Implementation of Secure GOOSE Protocol Using HSM

Kim, Jin Cheol; Kim, Young Eok; Kim, Tae Hun

doi:10.4028/www.scientific.net/amm.260-261.236

Cited by 2 publications

(1 citation statement)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although some existing research works, as explained above, demonstrated attacks against the GOOSE protocol, no research so far has shown a comprehensive vulnerability analysis of the GOOSE communication protocol based on both theoretical claims, as well as experimental simulations. Following the recommendation by Part 6 of IEC 62351 to use the HMAC scheme, the authors in [ 27 ] implemented the SHA256 authentication mechanism for the GOOSE protocol. Our paper studies the inherent vulnerabilities of the GOOSE communication protocol within a substation environment considering with and without the IEC 62351 security standard.…”

Section: Related Workmentioning

confidence: 99%

Vulnerability and Impact Analysis of the IEC 61850 GOOSE Protocol in the Smart Grid

Reda

Ray

Peidaee

et al. 2021

Sensors

View full text Add to dashboard Cite

IEC 61850 is one of the most prominent communication standards adopted by the smart grid community due to its high scalability, multi-vendor interoperability, and support for several input/output devices. Generic Object-Oriented Substation Events (GOOSE), which is a widely used communication protocol defined in IEC 61850, provides reliable and fast transmission of events for the electrical substation system. This paper investigates the security vulnerabilities of this protocol and analyzes the potential impact on the smart grid by rigorously analyzing the security of the GOOSE protocol using an automated process and identifying vulnerabilities in the context of smart grid communication. The vulnerabilities are tested using a real-time simulation and industry standard hardware-in-the-loop emulation. An in-depth experimental analysis is performed to demonstrate and verify the security weakness of the GOOSE publish-subscribe protocol towards the substation protection within the smart grid setup. It is observed that an adversary who might have familiarity with the substation network architecture can create falsified attack scenarios that can affect the physical operation of the power system. Extensive experiments using the real-time testbed validate the theoretical analysis, and the obtained experimental results prove that the GOOSE-based IEC 61850 compliant substation system is vulnerable to attacks from malicious intruders.

show abstract

Section: Related Workmentioning

confidence: 99%