The following security enhancements according to the protocol specific standard IEC 60870-5-7 are implemented into the protocol stack IEC 60870-5-104, Master:
IEC 62351-3: encryption of ASDU telegrams using TLS protocol with X.509 certificates to protect the transport layer.
The TLS versions 1.0, 1.1 and 1.2 are supported. Version 3 of the X.509 certificates must be available.
These certificates may contain RSA, DSA and ECC keys.
The configuration enables data size limitation of the remote station certificate, several certification authorities to check the remote station
certificate and an extendable list of encryption procedures supported.
The standard IEC 60870-5-7 was derived from the norm IEC 62351 that applies to a range of protocols and describes messages and data formats for secure authentication
especially for the protocols IEC 60870-5-101, IEC 60870-5-104 and IEC 61850.
This protocol stack can be used with following products
inexpensive protocol converter for standardized application
IEC 60870-5-104, MasterIEC 60870-5-104, SlaveIEC 60870-5-101, SlaveIEC 61850, ClientOPC UA 1.02, Server