ISO/IEC 24767-2:2009

ISO/IEC 24767-2
Edition 1.0 2009-01
INTERNATIONAL
STANDARD
Information technology – Home network security –
Part 2: Internal security services – Secure communication protocol for
middleware (SCPM)
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester.
If you have any questions about ISO/IEC copyright or have an enquiry about obtaining additional rights to this
publication, please contact the address below or your local IEC member National Committee for further information.

IEC Central Office
3, rue de Varembé
CH-1211 Geneva 20
Switzerland
Email: inmail@iec.ch
Web: www.iec.ch
About the IEC
The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.

About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
ƒ Catalogue of IEC publications: www.iec.ch/searchpub
The IEC on-line Catalogue enables you to search by a variety of criteria (reference number, text, technical committee,…).
It also gives information on projects, withdrawn and replaced publications.
ƒ IEC Just Published: www.iec.ch/online_news/justpub
Stay up to date on all new IEC publications. Just Published details twice a month all new publications released. Available
on-line and also by email.
ƒ Electropedia: www.electropedia.org
The world's leading online dictionary of electronic and electrical terms containing more than 20 000 terms and definitions
in English and French, with equivalent terms in additional languages. Also known as the International Electrotechnical
Vocabulary online.
ƒ Customer Service Centre: www.iec.ch/webstore/custserv
If you wish to give us your feedback on this publication or need further assistance, please visit the Customer Service
Centre FAQ or contact us:
Email: csc@iec.ch
Tel.: +41 22 919 02 11
Fax: +41 22 919 03 00
ISO/IEC 24767-2
Edition 1.0 2009-01
INTERNATIONAL
STANDARD
Information technology – Home network security –
Part 2: Internal security services – Secure communication protocol for
middleware (SCPM)
INTERNATIONAL
ELECTROTECHNICAL
COMMISSION
PRICE CODE
R
ICS 35.200 ISBN 2-8318-1020-6
– 2 – 24767-2 © ISO/IEC:2009(E)
CONTENTS
FOREWORD.5
1 Scope.6
2 Normative references .6
3 Terms, definitions and abbreviations .7
3.1 Terms and definitions .7
3.2 Abbreviations .8
4 Conformance.8
5 Design considerations of internal security services for home networks .9
5.1 General .9
5.2 Issues addressed by security measures .10
5.2.1 General .10
5.2.2 Unsafe transmission .10
5.2.3 Intentional misuse .10
5.3 Design principles of security measures.11
5.3.1 General .11
5.3.2 Minimization of resources for cost-saving .11
5.3.3 Independence of communication media .11
5.3.4 Independence of cryptographic algorithms.11
5.3.5 Extensibility of variant usages .11
6 Secure communication protocol for middleware (SCPM).11
6.1 General .11
6.2 What is SCPM .12
6.3 How does SCPM work .12
6.4 Where is SCPM going to be implemented.14
6.5 Usage levels of SCPM.14
6.6 Usage keys of SCPM.15
7 Secure message frame format.15
7.1 General communication frame .15
7.1.1 General .15
7.1.2 Header (HD) .16
7.1.3 Source address (SA) and destination address (DA) .16
7.1.4 Byte counter (BC) .16
7.1.5 Application Data (ADATA) .16
7.2 Secure frame structure .16
7.2.1 General .16
7.2.2 Secure header (SHD) .17
7.2.3 Sequence number field (SNF).18
7.2.4 Plain text data part byte counter (PBC).18
7.2.5 Plain text application data (PADATA).18
7.2.6 Block check code (BCC) .18
7.2.7 Padding (PDG) .18
7.2.8 Message data authentication signature (MDAS).19
8 SCPM processing.19
8.1 Algorithms and processing .19

24767-2 © ISO/IEC:2009(E) – 3 –
8.1.1 General .19
8.1.2 Encryption algorithms and encryption calculation.19
8.1.3 Data authentication algorithms and data authentication calculation.19
8.1.4 Cipher block chaining (CBC) mode .20
8.1.5 SNF initialisation and verification.20
8.1.6 Initialisation vector (IV) value .21
8.2 Secure message frame processing.22
8.2.1 General .22
8.2.2 Message frame processing of data authentication only .22
8.2.3 Message frame processing of confidentiality only .23
8.2.4 Message frame processing of data authentication and confidentiality .25
9 Key management.27
9.1 General .27
9.2 Key initialisation .27
9.2.1 Initialisation of a user key .27
9.2.2 Initialisation of service provider keys .30
9.2.3 Initialisation of maker key .32
9.3 Master key update.32
9.3.1 Master key update between KSN and a device .32
9.3.2 Key synchronization .36
9.3.3 Master key update request from a device .38
Annex A (informative) To authorize a key setting node.41
Bibliography.42

