A Test bed dedicated to the Study of Vulnerabilities in IEC 61850 Power Utility Automation Networks (original) (raw)
Related papers
Cyber Attacks on Power System Automation and Protection and Impact Analysis
2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), 2020
Power system automation and communication standards are spearheading the power system transition towards a smart grid. IEC 61850 is one such standard, which is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation and protection devices within digital substations. However, IEC 61850 is not cyber secure. In this paper, we demonstrate the dangerous implications of not securing IEC 61850 standard. Cyber attacks may exploit the vulnerabilities of the Sampled Values (SV) and Generic Object-Oriented Substation Event (GOOSE) protocols of IEC 61850. The cyber attacks may be realised by injecting spoofed SV and GOOSE data frames into the substation communication network at the bay level. We demonstrate that such cyber attacks may lead to obstruction or tripping of multiple protective relays. Coordinated cyber attacks against the protection system in digital substations may cause generation and line di...
Sensors
The generation of the mix-based expansion of modern power grids has urged the utilization of digital infrastructures. The introduction of Substation Automation Systems (SAS), advanced networks and communication technologies have drastically increased the complexity of the power system, which could prone the entire power network to hackers. The exploitation of the cyber security vulnerabilities by an attacker may result in devastating consequences and can leave millions of people in severe power outage. To resolve this issue, this paper presents a network model developed in OPNET that has been subjected to various Denial of Service (DoS) attacks to demonstrate cyber security aspect of an international electrotechnical commission (IEC) 61850 based digital substations. The attack scenarios have exhibited significant increases in the system delay and the prevention of messages, i.e., Generic Object-Oriented Substation Events (GOOSE) and Sampled Measured Values (SMV), from being transmit...
Cybersecurity for electric power control and automation systems
2007 IEEE International Conference on Systems, Man and Cybernetics, 2007
Disruption of electric power operations can be catastrophic on the national security and economy. Due to the complexity of widely dispersed assets and the interdependency between computer, communication, and power systems, the requirement to meet security and quality compliance on the operations is a challenging issue. In recent years, NERC's cybersecurity standard was initiated to require utilities compliance on cybersecurity in control systems-NERC CIP 1200. This standard identifies several cyber-related vulnerabilities that exist in control systems and recommends several remedial actions (e.g., best practices). This paper is an overview of the cybersecurity issues for electric power control and automation systems, the control architectures, and the possible methodologies for vulnerability assessment of existing systems.
Cybersecurity based on IEC 62351 and IEC 62443 for IEC 61850 systems
15th International Conference on Developments in Power System Protection (DPSP 2020)
The word "cyber," originating from the Greek word meaning "skilled steering or guidance," has taken on the modern meaning of using digital communications within and among intelligent devices to perform information gathering and commanded control. Information technology (IT) systems include networked communications among computers, business systems, and the internet. Operational technology (OT) systems include networked communications among industrial control system (ICS) devices performing automatic safety, operational, and monitoring processes. In this paper, established ICS methods and standards are used to design defense-in-depth cybersecurity methods for digital communications within an energy control system (ECS) communications network. The ECS communications architecture is a mission-critical ICS and is divided into multiple levels with unique requirements and features from the process up through the station and finally to the control center. Using these levels, it is possible to identify interacting cyber defense technologies, the levels at which they should be deployed, and which devices they belong to (IEC 62443 Part 3) instead of the arbitrary defensein-breadth strategy of requesting that every device include every cyber defense technology (IEC 62443 Part 4).
Power utility automation cybersecurity: IEC 61850 specification of an intrusion detection function
Safety and Reliability of Complex Engineered Systems, 2015
The IEC 61850 standard defines a global framework for designing power utility automation systems. The main goal of IEC 61850 being interoperability, it brings information and tools for both system modelling and communication architecture. But cybersecurity measures and propositions are scarce. They should be a priority. To help fill this lack of cybersecurity, we specify a fully IEC 61850-compatible intrusion detection function. This paper explains the procedure of defining functions and necessary model objects consistent with the standard requirements. We then detail our intrusion detection function.
