3,087
views
0
recommends
+1 Recommend
1 collections
    4
    shares

      Studying business & IT? Drive your professional career forwards with BCS books - for a 20% discount click here: shop.bcs.org

      scite_
       
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      Authentication of GOOSE Messages under Timing Constraints in IEC 61850 Substations

      Published
      proceedings-article
      , ,
      6th International Symposium for ICS & SCADA Cyber Security Research 2019 (ICS-CSR)
      Cyber Security Research
      10th-12th September 2019
      Cyber-physical security, authentication, RSA, HMAC, electrical substations, IEC 61850, IEC 62351, GOOSE
      Bookmark

            Abstract

            For the future generation of energy systems, secure communication is a key component in ensuring a reliable and stable operation. The actual respective standard to define the communication network architectures for substation automation is the IEC 61850. In order to address the shortcomings of IEC 61850 w.r.t. communication security, IEC 62351-6 introduces respective recommendations. However, a thorough analysis of these recommendations shows that the authenticity and integrity of time-critical protocols such as Generic Object Oriented Substation Event (GOOSE) messages are not entirely covered by the proposed security measures. Therefore, in the present contribution, implementation of the RSASSA-PSS and HMAC-SHA256 authentication are investigated for the given context. Comparison with previous works is provided and obtained results show that the HMAC scheme has a better computational time than the recommended RSASSA-PSS. Thus, adjustment of the IEC 62351-6 considering the authentication of GOOSE messages shall be considered in the next edition of the standard.

            Content

            Author and article information

            Contributors
            Conference
            September 2019
            September 2019
            : 137-143
            Affiliations
            [0001]Institute of Automation and Applied Informatics (IAI)

            Karlsruhe Institute of Technology (KIT)

            Hermann-von-Helmholtz-Platz 1,

            76344 Eggenstein-Leopoldshafen

            Germany
            Article
            10.14236/ewic/icscsr19.17
            8b6cea67-1e6f-421b-9c6b-0416c194dcd1
            © Ghada Elbez et al. Published by BCS Learning and Development Ltd. 6th International Symposium for ICS & SCADA Cyber Security Research 2019

            This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

            6th International Symposium for ICS & SCADA Cyber Security Research 2019
            ICS-CSR
            6
            Athens, Greece
            10th-12th September 2019
            Electronic Workshops in Computing (eWiC)
            Cyber Security Research
            History
            Product

            1477-9358 BCS Learning & Development

            Self URI (article page): https://www.scienceopen.com/hosted-document?doi=10.14236/ewic/icscsr19.17
            Self URI (journal page): https://ewic.bcs.org/
            Categories
            Electronic Workshops in Computing

            Applied computer science,Computer science,Security & Cryptology,Graphics & Multimedia design,General computer science,Human-computer-interaction
            IEC 61850,IEC 62351,GOOSE,electrical substations,HMAC,RSA,authentication,Cyber-physical security

            REFERENCES

            1. OpenSSL library 1998 URL https://www.openssl.org/

            2. NIST Special Publication 800-57, Part 3: Application-Specific Key Management Guidance 2015

            3. The exact security of digital signatures-how to sign with rsa and rabin International Conference on the Theory and Applications of Cryptographic Techniques 399 416 Springer 1996

            4. RSA-PSS–Provable secure RSA Signatures and their Implementation Jan 31 2019 2011

            5. A Cost-efficient Software Testbed for Cyber-Physical Security in IEC 61850-based Substations 2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm) 1 6 Oct 2018 [10.1109/SmartGridComm.2018.8587456]

            6. Application research of hmac in intelligent substation communication security DEStech Transactions on Engineering and Technology Research 2018

            7. Performance evaluation and analysis of IEC 62351-6 probabilistic signature scheme for securing GOOSE messages IEEE Access 7 32343 32351 2019

            8. Cyber Security Practical considerations for implementing IEC 62351 PAC World Conference 2010

            9. Exploiting the GOOSE protocol: A practical attack on cyber-infrastructure Globecom Workshops (GC Wkshps), 2012 IEEE 1508 1513 IEEE 2012

            10. International Electrotechnical Commission (IEC) IEC 61850: Power Utility Automation (TC57) 2007

            11. International Electrotechnical Commission (IEC) IEC 62351: Power systems management and associated information exchange - data and communications security - part 6: Security for IEC 62351 2010

            12. International Electrotechnical Commission (IEC) IEC 61850: Communication networks and systems for power utility automation in substation - part 8.1 2011

            13. Secure communication of intelligent electronic devices in digital substations 2018 IEEE/PES Transmission and Distribution Conference and Exposition (T&D) 1 5 IEEE 2018

            14. HMAC: Keyed-hashing for message authentication 1997

            15. Poisoned GOOSE: exploiting the GOOSE protocol Proceedings of the Twelfth Australasian Information Security Conference-Volume 149 17 22 Australian Computer Society, Inc 2014

            16. A method for obtaining digital signatures and public-key cryptosystems Communications of the ACM 21 2 120 126 1978

            Comments

            Comment on this article