Figure 1 – Use of combined technologies against security risks .10
Figure 2 – General message frame versus secure message frame.13
Figure 3 – Round trip communications of SCPM .13
Figure 4 – Position of SCPM.14
Figure 6 – Secure message frame .17
Figure 7 – Data format of a secure header (SHD) .17
Figure 8 – Encryption employing AES-CBC with 128-bit key .19
Figure 9 – Data authentication calculation .20
Figure 10 – Sequences of SNF initialisation.21
Figure 11 – Calculation of IV value .21
Figure 13 – Secure message frames employing encryption service.25
Figure 14 – Secure message frames employing encryption and data authentication
services .27
Figure 15 – Sequences of user key initialisation .29
Figure 16 – Secure message frames of “user key” initialisation.30
Figure 17 – Sequences of service provider key initialisation.31
Figure 19 – Sequences of master key updates controlled by KSN using the DH
algorithm .34
Figure 21 – Secure message frames of master key update – Key exchange using DH
shared secret key .36
Figure 22 – Sequences of master key update for synchronization .37
Figure 23 – A state transition diagram of a device during master key update controlled
by KSN .38

– 4 – 24767-2 © ISO/IEC:2009(E)
Figure 24 – Sequences of master key update requested from a device .39
Figure 25 – A state transition diagram of a device when master key update is
requested from the device.40
Figure A.1 – An example to authenticate the KSN.41

24767-2 © ISO/IEC:2009(E) – 5 –
INFORMATION TECHNOLOGY –
HOME NETWORK SECURITY –
Part 2: Internal security services –
Secure communication protocol for middleware (SCPM)

FOREWORD
1) ISO (International Organization for Standardization) and IEC (International Electrotechnical Commission) form the
specialized system for worldwide standardization. National bodies that are members of ISO or IEC participate in
the development of International Standards. Their preparation is entrusted to technical committees; any ISO and
IEC member body interested in the subject dealt with may participate in this preparatory work. International
governmental and non-governmental organizations liaising with ISO and IEC also participate in this preparation.
2) In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1.
Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote.
3) The formal decisions or agreements of IEC and ISO on technical matters express, as nearly as possible, an
international consensus of opinion on the relevant subjects since each technical committee has representation
from all interested IEC and ISO member bodies.
4) IEC, ISO and ISO/IEC publications have the form of recommendations for international use and are accepted
by IEC and ISO member bodies in that sense. While all reasonable efforts are made to ensure that the
technical content of IEC, ISO and ISO/IEC publications is accurate, IEC or ISO cannot be held responsible for
the way in which they are used or for any misinterpretation by any end user.
5) In order to promote international uniformity, IEC and ISO member bodies undertake to apply IEC, ISO and
ISO/IEC publications transparently to the maximum extent possible in their national and regional publications.
Any divergence between any ISO/IEC publication and the corresponding national or regional publication
should be clearly indicated in the latter.
6) ISO and IEC provide no marking procedure to indicate their approval and cannot be rendered responsible for
any equipment declared to be in conformity with an ISO/IEC publication.
7) All users should ensure that they have the latest edition of this publication.
8) No liability shall attach to IEC or ISO or its directors, employees, servants or agents including individual experts
and members of their technical committees and IEC or ISO member bodies for any personal injury, property
damage or other damage of any nature whatsoever, whether direct or indirect, or for costs (including legal fees)
and expenses arising out of the publication of, use of, or reliance upon, this ISO/IEC publication or any other IEC,
ISO or ISO/IEC publications.
9) Attention is drawn to the normative references cited in this publication. Use of the referenced publications is
indispensable for the correct application of this publication.
10) Attention is drawn to the possibility that some of the elements of this International Standard may be the subject of
patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights.
International Standard ISO/IEC 24767-2 was prepared by subcommittee 25: Interconnection
of information technology equipment, of ISO/IEC joint technical committee 1: Information
technology.
The list of all currently available parts of ISO/IEC 24767 series, under the general title
Information technology – Home network security, can be found on the IEC web site.
This International Standard has been approved by vote of the member bodies, and the voting
results may be obtained from the address given on the second title page.
This publication has been drafted in accordance with the ISO/IEC Directives, Part 2.

