Cybersecurity of Process Bus Network in Digital Substations

Girdhar, Mansi; Hong, Junho; Karnati, Ramya; Lee, Soon-Woo; Choi, Sungsoo

doi:10.1109/iceic51217.2021.9369743

Cited by 5 publications

(2 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, there is no mention of testing the cybersecurity issues of IEC62351-6 standards or checking different cases for MAC spoofing and tampering attacks. The study conducted by [23] demonstrated the vulnerabilities and potential risks in the IEC61850-based digital substations. Furthermore, they discussed the countermeasures of the attacks, e.g., employing HMAC and GMAC for the SV message.…”

Section: Literature Reviewmentioning

confidence: 98%

Automated Cybersecurity Tester for IEC61850-Based Digital Substations

et al. 2022

Self Cite

View full text Add to dashboard Cite

Power substations are the crucial nodes of an interconnected grid, serving as the points where power is transferred from the transmission/distribution grids to the loads. However, interconnected cyberphysical systems and communication-based operations at substations lead to many cybersecurity vulnerabilities. Therefore, more sophisticated cybersecurity vulnerability analyses and threat modeling are required during productization phases, and system hardening is mandatory for the commercialization of products. This paper shows the design and methods to test the cybersecurity of multicast messages for digital substations. The proposed vulnerability assessment methods are based on the semantics of IEC61850 Generic Object Oriented Substation Event (GOOSE) and Sampled Value (SV), and cybersecurity features from IEC62351-6. Different case scenarios for cyberattacks are considered to check the vulnerabilities of the device under test (DUT) based on the IEC62351-6 standard. In order to discover security vulnerabilities in a digital substation, the proposed cybersecurity tester will generate malicious packets that compromise the regular functionality. The results show that the proposed cybersecurity testing module is able to detect potential vulnerabilities in multicast messages and the authentication methods (e.g., message authentication code) of multicast communications. Both commercial and simulated devices are used for the case studies.

show abstract

Section: Literature Reviewmentioning

confidence: 98%

Automated Cybersecurity Tester for IEC61850-Based Digital Substations

et al. 2022

Self Cite

View full text Add to dashboard Cite

show abstract

“…Even though there has been a significant amount of research on designing successful and robust cybersecurity frameworks for electric grid domains, e.g., the critical infrastructure protection (CIP) 002-009 standard by the North American Electric Reliability Corporation (NERC), the IEC 62351 standard [5], and ADSs [6], well-trained attackers could exploit the vulnerabilities of EVCSs [7]. Similarly, ISO/IEC 15118 standardizes wireless vehicle-to-grid (V2G) communication [8].…”

Section: Introductionmentioning

confidence: 99%

Cyber-Attack Event Analysis for EV Charging Stations

Girdhar¹,

Hong²,

You³

et al. 2022

Preprint

View full text Add to dashboard Cite

Safe and secure electric vehicle charging stations (EVCSs) are important in smart transportation infrastructure. The prevalence of EVCSs has rapidly increased over time in response to the rising demand for EV charging. However, developments in information and communication technologies (ICT) have made the cyber-physical system (CPS) of EVCSs susceptible to cyber-attacks, which might destabilize the infrastructure of the electric grid as well as the environment for charging. This study suggests a 5Ws & 1H-based investigation approach to deal with cyber-attack-related incidents due to the incapacity of the current investigation frameworks to comprehend and handle these mishaps. Also, a stochastic anomaly detection system (ADS) is proposed to identify the anomalies, abnormal activities, and unusual operations of the station entities as a post cyber event analysis.

show abstract