Abstract
The growing convergence of Information Technology and Operational Technology has enhanced communication and visibility across power grids. This, coupled with the growing use of Distributed Energy Resources in power grids, has enhanced the grid capabilities while also creating a larger attack surface for malicious actors. A common protocol vulnerable to these attacks is the IEC-61850 GOOSE protocol due to its low-latency requirements, multicast packet delivery method, and lack of encryption. In this paper, we evaluate the security implications of different hardware implementations of this protocol by contrasting device response and recovery of two commercial off-the-shelf Intelligent Electronic Devices from separate manufacturers. The cyberattacks utilized in this paper are research-established GOOSE attacks with results measured in device latency and GOOSE endpoint response success.
| Original language | English |
|---|---|
| Article number | 100618 |
| Journal | International Journal of Critical Infrastructure Protection |
| Volume | 42 |
| DOIs | |
| State | Published - Sep 2023 |
Funding
This research has been supported in part by the Department of Energy Cybersecurity for Energy Delivery Systems program, and the Oak Ridge National Laboratory , under grants 4000175929 and 4000193048 . It has also been supported in part by the University of Nebraska-Lincoln’s Nebraska Center for Energy Sciences Research (NCESR) under Cycle 16 Grant# 20-706 .
Keywords
- Cyber-physical systems
- GOOSE
- IEC-61850
- Industrial control systems
- Operational technology
- Smart grid
- Vulnerability