– 6 – 24767-2 © ISO/IEC:2009(E)
INFORMATION TECHNOLOGY –
HOME NETWORK SECURITY –
Part 2: Internal security services –
Secure communication protocol for middleware (SCPM)

1 Scope
This part of ISO/IEC 24767 specifies security in a home network for equipment with limited IT
capability. The Secure Communication Protocol for Middleware (SCPM) is particularly
designed to support network security (see 5.2) for equipment not capable of supporting
Internet security protocols such as IPSec or SSL/TLS. Although this protocol is designed for
unsafe transmissions, it may be used on other types of transmissions. Of course, the quality
level of the security services of SCPM is not equal with that of the Internet security protocols
but will ensure that such middleware can also be connected securely within a home. It is not
the intention that SCPM replace existing security mechanisms of protocols that have already
been published.
The SCPM provides the security services at the network layer and the protocol does not rely
on any specific media transmission. This part of ISO/IEC 24767 contains detailed
specifications of the security services supported, the necessary message formats, the
information flows and the processing of these pieces of information necessary for the
implementation of this protocol.
Therefore, this standard neither addresses media-dependent issues nor an overall security
architecture covering every home-networking technology. The protocol specified in this
standard is media-independent and covers the security services for the network layer for
protocols that do not have a conflicting network-layer addressing scheme. Network layer
security services are provided through the use of a combination of cryptographic and security
mechanisms.
Each protocol should specify the details of this security implementation. An HES system
supporting more than one protocol needs a gateway in between protocols.
Finally, this standard does not define any type of application except for key management
which has become essential in any security service. Nonetheless, there are no restrictions on
which types of applications may be deployed with SCPM.
2 Normative references
The following referenced documents are indispensable for the application of this document.
For dated references, only the edition cited applies. For undated references, the latest edition
of the referenced document (including any amendments) applies.
ISO/IEC 10116, Information technology – Security techniques – Modes of operation for an n-
bit block cipher
ISO/IEC 11577, Information technology – Open Systems Interconnection – Network layer
security protocol
ISO/IEC 11770-3, Information technology – Security techniques – Key management – Part 3:
Mechanisms using asymmetric techniques
ISO/IEC 18033-3, Information technology – Security techniques – Encryption algorithms –
Part 3: Block ciphers
24767-2 © ISO/IEC:2009(E) – 7 –
3 Terms, definitions and abbreviations
3.1 Terms and definitions
For the purpose of this document the following definitions apply.
3.1.1
confidentiality
property that information is not made available or disclosed to unauthorized individuals,
entities or processes
3.1.2
data authentication
service used to ensure that the source of the data claimed by a party to a communication is
correctly verified
3.1.3
data integrity
property that data has not been altered or destroyed in an unauthorized manner
3.1.4
key setting node
entity responsible for key generation/distribution and management
3.1.5
MAC address
media access control sub-layer of the data-link layer of the communications protocol used
3.1.6
message frame
minimum data unit transmitted between a home appliance node and a home appliance control
3.1.7
out of band
use of other mechanisms than the ones required on a communications channel to transmit
information
3.1.8
requested service
networked node that responds to service requests
3.1.9
service requester
networked node that issues service requests
3.1.10
user authentication
service used to ensure that the identity claimed by a party to a communication is correctly
verified, whereas an authorization service ensures that the identified and authenticated party
is entitled to access a particular device or application on the home network
3.1.11
white goods
appliances that are used daily life, for example, air conditioner, refrigerator and so on

