S-GoSV: Framework for Generating Secure IEC 61850 GOOSE and Sample Value Messages

Standardized communication plays an important role in substation automation system (SAS). IEC 61850 is a de-facto standard in SAS. It facilitates smooth communication between different devices located in the substation by achieving interoperability. Generic Object-Oriented Substation Event (GOOSE) a...

Full description

Saved in:
Bibliographic Details
Published inEnergies (Basel) Vol. 12; no. 13; p. 2536
Main Authors Farooq, Shaik Mullapathi, Hussain, S.M. Suhail, Ustun, Taha Selim
Format Journal Article
LanguageEnglish
Published Basel MDPI AG 01.07.2019
Subjects
Algorithms
Automation
Communication
Communications networks
Cryptography
Cybersecurity
Data encryption
Datasets
Digital signatures
Ethernet
Generic Object-Oriented Substation Event (GOOSE)
IEC 62351-6 standard
Sample Values
security in Substation communication system
Software
United States > US
Online AccessGet full text

Cover

More Information
Summary:Standardized communication plays an important role in substation automation system (SAS). IEC 61850 is a de-facto standard in SAS. It facilitates smooth communication between different devices located in the substation by achieving interoperability. Generic Object-Oriented Substation Event (GOOSE) and Sample Value (SV) messages developed according to IEC 61850 enable efficient monitoring and operation control of SAS. IEC 61850 is very popular due to its flexible and robust modeling. As the number of critical infrastructures that employed IEC 61850 increases, it is important to study cybersecurity aspects as well. To this end, this paper develops a software framework, S-GoSV (Secure GOOSE and SV), that generates custom GOOSE and Sample Value messages. Furthermore, security features are added to protect them from different security attacks within a substation. IEC 62351-6 specifies digital signatures to achieve node authentication and messages integrity. Therefore, S-GoSV implements RSASSA-PKCS1-v1_5 digital signature algorithm based on RFC 2313. Performance studies show that digital signature algorithms based on RSA signing and verification take long times and do not conform to timing requirements stipulated by IEC 61850 for power system communication. To address this, Message Authentication Code (MAC) based digital signature algorithm, Keyed Hash-Message Authentication Code- Secure Hash Algorithm (HMAC-SHA256), is additionally implemented in S-GoSV framework for securing GOOSE messages.
ISSN:1996-1073
1996-1073
DOI:10.3390/en12132536