Development of authentication algorithms for iec 61850 goose and sampled value messages

Abstract

Before standardising uniform communication networks, protocols such as the Distributed Network Protocol (DNP3), were used in distributed control systems to transmit telemetry data. However, these network protocols lacked a standard naming convention, making their implementation in control systems expensive due to the use of copper wiring. The Industrial Internet of Things (IIoT) has contributed to the integration of Information and Communication Technology (ICT) in power systems. The integration of smart technology in substation automation has led to the transformation of the Smart Grid (SG). Over the years, malware and other cyber-attacks have compromised the cyber-security of industrial networks. Some attacks have successfully hacked the Supervisory Control and Data Acquisition (SCADA) systems of industrial plants. Cyber-security is becoming a concern in substation automation and is gaining attention in power systems. Protecting all information in Substation Automation Systems (SAS) is of paramount importance for the success of the SG revolution. The need to standardise communication networks prompted the transition to networked smart grid systems, reducing costs and engineering time associated with system implementation. The number of security threats targeting electrical networks has been increasing rapidly, and several protocols utilised in these environments are being studied to address these cyber-attacks. The development of security mechanisms for securing the substation communication network is crucial. In the realm of Cyber-Physical Systems (CPS), the IEC 61850 standard for communication networks is attracting significant attention for its potential to modernise, technologically advance, and make distribution automation effective and economical. IEC 61850 provides an integrated solution in the power system for communication between intelligent devices, offering interoperability and reliability, and incorporating a better form of standardisation as the central smart grid communication protocol. However, IEC 61850 does not have any safety-related features, and cyber-security attacks remain a concern in the substation environment. Edition 1 of IEC 61850 did not emphasise cybersecurity as a primary focus. The standardisation of data models and communication protocols were the main objectives of this version. Furthermore, Edition 2 of IEC 61850 introduced some improvements to the standard. Although Edition 2 incorporated the enhancement of security features compared to Edition 1, it did not offer a comprehensive set of cybersecurity capabilities that addressed all modern security challenges. The deployment of IEC 62351 has been introduced to address this concern in power systems. It is crucial to secure communication in the SAS from any cyber-security attacks. Implementing both IEC 61850 and IEC 62351 standards requires extensive knowledge in data networking, software modelling, system simulation, and testing procedures. Generic Object-Oriented Substation Event (GOOSE) and Sampled Value (SV) messages are critical for secure operation and have stringent performance requirements. GOOSE is a model process where data is collected, grouped into a dataset, and transmitted on a process bus. SV is a publisher and subscriber communication where information, such as values of power, is transmitted between the merging units and intelligent electronic devices (IEDs). Compromising GOOSE or SV messages may cause severe power loss to the system. Manipulating or disrupting GOOSE communications could compromise the efficient operation of protective relays, resulting in delayed or incorrect responses under fault events. Tampering with SV messages may result in false data being fed into the protection and control systems, causing the protective devices to malfunction or fail. Both situations have the potential to disrupt the power grid's normal operation, resulting in failures and power outages that have severe consequences for vital systems and end users. As a result, securing these communication protocols is critical to ensuring the reliability and stability of the electrical infrastructure. This study aims to develop an authentication algorithm for Routable-GOOSE (R-GOOSE) or Routable-SV (R-SV) and implement it in a real-time software application. Critical security features must be enabled to support authentication and authorisation. The EtM algorithm is proposed for maintaining message confidentiality and integrity, with AES-128 encryption for privacy and MAC algorithms for message authentication. Simulation results indicate that the EtM algorithm can be successfully used for R-SV messages while meeting the stringent 3 ms latency criteria. The results suggest that future IEC 62351 security standards can confidently advocate for encryption for R-SV communication.