– 8 – 24767-2 © ISO/IEC:2009(E)
3.2 Abbreviations
For the purpose of this document the following abbreviations apply.
ADATA Application DATA ( 7. 1 . 5)
BC Byte Counter [data length in bytes of the following data payload (size of ADATA)]
BCC Block Check Code ( 7. 2. 6 )
CBC Cipher Block Chaining
CPU Central Processing Unit
DA Destination Address (of a message frame)
DCL Data-Link Layer
DES Data Encryption Standard
DH Diffie-Hellman (was the first published public-key algorithm and it can be used
for key distribution)
DoS Denial of Services
HD HeaDer (of the message frame)
HES Home Electronic System
IP Internet Protocol
IPSec IP Security protocol
IPv4 Internet Protocol version 4
IPv6 Internet Protocol version 6
IV Initialisation Vector
KSN Key Setting Node
MAC Message Authentication Code
MDAS Message Data Authentication Signature
PBC Plain text data part Byte Counter (data length in bytes of the following data
payload (size of PADATA))
PDG PaDdinG
PADATA Plain text Application DATA
PIN Personal Identification Number
SA Source Address (of a message frame)
SCPM Secure Communication Protocol for Middleware
SHD Secure Header
SNF Sequence Number Field
SSL Secure Sockets Layer
TLS Transport Layer Security
XOR eXclusive OR
4 Conformance
For conformance to this International Standard the following applies.
a) The structure shall conform to the requirements outlined in Clause 6.
b) The message frame format shall conform to the specifications outlined in Clause 7.

24767-2 © ISO/IEC:2009(E) – 9 –
c) The implementation and processing shall conform to the specifications outlined in
Clause 8.
d) The key management shall conform to the specifications outlined in Clause 9. This shall
be achieved in that the key initialization conforms to the specifications in 9.2.1.
5 Design considerations of internal security services for home networks
5.1 General
With more and more home appliances being connected to the home networks, residential
users are increasingly concerned about the safety of their possessions. In this way, security
considerations have become one of the most challenging research issues that need to be
addressed to fulfil users’ needs. Among these issues, defence against outside threats has
been quite successful using existing solutions such as IPSec or SSL/TLS (see Bibliography
for SSL/TLS specifications), but defence against inside threats still remains uncertain due to
several changing criteria. This standard specifies the internal security services for home
electronic systems and for home networks.
The internal network of a home needs to be protected. However, not all equipment that is
controlled in a home needs the same kind of protection. At least three levels of protection can
be foreseen. Some equipment can support the full IP stack with various security protocols
while other pieces of equipment are insensitive and thus may not need to be secured at all.
And, in between these two categories, there are pieces of equipment that should be protected
but do not have the capacity to support the full set of Internet Protocols. The purpose of this
standard is to provide security for such middleware equipment that does not have the IP
capacity. SCPM provides various security services at the network layer and is intended to be
media-independent, thus protecting communications from internal home network intruders.
In order to deal with the protection measures over the Internet, existing solutions such as
IPSec or SSL/TLS can be tailored for home appliances. A combination of SCPM and existing
solutions, correctly configured, combined with firewall technology, will meet the criteria of low
cost, low complexity and moderate inconvenience while doing a good job on defending the
home against threats.
Figure 1 gives an example of combined safeguard technologies. A maintenance centre tries to
upgrade software in white goods, for example, a washing machine. However, a washing
machine without IPSec or SSL capability could not provide end-to-end security with a server
in the maintenance centre. The demarcation line could be set between two segments, from
the server of the maintenance centre to a controller (with IP capability) at home and the
controller to the washing machine. IPSec or SSL/TLS is used to protect the segment (from the
server of the maintenance centre to a controller) and SCPM is used to protect the other
segment (from the controller to the washing machine). The controller is responsible for
decrypting the transmitted codes from the server protected by IPSec or SSL/TLS and
encrypting the messages again by SCPM. The washing machine with SCPM protocol is able
to decrypt the data and finally retrieve the transmitted code from the server. Because the
home network is protected by a firewall, a malicious user cannot easily intrude on the network
and retrieve the transmitted code while the controller is busy in decrypting or encrypting the
transmitted codes.
– 10 – 24767-2 © ISO/IEC:2009(E)
PPrrototeecctteed bd byy F Fiirreewwaallll
SerServvicicee
PPrrovoviiderder
MaintMainteennaance nce
CeCenntteerr
ReRemmoottee
MaintMainteennaance nce
SSererverver
InInInttteeerrrnnneeettt
WWWWWWW.W.W.
LivLiviing neng networtworkk
ccontrollerontroller
ReRemmootete
MainMaintenancetenance
PPrrototectecteded b byy I Inntteerrnnetet secursecuriittyy ((IIPPSSeecc oorr S SSSL/L/TTLLSS)) PPrrototectecteded b byy S SCCMPMP

