The PSCC is actively involved in supporting DNP3 as IEEE 1815. This effort includes an active working group developing updates to the protocol as an industry standard. The DNP Technical Committee has released a Security Notice in response to the US-CERT Alert regarding the CrashOverride malware.
The Security Notice is publically posted to: SN2017-001
About CrashOverride:
CrashOverride malware represents a scalable, capable platform designed to disrupt the working processes of industrial control systems (ICS), specifically industrial control systems used in electrical substations. The modules and capabilities publically reported appear to focus on organizations using ICS protocols IEC101, IEC104, and IEC61850. The platform fundamentally abuses the functionality of a targeted ICS system’s legitimate control system to achieve its intended effect. The CrashOverride malware is believed to have been used to attack the Ukrainian power industry in December 2016 resulting in an outage.
About the DNP Technical Committee:
The development of DNP3 was a comprehensive effort to achieve open, standards-based interoperability between substation outstations and master stations for the electric utility industry. Since its inception, DNP3 has also become widely utilized in adjacent industries such as water / waste water, transportation and the oil and gas industry.
In early 2010, the DNP Technical Committee began working with the IEEE to establish DNP3 as an IEEE standard; IEEE Standard for Electric Power Systems Communications – Distributed Network Protocol (DNP3) was released as IEEE Std 1815TM-2010 later that year. This standard incorporated all of the individual “Basic 8” volumes into one document, with each “Basic 8” volume becoming a separate Clause in the 1815-2010 document.
Since then, members of the DNP Technical Committee and IEEE Power & Energy Society, Transmission and Distribution (PE/T&D) Committee and Substations Committee (PE/Sub) – Working Group C12 have been working diligently to update various sections of the DNP3 specifications. The result is IEEE Std 1815TM-2012, which was released Oct. 12, 2012.