IEC 60870-5 Source Code Libraries

Secure Authentication for IEC 60870-5 (-101 and -104)

Cyber-security Features
  • End to end cryptographic authentication at the application layer which goes beyond VPN tunnels or TLS
  • Based on IEC 62351 security standard (Parts 3, 5, and 8)
  • TLS is supported for IP based networks
  • Legacy support for networks or devices that do not support encryption
  • Configuration of which requests are considered critical
  • Authentication can be performed in either direction (Controlling or Controlled Station)
  • Supports IEC 101 and IEC 104
Support for Multiple Users
  • Supports Role Based Access Control (RBAC) - multiple users and roles (engineers, operators, viewers, admin)
  • Configure privileges(view, read, security, etc.) for each role
  • Users can be added, modified, or removed
Legacy Support
  • Support low bandwidth and/or serial networks
  • Low overhead for Outstations that may not have processing capability for public/private certificates or encryption
Test Harness

Watch our training videos to learn more about Secure Authentication - this series of videos covers DNP3 Secure Authentication but many of the concepts are similar for IEC 60870-5


Example of Aggressive Mode Challenge-Reply Sequence for IEC 60870-5:
Example of IEC 104 Secure Authentication - Aggressive Mode Request
 


 
© 2013 Triangle MicroWorks, Inc. All rights reserved.