Figure 1 – Use of combined technologies against security risks
This standard provides a solution for sub-parts which contain non-IP devices within HES.
IPsec and TLS provide a solution for IP based devices within HES.
5.2 Issues addressed by security measures
5.2.1 General
In home networks, there are many security risks. The goal of security services is to defend
against malevolent/threat agents that seek to compromise the home information security.
Aiming at the networking communications inside home, the following factors stimulate the
discussion of in-home security requirements.
5.2.2 Unsafe transmission
Power line: Most houses have power-line installations, and houses in the same
neighbourhood usually share a “power-line subnet” which connects to the
same distribution transformer. Thus, power-line commands from one house
can potentially reach devices in another near-by house and interfere with the
controlling of those devices. This factor also makes interception possible.
Wireless link: Wireless networking is perhaps the most attractive approach to set up a
network in the home since it avoids the cost and arduousness of wiring.
However, it comes with a security drawback. Malicious users no longer need
to gain physical access to the network medium, instead they can simply
intercept another user’s transmissions within the working range of a sending
node.
The nature of unsafe transmission media makes home networks vulnerable to various forms
of attacks such as passive eavesdropping, active interfering, leakage of secret information,
data tampering, impersonation and denial of service.
5.2.3 Intentional misuse
Although the security services of this standard focus on the inside of a home, when unsafe
transmission media are used, the domain under consideration is no longer restricted to the
inside of the home. The security services shall also protect against outsiders getting access
to information transmitted within the home and against the ability to influence or manipulate
such pieces of information.
24767-2 © ISO/IEC:2009(E) – 11 –
In order to deal with these most demanding requirements for the security of home-networking
communications, the main emphasis lies in the following four areas:
• Confidentiality – information should only be available to authorized persons. This function
protects data from unauthorized disclosure.
• Data origin authentication and data integrity – data origin authentication is to allow the
sources of data received to be verified as claimed. However, this function cannot provide
protection against the duplication or modification of data. In this case, data integrity shall
be used in conjunction with data origin authentication.
• Anti-replay – ensures message frame security by making it impossible for a hacker to
intercept message frames and insert changed frames into the data stream between a
source node and a destination node.
• Access control –provides the protection of system resources against unauthorized use.
5.3 Design principles of security measures
5.3.1 General
Taking into account the fact that the SCPM mechanism is going to be implemented in
household appliances with limited resources, such as household appliances with 8-bit CPU,
and that residential security shall be flexible, special consideration has been given to the
following points, allowing the owner to trade off convenience, risk and cost.
5.3.2 Minimization of resources for cost-saving
The SCPM mechanism is expected to be implemented as lightly as possible when considering
the limited hardware resources (CPU performance and memory capacity). These constraints
make it difficult to implement fully and for many years the well-known security measures
available in information technologies that are usually computation-intensive.
5.3.3 Independence of communication media
There are many types of transmission media used in homes to connect different devices to
the network. The mechanisms specified in Clause 6 are independent of any transmission
media. These mechanisms allow flexible use of services and at the same time keep them
secure.
5.3.4 Independence of cryptographic algorithms
The SCPM mechanism is expected to permit the selection of different cryptographic
algorithms without affecting other parts of its implementation and the incorporation of newly
developed cryptographic methods into the implementation for future security improvements.
5.3.5 Extensibility of variant usages
While broadband connections are mostly used for Internet access today, they also create new
service opportunities, such as maintenance of home appliances, monitoring of home security
or metering-related services. To provide for future use in conjunction with variant services that
will be applied in home networks, the SCPM mechanism is expected to be equipped with the
capability to establish two or more service-specific shared keys for a household appliance,
allowing two or more secure domains to be created within home networks.
6 Secure communication protocol for middleware (SCPM)
6.1 General
This clause provides a high-level description about how SCPM works in order to give an
overall picture of its process and behaviour from a system’s perspective and to see how it fits

