Recent News

Triangle MicroWorks Participates in EPRI DNP3 Secure Authentication Workshop and Demonstration

by Joe Stevens | Nov 12, 2014
Triangle MicroWorks recently participated in the EPRI DNP3 Secure Authentication Workshop in Knoxville on November 6.  The workshop was hosted by EPRI as part of their Cyber Security Technologies (P183B) series.  Grant Gilchrist of EnerNex presented training on DNP3 Secure Authentication as well as guidance for utilities migrating to DNP3 Secure Authentication.

Multi-Vendor Demonstration

During the Workshop, there was a demonstration of DNP3 Secure Authentication technology from ten different vendors, including Triangle MicroWorks which demonstrated the Communication Protocol Test Harness and the Distributed Test Manager.  The demonstration highlighted twelve different test scenarios from the DNP3 Secure Authentication Plugfest held at EPRI in August.  A variety of scenarios were demonstrated:
  • Secure Master connecting to Secure Outstation
  • The use of Gateways with DNP3 Secure Authentication
  • The use of DNP3 Secure Authentication over TLS
  • The use of Terminal Servers with DNP3 Secure Authentication (converting between DNP3 IP and DNP3 serial)
  • Converting between DNP3 Secure Authentication Version 5 and Version 2 with a Gateway
  • Initializing and refreshing Session Keys
  • Challenge and Reply of critical operation
  • Aggressive Mode Request of critical operation
  • Authentication of data from Outstation

Remote Key Management

The Remote Key Management capability of DNP3 Secure Authentication was also demonstrated at the workshop.  Triangle MicroWorks demonstrated a DNP3 Authority application which was used to generate and remotely update Keys and Certificates with DNP3 Masters and Outstations.  Also part of the Key Management demonstration was ESCRYPT which also demonstrated a DNP3 Authority application.  The Key Management scenarios tested included:
  • Remotely changing Update Keys using symmetric cryptography
  • Remotely changing Update Keys using asymmetric cryptography
  • Remotely changing Update Keys using asymmetric certificates
  • Reject operation because user does not have necessary privileges
  • Reject operation because user's privileges have expired
  • Reject operation because user has been deleted

Distributed Key Management Protocol

In the demonstration, the DNP3 Authority interfaced to DNP3 Masters via the Distributed Key Management Protocol (DKMP) which was written as a collaboration between Triangle MicroWorks, ESCRYPT, and additional members of the DNP3 Technical Committee.  Interoperability of the DKMP protocol was demonstrated by using the ESCRYPT DNP3 Authority to update security credentials with a Triangle MicroWorks DNP3 Master Station through DKMP.

DNP3 Secure Authentication Training

To learn more about Secure Authentication, please visit the following pages on our website:

Free Training Video on DNP3 Secure Authentication

Download a PDF Overview of DNP3 Key Management
.
 
© 2013 Triangle MicroWorks, Inc. All rights reserved.