S-GoSV: Framework for Generating Secure IEC 61850 GOOSE and Sample Value Messages

Standardized communication plays an important role in substation automation system (SAS). IEC 61850 is a de-facto standard in SAS. It facilitates smooth communication between different devices located in the substation by achieving interoperability. Generic Object-Oriented Substation Event (GOOSE) and Sample Value (SV) messages developed according to IEC 61850 enable efficient monitoring and operation control of SAS. IEC 61850 is very popular due to its flexible and robust modeling. As the number of critical infrastructures that employed IEC 61850 increases, it is important to study cybersecurity aspects as well. To this end, this paper develops a software framework, S-GoSV (Secure GOOSE and SV), that generates custom GOOSE and Sample Value messages. Furthermore, security features are added to protect them from different security attacks within a substation. IEC 62351-6 specifies digital signatures to achieve node authentication and messages integrity. Therefore, S-GoSV implements RSASSA-PKCS1-v1_5 digital signature algorithm based on RFC 2313. Performance studies show that digital signature algorithms based on RSA signing and verification take long times and do not conform to timing requirements stipulated by IEC 61850 for power system communication. To address this, Message Authentication Code (MAC) based digital signature algorithm, Keyed Hash-Message Authentication Code- Secure Hash Algorithm (HMAC-SHA256), is additionally implemented in S-GoSV framework for securing GOOSE messages.

[1]  Taha Selim Ustun,et al.  Analysis and Implementation of Message Authentication Code (MAC) Algorithms for GOOSE Message Security , 2019, IEEE Access.

[2]  Taha Selim Ustun,et al.  IEEE 1609 WAVE and IEC 61850 Standard Communication Based Integrated EV Charging Management in Smart Grids , 2018, IEEE Transactions on Vehicular Technology.

[3]  Yona Lopes,et al.  Geese: A traffic generator for performance and security evaluation of IEC 61850 networks , 2015, 2015 IEEE 24th International Symposium on Industrial Electronics (ISIE).

[4]  Mohd Asim Aftab,et al.  Performance evaluation of IEC 61850 GOOSE‐based inter‐substation communication for accelerated distance protection scheme , 2018, IET Generation, Transmission & Distribution.

[5]  Frank Hohlbaum,et al.  Cyber Security Practical considerations for implementing IEC 62351 , 2010 .

[6]  G. Manimaran,et al.  Integrated Anomaly Detection for Cyber Security of the Substations , 2014, IEEE Transactions on Smart Grid.

[7]  Ikbal Ali,et al.  Information modeling for Distributed Energy Resource integration in IEC 61850 based substations , 2015, 2015 Annual IEEE India Conference (INDICON).

[8]  Zhenyu Zhou,et al.  Review of cyber-security challenges and measures in smart substation , 2016, 2016 International Conference on Smart Grid and Clean Energy Technologies (ICSGCE).

[9]  Taha Selim Ustun,et al.  Performance Evaluation and Analysis of IEC 62351-6 Probabilistic Signature Scheme for Securing GOOSE Messages , 2019, IEEE Access.

[10]  Dmitry Ishchenko,et al.  Secure Communication of Intelligent Electronic Devices in Digital Substations , 2018, 2018 IEEE/PES Transmission and Distribution Conference and Exposition (T&D).

[11]  Deepa Kundur,et al.  IEC-61850 GOOSE traffic modeling and generation , 2017, 2017 IEEE Global Conference on Signal and Information Processing (GlobalSIP).

[12]  Taha Selim Ustun,et al.  Certificate Based Authentication Mechanism for PMU Communication Networks Based on IEC 61850-90-5 , 2018, Electronics.

[13]  Taha Selim Ustun,et al.  A central microgrid protection system for networks with fault current limiters , 2011, 2011 10th International Conference on Environment and Electrical Engineering.

[14]  Taha Selim Ustun,et al.  Communication Modeling of Solar Home System and Smart Meter in Smart Grids , 2018, IEEE Access.

[15]  Taha Selim Ustun,et al.  Communication Modeling for Differential Protection in IEC-61850-Based Substations , 2018, IEEE Transactions on Industry Applications.

[16]  Abhisek Ukil,et al.  Toward Threat of Implementation Attacks on Substation Security: Case Study on Fault Detection and Isolation , 2018, IEEE Transactions on Industrial Informatics.