Machine Learning-Based Intrusion Detection for Achieving Cybersecurity in Smart Grids Using IEC 61850 GOOSE Messages

Increased connectivity is required to implement novel coordination and control schemes. IEC 61850-based communication solutions have become popular due to many reasons—object-oriented modeling capability, interoperable connectivity and strong communication protocols, to name a few. However, communication infrastructure is not well-equipped with cybersecurity mechanisms for secure operation. Unlike online banking systems that have been running such security systems for decades, smart grid cybersecurity is an emerging field. To achieve security at all levels, operational technology-based security is also needed. To address this need, this paper develops an intrusion detection system for smart grids utilizing IEC 61850’s Generic Object-Oriented Substation Event (GOOSE) messages. The system is developed with machine learning and is able to monitor the communication traffic of a given power system and distinguish normal events from abnormal ones, i.e., attacks. The designed system is implemented and tested with a realistic IEC 61850 GOOSE message dataset under symmetric and asymmetric fault conditions in the power system. The results show that the proposed system can successfully distinguish normal power system events from cyberattacks with high accuracy. This ensures that smart grids have intrusion detection in addition to cybersecurity features attached to exchanged messages.

[1]  Taha Selim Ustun,et al.  A Review of IEC 62351 Security Mechanisms for IEC 61850 Message Exchanges , 2020, IEEE Transactions on Industrial Informatics.

[2]  Taha Selim Ustun,et al.  IEC 61850-Based Communication Modeling of EV Charge-Discharge Management for Maximum PV Generation , 2019, IEEE Access.

[3]  Daniel Mossé,et al.  A survey on intrusion detection and prevention systems in digital substations , 2021, Comput. Networks.

[4]  Taha Selim Ustun,et al.  Certificate Based Authentication Mechanism for PMU Communication Networks Based on IEC 61850-90-5 , 2018, Electronics.

[5]  Taha Selim Ustun,et al.  IEC 61850 Modeling of UPFC and XMPP Communication for Power Management in Microgrids , 2020, IEEE Access.

[6]  Andrés Felipe Sánchez Prisco,et al.  Intrusion detection system for SCADA platforms through machine learning algorithms , 2017, 2017 IEEE Colombian Conference on Communications and Computing (COLCOM).

[7]  Zhenyu Zhou,et al.  Review of cyber-security challenges and measures in smart substation , 2016, 2016 International Conference on Smart Grid and Clean Energy Technologies (ICSGCE).

[8]  Taha Selim Ustun,et al.  Using IEC 61850 and IEEE WAVE standards in ad-hoc networks for electric vehicle charging management , 2016, 2016 IEEE Online Conference on Green Communications (OnlineGreenComm).

[9]  Wenxia Liu,et al.  A Preliminary Communication Model of Smart Meter Based on IEC 61850 , 2011, 2011 Asia-Pacific Power and Energy Engineering Conference.

[10]  G. Manimaran,et al.  Detection of cyber intrusions using network-based multicast messages for substation automation , 2014, ISGT 2014.

[11]  Taha Selim Ustun,et al.  IEC 61850 based substation automation system: A survey , 2020 .

[12]  Taha Selim Ustun,et al.  Implementing Secure Routable GOOSE and SV Messages Based on IEC 61850-90-5 , 2020, IEEE Access.

[13]  Arash Habibi Lashkari,et al.  Securing GOOSE: The Return of One-Time Pads , 2019, 2019 International Carnahan Conference on Security Technology (ICCST).

[14]  Daniele Miorandi,et al.  A Holistic View of Security and Privacy Issues in Smart Grids , 2012, SmartGridSec.

[15]  Taha Selim Ustun,et al.  A Novel Approach for Mitigation of Replay and Masquerade Attacks in Smartgrids Using IEC 61850 Standard , 2019, IEEE Access.

[16]  Taha Selim Ustun,et al.  Certificate Based Security Mechanisms in Vehicular Ad-Hoc Networks based on IEC 61850 and IEEE WAVE Standards , 2019, Electronics.

[17]  Taha Selim Ustun,et al.  S-GoSV: Framework for Generating Secure IEC 61850 GOOSE and Sample Value Messages , 2019 .

[18]  Taha Selim Ustun,et al.  Performance Evaluation and Analysis of IEC 62351-6 Probabilistic Signature Scheme for Securing GOOSE Messages , 2019, IEEE Access.

[19]  Aiko Pras,et al.  Intrusion Detection in SCADA Networks , 2010, AIMS.

[20]  Taha Selim Ustun,et al.  Artificial Intelligence Based Intrusion Detection System for IEC 61850 Sampled Values Under Symmetric and Asymmetric Faults , 2021, IEEE Access.

[21]  Taha Selim Ustun,et al.  A Method for Achieving Confidentiality and Integrity in IEC 61850 GOOSE Messages , 2020, IEEE Transactions on Power Delivery.

[22]  Fulli Gianluca,et al.  Smart grid projects outlook 2017: facts, figures and trends in Europe , 2017 .

[23]  Yona Lopes,et al.  Dynamic Adaptive Protection based on IEC 61850 , 2020, IEEE Latin America Transactions.

[24]  Jhi-Young Joo,et al.  A Comprehensive Review of Practical Issues for Interoperability Using the Common Information Model in Smart Grids , 2020 .

[25]  Mohd Wazir Mustafa,et al.  Smart grids security challenges: Classification by sources of threats , 2018, Journal of Electrical Systems and Information Technology.

[26]  Taha Selim Ustun,et al.  Analysis and Implementation of Message Authentication Code (MAC) Algorithms for GOOSE Message Security , 2019, IEEE Access.

[27]  Taha Selim Ustun,et al.  Virtual Power Plant Management in Smart Grids with XMPP Based IEC 61850 Communication , 2019, Energies.

[28]  Binbin Chen,et al.  A Synthesized Dataset for Cybersecurity Study of IEC 61850 based Substation , 2019, 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm).