The DNP Technical Committee has released Technical Bulletin TB2016-002 Addressing Deficiencies in DNP3-SAv5. This document details identified deficiencies and vulnerabilities in DNP3 Secure Authentication version 5 (DNP3-SAv5) that must be corrected.
Some of the issues can be addressed by making changes to the behavior of DNP3-SAv5 devices without changing the structure of the messages exchanged. These changes are described in the Technical Bulletin. A device that implements these recommended changes will remain compatible with a device that does not. The DNP Users Group recommends that all existing DNP3-SAv5 devices implement these changes as soon as possible.
Some of the issues require new messages or new status or error codes. These issues will be addressed in a future release of DNP3-SA.The DNP Users Group recommends against deferring implementation until future versions are released.
The Technical Bulletin can be downloaded from the dnp.org Document Library.
Please email firstname.lastname@example.org if you have any questions.
Secretary, DNP Users Group