Novel weaknesses in IEC 62351 protected Smart Grid control systems

Smart Grids are characterized by a high level of interconnectedness and interdependency between their sub-components. As this increases the surface for potential cyber attacks, the control system communication needs to be protected. IEC 61850 is about to become the most prevalent communication standard in the process related parts of Smart Grid control systems, but it was not designed with security in mind. IEC 62351 extends IEC 61850 by comprehensive security measures. By analyzing the IEC 61850 and IEC 62351 specifications, three novel weaknesses in the IEC 62351 standard were discovered which will be presented in this paper. Two weaknesses allow for replay of GOOSE and Sampled Values messages and one weakness in the protocol used for time exchange (SNTP) leaves the system vulnerable to a variety of attacks.

[1]  Tim Güneysu,et al.  Cryptanalysis with COPACOBANA , 2008, IEEE Transactions on Computers.

[2]  Ejaz Ahmed,et al.  Poisoned GOOSE: Exploiting the GOOSE Protocol , 2014, AISC.

[3]  Ryan Spangler Packet Sniffing on Layer 2 Switched Local Area Networks , 2003 .

[4]  Abb,et al.  Special Report IEC 61850 , 2010 .

[5]  David L. Mills,et al.  Network Time Protocol (Version 3) Specification, Implementation and Analysis , 1992, RFC.

[6]  Steffen Fries,et al.  Enhancing IEC 62351 to Improve Security for Energy Automation in Smart Grid Environments , 2010, 2010 Fifth International Conference on Internet and Web Applications and Services.

[7]  Roslan Ismail,et al.  A review of security attacks on IEC61850 substation automation system network , 2014, Proceedings of the 6th International Conference on Information Technology and Multimedia.

[8]  Timothy X. Brown,et al.  Exploiting the GOOSE protocol: A practical attack on cyber-infrastructure , 2012, 2012 IEEE Globecom Workshops.