– 12 – 24767-2 © ISO/IEC:2009(E)
into the communication between networked nodes. This clause also provides basic
descriptions for the following clauses, which will describe each topic in more detail.
An SCPM implementation operating in a home appliance and an appliance controller offers
protection for network traffic. The protection offered is based on requirements selected under
various consideration and explained in 5. 3.
6.2 What is SCPM
SCPM is designed to provide a mix of security services, comprising confidentiality, data origin
authentication, data integrity and an anti-replay service (a form of partial sequence integrity).
The set of services provided depends on whether the authentication/encryption mechanism is
enabled or not.
Confidentiality may be selected independently of other services. However, the use of
confidentiality without integrity/authentication may expose the communications to certain
forms of active attacks that could undermine the confidentiality service.
Data origin authentication and data integrity are joint services (hereafter referred to as
"authentication”) and are offered as an option in conjunction with (optional) confidentiality.
The anti-replay service may be selected only if data origin authentication is selected and its
selection is solely at the discretion of the receiver. (Although the default calls for the sender
to increment the sequence number used for anti-replay, the function is effective only if the
receiver checks the sequence number.)
6.3 How does SCPM work
For the purpose of minimizing the message size, SCPM will not adopt the encapsulation
mechanism used in a ISO network model. An ISO network model is shown in Figure 4.
Instead, it utilizes the same message format, by inserting fields, such as security header,
sequence number and data length between destination address (DA) and plain text data part
byte counter (PBC) and encrypting/authenticating some fields. Figure 2 shows a comparison
between a general message frame and a secure message frame. Exact field definitions will be
described in Clause 7.
Figure 2 also shows that in home networking communications, messages carried in the
frames can be roughly divided into two types: plaintext and ciphertext, depending on the
corresponding indication in HD. Plaintext messages are directly carried in the payload, in the
clear text, and secure messages are stored in the payload, either authenticated or encrypted.
If the indication in HD shows that this is a secure frame, SCPM will be activated to interpret
the encrypted/authenticated payload data. Otherwise, ordinary communications procedures
are carried out as usual.
24767-2 © ISO/IEC:2009(E) – 13 –
A general m essage frame
HD SA DA BC EDATA
A secure m essage fram e
HD SA DA BC SHD SNF PBC PEDATA BCC PDG MDAS
encryption
Certification
certification
data
Figure 2 – General message frame versus secure message frame
Besides the specified message structure, SCPM also employs one round-trip communications
mechanism to reduce the transmission data for media of lower and limited bandwidth (except
for some cases where double confirmations are needed). A round-trip communication is a
“request and response” protocol, where in a communication between two nodes, a service
requester issues a request message and a requested service replies with a response
message. The message flow is shown in Figure 3.
Service Requesting Party Service Requested party
(a shared secret)
(a shared secret)
Requesting message is encrypted
and/or authenticated using a
Requesting message is verified
Request
shared secrete key
and/or decrypted using the shared
secrete key
(a shared secret)
Response message is encrypted
(a shared secret)
and/or authenticated using the
shared secrete key
Response message is verified
and/or decrypted using the shared Response
secrete key
Figure 3 – Round trip communications of SCPM

– 14 – 24767-2 © ISO/IEC:2009(E)
6.4 Where is SCPM going to be implemented
The primary objective of SCPM is to have sufficient security mechanisms for a wide variety of
applications with limited IT capability, and to provide secure communications at the network
layer ISO/IEC 11577, as shown in Figure 4. SCPM is implemented in the layer of secure
communication middleware and is equivalent to “Network Layer”, “Transport Layer” and
“Session Layer” in Figure 4.
application
Application Layer
Presentation Layer
home networking communication layer
secure communication middleware
Session Layer
Transport Layer
encryption authentication
Network Layer
Data Link Layer power line radio twisted pair infrared ethernet
..
communica line
tion
Physical Layer
ISO network model
Figure 4 – Position of SCPM
Network-layer frames have no inherent security. It is relatively easy to forge the address,
modify the contents, replay old frames and inspect the contents of frames in transit. Therefore,
there is no guarantee that
a) the ackets received are from the claimed sender;
b) the packets contain the original data that the sender placed in them, and
c) that the original data has not been inspected by a third party while it travels.
Implementing security at the network layer has many advantages. Most of all, applications
need few or no changes, for it can work seamlessly with any protocol transported above the
network layer, which reduces the explosion in the implementations of other security protocols
at higher layers.
Since it operates at the network layer, SCPM can be used to secure any protocol that can be
encapsulated in a network packet, without any additional requirements.
6.5 Usage levels of SCPM
Applications relying on SCPM can be divided into four usage levels: supervisor, user, service
provider and maker. Each usage can be illustrated as follows.
Supervisor level: A householder who supervises different access levels to devices
falls under this level. For example, the procedures of initial setting
of a user key are at “supervisor level”.