Attacking IEC-60870-5-104 SCADA Systems
2019
The rapid evolution of the Information and Communications Technology (ICT) services transforms the conventional electrical grid into a new paradigm called Smart Grid (SG). Even though SG brings significant improvements, such as increased reliability and better energy management, it also introduces multiple security challenges. One of the main reasons for this is that SG combines a wide range of heterogeneous technologies, including Internet of Things (IoT) devices as well as Supervisory Control and Data Acquisition (SCADA) systems. The latter are responsible for monitoring and controlling the automatic procedures of energy transmission and distribution. Nevertheless, the presence of these systems introduces multiple vulnerabilities because their protocols do not implement essential security mechanisms such as authentication and access control. In this paper, we focus our attention on the security issues of the IEC 60870-5-104 (IEC-104) protocol, which is widely utilized in the European energy sector. In particular, we provide a SCADA threat model based on a Coloured Petri Net (CPN) and emulate four different types of cyber attacks against IEC-104. Last, we used AlienVault's risk assessment model to evaluate the risk level that each of these cyber attacks introduces to our system to confirm our intuition about their severity.
Development of Cyber-Physical Security Testbed Based on IEC 61850 Architecture
Elektronika ir Elektrotechnika, 2019
The paper focuses on security in industrial control systems. Numerous protocols and their incompatibility are undermining the security design. Also, the IEC 61850 standard focuses on these issues. In detail, it deals with the compatibility between protocols and, partly, security. In the context of this work, a testbed together with the traffic generator for IEC 61850 standard and its three main parts – MMS (Manufacturing Message Specification), GOOSE (Generic Object-Oriented Substation Events), and Sampled Values - are designed. Additionally, the used generator is compared with an example of RTU (Remote Terminal Unit) used in standard ICS (Industrial Control Systems) networks. The last part of this work consists of the performance testing of the implemented protocols (MMS, GOOSE, and Sampled Values).
2021 IEEE Texas Power and Energy Conference (TPEC), 2021
The traditional power systems are rapidly digitalized and automated for increased monitoring and control. This automation of power system communication has made it possible to monitor and control operations remotely in a plant. However, this also opens up an exploitation vector for attackers, after they gain access to the substation network. This scenario can only be investigated through an in-depth study of communication protocols and control authority concepts associated with power system. IEC 61850 has emerged as the most popular protocol for power system communication. In this paper, we investigate realtime simulation of power systems with IEC 61850 based communication, in order to devise a testbed that can be used to validate false data injection cyberattacks and evaluate their impact. Based on the results, we discuss possible countermeasures to such attacks and outline future research directions.
The U.S. Electrical Power Grid as a Cyber-Physical System: Understanding Exposed Attack Surfaces
2015
The U.S. power grid is one of the largest installations of critical infrastructure in the world, the failure of which can cause significant socioeconomic damage. Due to the complexities involved in providing reliable power to customers over long distances, the grid’s engineers rely on industrial automation technology to make important operational decisions. This technology exposes the grid to the risk of electronic attack. In this paper, I describe the operation of the power grid and the control loops which govern it. I examine the industrial automation system that maintains the grid, and use it to present a model of the power grid as a cyber-physical system. Using this model, I enumerate the surfaces the grid exposes to electronic attack, and delve into several specific theoretical attacks. I conclude with an assessment of the grid’s overall susceptibility to electronic attack, and discuss attractive directions for future research.
Cyber-vulnerability of power grid monitoring and control systems
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, 2008
In this paper, a methodology is proposed for the evaluation of the impact of cyber attacks on the power grid. This is a systematical approach to evaluate the vulnerabilities of SCADA system at three levels, i.e., system, scenario, and access points. The impact of potential intrusion is evaluated based on the power flow solution. The cause-effect on the proposed method determines the likelihood of the consequence, which can be evaluated based on a substation outage. An IEEE 30 bus system is used to build a test case for the proposed method.