Advanced connectivity in substations brings along cybersecurity considerations. Especially, the use of standardized data objects and message structures stipulated by IEC 61850 makes them much more vulnerable to unauth...Advanced connectivity in substations brings along cybersecurity considerations. Especially, the use of standardized data objects and message structures stipulated by IEC 61850 makes them much more vulnerable to unauthorized access and manipulation. In order to tackle these vulnerabilities, different methods are investigated by researchers all over the world. An important aspect of such efforts is the real-time performance consideration since power systems are bound by the rules of physics and all control/communication tasks need to be completed in a certain time frame. Security schemes for substation communication have been proposed in the recent literature. However, they must be improved to ensure a full security solution. Recently published IEC 62351 standard aims to fill this gap. Node authentication is vital for substation communication networks based on IEC 61850 to mitigate a variety of attacks such as man-in-the-middle(MITM) attack. This short communication presents a node authentication mechanism based on transport layer security(TLS) with certificates to address this knowledge gap. It also investigates the real-time performance by implementing the proposed scheme with Python.展开更多
Dynamic operation and control of power system is being increasingly done with the help of phasor measurement unit(PMU) based wide area monitoring and control system. The data communication requirements for the PMU bas...Dynamic operation and control of power system is being increasingly done with the help of phasor measurement unit(PMU) based wide area monitoring and control system. The data communication requirements for the PMU based applications are well addressed by IEEE C37.118.2 standard. However, IEC 61850 is now becoming a leading standard for power utility automation needs. A new part of IEC 61850, IEC 61850-90-5, specifying the IEEE C37.118.1 based synchrophasors data transfer according to IEC 61850, will lead to IEC 61850-90-5 based PMU communication networks. A novel IEC 61850-90-5 compliant communication model of PMU is proposed in this paper. We also present a comparative performance analysis of the PMU communication networks supporting the new synchrophasor standard for data transfer, i.e. IEC61850-90-5, and the existing standard, i.e. IEEE C37.118.2, for end to end(ETE) delay requirements for a modified IEEE 30 bus test system.展开更多
The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has...The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has significant impact.By exploiting the vulnerabilities of IEC 61850 Generic Object-Oriented Substation Events(GOOSE)and Sam-pled Values(SV)attackers can launch different FDI attacks.In this paper,a real-time set up capable of simulating FDI on GOOSE and SV protocols is developed to evaluate the impact of such attacks on power grid.IEC 62351 stipulates cybersecurity guidelines for GOOSE and SV,but only at communication or Information Technology(IT)level.Hence there is a need to develop a holistic security both at IT and Operation Technology(OT)level.In this regard,a novel sequence content resolver-based hybrid security scheme suitable to tackle FDI attacks on GOOSE and SV is proposed.Furthermore,the computational performance of the proposed hybrid security scheme is presented to demonstrate its applicability to the time critical GOOSE and SV protocols.展开更多
文摘Advanced connectivity in substations brings along cybersecurity considerations. Especially, the use of standardized data objects and message structures stipulated by IEC 61850 makes them much more vulnerable to unauthorized access and manipulation. In order to tackle these vulnerabilities, different methods are investigated by researchers all over the world. An important aspect of such efforts is the real-time performance consideration since power systems are bound by the rules of physics and all control/communication tasks need to be completed in a certain time frame. Security schemes for substation communication have been proposed in the recent literature. However, they must be improved to ensure a full security solution. Recently published IEC 62351 standard aims to fill this gap. Node authentication is vital for substation communication networks based on IEC 61850 to mitigate a variety of attacks such as man-in-the-middle(MITM) attack. This short communication presents a node authentication mechanism based on transport layer security(TLS) with certificates to address this knowledge gap. It also investigates the real-time performance by implementing the proposed scheme with Python.
文摘Dynamic operation and control of power system is being increasingly done with the help of phasor measurement unit(PMU) based wide area monitoring and control system. The data communication requirements for the PMU based applications are well addressed by IEEE C37.118.2 standard. However, IEC 61850 is now becoming a leading standard for power utility automation needs. A new part of IEC 61850, IEC 61850-90-5, specifying the IEEE C37.118.1 based synchrophasors data transfer according to IEC 61850, will lead to IEC 61850-90-5 based PMU communication networks. A novel IEC 61850-90-5 compliant communication model of PMU is proposed in this paper. We also present a comparative performance analysis of the PMU communication networks supporting the new synchrophasor standard for data transfer, i.e. IEC61850-90-5, and the existing standard, i.e. IEEE C37.118.2, for end to end(ETE) delay requirements for a modified IEEE 30 bus test system.
文摘The conventional power systems are evolving as smart grids.In recent times cyberattacks on smart grids have been increasing.Among different attacks,False Data Injection(FDI)is considered as an emerging threat that has significant impact.By exploiting the vulnerabilities of IEC 61850 Generic Object-Oriented Substation Events(GOOSE)and Sam-pled Values(SV)attackers can launch different FDI attacks.In this paper,a real-time set up capable of simulating FDI on GOOSE and SV protocols is developed to evaluate the impact of such attacks on power grid.IEC 62351 stipulates cybersecurity guidelines for GOOSE and SV,but only at communication or Information Technology(IT)level.Hence there is a need to develop a holistic security both at IT and Operation Technology(OT)level.In this regard,a novel sequence content resolver-based hybrid security scheme suitable to tackle FDI attacks on GOOSE and SV is proposed.Furthermore,the computational performance of the proposed hybrid security scheme is presented to demonstrate its applicability to the time critical GOOSE and SV protocols.
