3AS: Authentication, Authorization, and Accountability for SDN-Based Smart Grids

Soares, Arthur Albuquerque Zopellaro; Lopes, Yona; Passos, Diego; Fernandes, Natália C.; Muchaluat-Saade, Débora C.

doi:10.1109/access.2021.3090346

Cited by 5 publications

(1 citation statement)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to meet the requirements of authentication, authorization, and accountability simultaneously, the SCADA system is integrated with a communication network controller based on the Autonomic and Resilient Framework for Smart Grids (ARES). In addition, the inclusion of an authorization (based on the IEEE 802.1X standard) of the ARES architecture is being investigated to mitigate the vulnerabilities in smart grid communications [14].…”

Section: Literature Reviewmentioning

confidence: 99%

Automated Cybersecurity Tester for IEC61850-Based Digital Substations

et al. 2022

View full text Add to dashboard Cite

Power substations are the crucial nodes of an interconnected grid, serving as the points where power is transferred from the transmission/distribution grids to the loads. However, interconnected cyberphysical systems and communication-based operations at substations lead to many cybersecurity vulnerabilities. Therefore, more sophisticated cybersecurity vulnerability analyses and threat modeling are required during productization phases, and system hardening is mandatory for the commercialization of products. This paper shows the design and methods to test the cybersecurity of multicast messages for digital substations. The proposed vulnerability assessment methods are based on the semantics of IEC61850 Generic Object Oriented Substation Event (GOOSE) and Sampled Value (SV), and cybersecurity features from IEC62351-6. Different case scenarios for cyberattacks are considered to check the vulnerabilities of the device under test (DUT) based on the IEC62351-6 standard. In order to discover security vulnerabilities in a digital substation, the proposed cybersecurity tester will generate malicious packets that compromise the regular functionality. The results show that the proposed cybersecurity testing module is able to detect potential vulnerabilities in multicast messages and the authentication methods (e.g., message authentication code) of multicast communications. Both commercial and simulated devices are used for the case studies.

show abstract

Section: Literature Reviewmentioning

confidence: 99%