This part of IEC 62351 specifies how to provide confidentiality, integrity protection, and
message level authentication for SCADA and telecontrol protocols that make use of TCP/IP
as a message transport layer when cyber-security is required.
Although there are many possible solutions to secure TCP/IP, the particular scope of this part
is to provide security between communicating entities at either end of a TCP/IP connection
within the end communicating entities. The use and specification of intervening external
security devices (e.g. “bump-in-the-wire”) are considered out-of-scope.