IEEE Power & Energy Magazine - January/February 2016 - 104
Utilities and emergency organizations operate independently
of each other and need a way to exchange this information
figure 9. A general structure example of a WG14 message.
The GDOI can also provide end-to-end confidentiality.
Applying point-to-point methodologies requires establishing
the equivalence of a chain of trust, and the GDOI already establishes the trust of the group. However, the GDOI does not provide information regarding the path the message traversed.
The general structure of an IEC TC57 Working Group 14
(WG14) style message is shown in Figure 9. It consists of an
envelope that represents the technique being used to send the
message. The actual WG14 message consists of an ns:Header
and an ns:Payload. The figure also shows that the digital signature would apply to the entire WG14 message.
Message exchanges using the IEC TC57 WG14 technique are
most impacted by end-to-end security and the use of ESB technology incorporated within the end-to-end security framework.
✔ For an ESB to perform rudimentary message routing,
message header information needs to be unencrypted
and contain enough information to allow the ESB to
determine the destination(s) to which to deliver the
messages. Payload-based topic routing may not be
possible if end-to-end encryption is utilized.
✔ If end-to-end confidentiality is provided by encrypting the payload, then intervening message transformation will not be possible.
✔ If the ESB refactors the message, the signature and payload encryption will change. In this instance, the path of
ieee power & energy magazine
transformation may be important. Therefore, the ns:Header
may need to be changed to allow multiple verb/noun combinations that are signed, within
the ns:Header, in a hierarchical manner. This mechanism
would allow the receiving application to authenticate the
path of message transformation as well provide an endto-end message authentication capability.
✔ If the ESB transforms a nonWG14 style message into a
WG14 style message, the first
transformation needs to provide
equivalent verb/noun information for the originator of the nonWG14 style message as well as
its own information.
The CIM does indeed have cybersecurity uses; however, solutions created from the CIM still require the same attention to
cybersecurity that any other solution requires. The CIM allows
for standardized definitions of message content related to cybersecurity for the smart grid and provides a high-fidelity model of
the physical electrical grid. This article showed how the CIM
could be used in concert with other domain models-such as
cybersecurity or first responders-to create profiles that can
provide comprehensive information about the event. This work
is being extended to other business needs that require a multimodel profile. This article also discussed how to maintain confidentiality and integrity of the message data being exchanged
in XSD messages derived from the CIM.
Paul Skare is with Pacific Northwest National Laboratory,
Herbert Falk is with Systems Integration Specialists Company,
Inc. (SISCO), Sterling Heights, Michigan.
Mark Rice is with Pacific Northwest National Laboratory, Richland, Washington.
Jens Winkel is with UISOL, an Alstom company, Redmond, Washington.
Table of Contents for the Digital Edition of IEEE Power & Energy Magazine - January/February 2016