IEC-104 is a communication protocol used in the field of industrial automation and control. It is based on the standard IEC-60870–5–104 and is commonly used for telecontrol (supervisory control and data acquisition) in electric power systems, water supply systems, and other similar infrastructures. The protocol is designed for reliable and secure communication over TCP/IP networks and defines a set of standard communication services and data structures for the exchange of information between control centers and field devices.
Some examples of countries where IEC-104 is commonly used include:
- Europe: IEC-104 is widely used in European countries, particularly in the electric power and water supply systems.
- China: IEC-104 is widely used in China’s power system and water supply systems as well as in other infrastructures.
- Russia: IEC-104 is also widely used in Russia in the same areas as mentioned above.
- United States: IEC-104 is used in some electric power and water supply systems in the United States, but it is not as commonly used as other protocols such as DNP3 and Modbus.
- South America: countries like Brazil, Argentina, and Chile also use IEC-104 for their infrastructures.
IEC-104 is a communication protocol that is used in the field of industrial automation and control, and like any other protocol, it can be vulnerable to certain types of cyber attacks. Some of the known vulnerabilities of IEC-104 include:
- Man-in-the-Middle (MitM) attacks: IEC-104 does not provide encryption for all types of data, and it does not use a secure authentication mechanism, making it vulnerable to MitM attacks where an attacker intercepts and modifies the communication between a control center and a field device.
- Replay attacks: IEC-104 does not include any mechanism for detecting replay attacks, where an attacker intercepts and resends a valid packet to the control system.
- Lack of access control: IEC-104 does not include any mechanism for controlling access to the control system, which could allow an attacker to gain unauthorized access to the system.
- Denial of Service (DoS) attacks: IEC-104 does not include any mechanism for protecting against DoS attacks, which could cause the control system to become unavailable.
While there is currently no consensus on a direct replacement for IEC-104, there are a few protocols that are being developed and implemented that are designed to address some of the limitations and vulnerabilities of IEC-104.
- IEC-61850, which is a standard for electric power systems and is designed to be more secure and reliable than IEC-104. It’s also designed to be more flexible and able to handle a larger number of devices and more complex systems.
- IEC-62443, which is a set of standards for industrial automation and control systems security. This protocol is designed to provide a more comprehensive security solution for industrial control systems, including SCADA systems.
It’s worth noting that the replacement of IEC-104 may be a gradual and not an immediate process, as many systems and devices that use IEC-104 are still in operation and will continue to be in operation for many years to come. Additionally, the replacement of IEC-104 will also depend on the specific needs and requirements of the system and the industry, which will vary from one case to another.