24767-2 © ISO/IEC:2009(E) – 15 –
In supervisor level, confidentiality service and/or authentication is
performed by “serial key” of the device. “Serial key” is set into the
device in manufacture and displayed on the device’s outer case. A
householder who supervises the access right to the device uses
this “serial key” during the initial setting of the user key to the
device.
User level: Inhabitants operating home-networking automation/manipulation
belong to this level. “User key” is set into a device by the
supervisor and one user key is set in one domain. When
inhabitants don’t want to disclose home information to those other
than their family members, communications message could be
protected by “user key”.
Service provider level: When the householder is willing to transfer certain access right to a
device to a service provider, communications between a control
node and a device node is protected by the service provider key
when security services are necessary, which prevents other
unauthorized service providers from supervising the intended
devices.
Maker level: When manufacturers perform operations and don’t want to be
intercepted by malicious users, communications message can be
protected by maker key. “Maker key” is supervised by the maker of
the device.
6.6 Usage keys of SCPM
This standard defines the following five keys of SCPM.
Serial key: When confidentiality services and/or authentication are performed
in supervisor level, “serial key” is used.
User key: When confidentiality services and/or authentication are performed
in user level, “user key” is used.
Service provider key: When confidentiality services and/or authentication are performed
in service provider level, “service provider key” is used.
Maker key: When confidentiality services and/or authentication are performed
in maker level, “maker key” is used.
Master key: In this standard, “master key” is a generic name of shared secret
key. When the common key is updated, the common key after
update is called “new master key” and the common key before
update is called “pre-master key”.
7 Secure message frame format
7.1 General communication frame
7.1.1 General
The overwhelming majority of packets that traverse the network today follow the rules and the
formats defined by standards. A generic network frame, basically, includes message header
and payload data. For instance, an IP datagram comprises IPv4/IPv6 header and payload.
More specifically, the message header would comprise the frame header, the source address
and the destination address. Payload data comprises the size of the following data and the
communication information as described in Figure 5.

– 16 – 24767-2 © ISO/IEC:2009(E)
HD SA DA BC ADATA
message header payload
HD = Frame Header
SA = Source Address
DA = Destination Address
BC= Byte Counter of EDATA
ADATA= information carried in this message frame

HD SA DA BC ADATA
message header payload
HD = Frame Header
SA = Source Address
DA = Destination Address
BC= Byte Counter of EDATA
ADATA= information carried in this message frame

Figure 5 – General message frame

7.1.2 Header (HD)
The header contains type information that indicates whether the message frame is a secure
frame or not. Besides, it may carry other possible information, for example the communication
method. In networks, point to point communication is a typical model, but they also have
several other types, for example broadcast communication and multicast communication.
7.1.3 Source address (SA) and destination address (DA)
SA represents the network address of the source that generated this message frame. DA
represents the network address of the destination host. It could be IP address, MAC address
or any form of addressing provided for specific communications.
7.1.4 Byte counter (BC)
The byte counter indicates the data size of the ADATA field in bytes.
7.1.5 Application Data (ADATA)
ADATA is a variable length field, which carries the service requesting information.
7.2 Secure frame structure
7.2.1 General
Payload data is further divided into seven fields: Secure header (SHD), sequence number
field (SNF), plain text data part byte counter (PBC), payload data (PADATA), block check

24767-2 © ISO/IEC:2009(E) – 17 –
code (BCC), padding (PDG) and message data authentication signature (MDAS). The
following subclauses define each field in the secure frame. Some fields could be “optional”
(marked by * in Figure 6) which means that the field is omitted if the option is not selected.
Whether or not an option is selected, is defined in secure header (SHD). The structure is
shown in Figure 6.
HD SA DA BC EDATA
A general message frame
**
HD SA DA BC SHD SNF PBC PEDATA BCC PDG MDAS
A secure message frame
Figure 6 – Secure message frame
7.2.2 Secure header (SHD)
SHD is a 2-byte field. Figure 7 shows the data format in SHD.
Key Index
b3:b2:b1:b0=0:0:0:0 Serial Key Index
b3:b2:b1:b0
b3:b2:b1:b0=0:0:0:1 User Key Index
b3:b2:b1:b0=0:0:1:0 Maker Key Index
Others: 0:0:1:1 to 1:1:1:1 Service Provider Key Index
1: used to indicate the message is encrypted and authenticated by a shared secret key computed by DH algorithm
b4
0:
...