered during the communication process, as well as security countermeasures: Power system management and information exchange Data and communications security Part 11: Security of XML files

1 Scope

This document specifies methods for protecting XML files used within the scope of IEC as well as files in other fields (e:g: IEEE, patents, etc:) Format, process and algorithm: If secure exchange is required, this document is intended to be referenced by the standard, unless there is agreement between the parties to use another Recognized secure exchange mechanism: This document uses W3C standards for XML file security and provides an introduction to these standards and other extensions: This article The software provides the following provisions for extensions: ---Header (information header): Header contains relevant information about the created saved file, such as creating the XML of IEC 62351-11 The date and time of the file: ---You can choose to encapsulate the original XML file in encrypted or non-encrypted format: If encryption is selected, a mechanism is provided to represent Represents the information required to perform encryption in an interoperable manner: ---AccessControl: A mechanism that represents access control information related to the information contained in the original XML file: ---Body (text): used to contain the original XML file to be encapsulated: ---Signature: A signature that can be used for authentication and tampering detection: The overall structure should conform to Figure 1: Figure 1 Overview of the XML file structure of IEC 62351-11 For the methods described in this document to be valid, they need to be accepted and referenced by the specification: This document has been written to enable this process: The readers of this document are developers of products that implement these specifications: Portions of this document may also be used by managers and executives to understand the purpose and requirements of the job:

2 Normative reference documents

The contents of the following documents constitute essential provisions of this document through normative references in the text: Among them, the dated quotations For undated referenced documents, only the version corresponding to that date applies to this document; for undated referenced documents, the latest version (including all amendments) applies to this document: IEC TS62351-2 Power system management and information exchange data and communication security Part 2: Terminology (Powersys-

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 25320.11-2023_English be delivered?

Answer: Upon your order, we will start to translate GB/T 25320.11-2023_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 25320.11-2023_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 25320.11-2023_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.