Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations

Kang, BooJoong; Maynard, Peter; McLaughlin, Kieran; Sezer, Sakir; Andrén, Filip; Seitl, Christian; Kupzog, Friederich; Strasser, Thomas

doi:10.1109/etfa.2015.7301457

Cited by 73 publications

(30 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast, current co-simulation environments focus on simulating the entire network using Omnet++ (Awad et al 2016;Lévesque et al 2012), ns2 (Lin et al 2011), RINSE (Davis et al 2006) or OPNET (Sadi et al 2015), and evaluate, e.g., denial of service attacks on the control network only. These fully simulated approaches are highly flexible, while more advanced testbeds (Koutsandria et al 2015;Kang et al 2015;Gunathilaka et al 2016;Sadi et al 2015), may require a connection to emulate real hardware or the use of proprietary software. Non-virtualized testbeds at Distribution System Operators (DSOs) are less flexible and often difficult to access.…”

Section: Testbedsmentioning

confidence: 99%

“…Two of the approaches use other communication protocols, such as HTTP requests (Lévesque et al 2012) or VPN connections (Davis et al 2006). One approach uses a physical testbed, which requires physical connections between hardware components (Kang et al 2015). The table shows which simulator is used for the SCADA network and for the power grid system.…”

Section: Testbedsmentioning

confidence: 99%

See 1 more Smart Citation

An integrated testbed for locally monitoring SCADA systems in smart grids

2018

View full text Add to dashboard Cite

A testbed for evaluating if and how process-aware monitoring may increase the security of decentralized SCADA networks in power grids is presented. The testbed builds on the co-simulation framework Mosaik, and co-simulates in an integrated way, the power distribution network on different voltage levels, as well as the control network (Modbus/TCP). The existing simulators were extended to allow topology changes, and a controller (RTU) simulator connected to a SCADA server enabling remote control was implemented. Using the developed testbed, a recently proposed local monitoring approach was investigated. The results show that for so-called interlocks the proposed monitoring approach prevents the execution of 33.3% of the commands, that would result in an unsafe state of the power distribution grid. Furthermore, it is shown that unsafe transformer tap positions can also be avoided. To illustrate the relevance and importance of the proposed testbed, a detailed comparison of related work on process-aware intrusion detection approaches and testbeds combining (parts of) the control network and the power grid is provided.

show abstract

Section: Testbedsmentioning

confidence: 99%

Section: Testbedsmentioning

confidence: 99%

An integrated testbed for locally monitoring SCADA systems in smart grids

2018

View full text Add to dashboard Cite

show abstract

“…As a result, communication between 1 and 2 will go through the adversary. Even though this is a well known attack, it still remains valid and possible, and is used for network penetrations [18].…”

Section: Configuration Agent Modelmentioning

confidence: 99%

Protecting Clock Synchronization: Adversary Detection through Network Monitoring

Lisova

Gutiérrez

Steiner

et al. 2016

Journal of Electrical and Computer Engineering

View full text Add to dashboard Cite

Nowadays, industrial networks are often used for safety-critical applications with real-time requirements. Such applications usually have a time-triggered nature with message scheduling as a core property. Scheduling requires nodes to share the same notion of time, that is, to be synchronized. Therefore, clock synchronization is a fundamental asset in real-time networks. However, since typical standards for clock synchronization, for example, IEEE 1588, do not provide the required level of security, it raises the question of clock synchronization protection. In this paper, we identify a way to break synchronization based on the IEEE 1588 standard, by conducting a man-in-the-middle (MIM) attack followed by a delay attack. A MIM attack can be accomplished through, for example, Address Resolution Protocol (ARP) poisoning. Using the AVISPA tool, we evaluate the potential to perform a delay attack using ARP poisoning and analyze its consequences showing both that the attack can, indeed, break clock synchronization and that some design choices, such as a relaxed synchronization condition mode, delay bounding, and using knowledge of environmental conditions, can make the network more robust/resilient against these kinds of attacks. Lastly, a Configuration Agent is proposed to monitor and detect anomalies introduced by an adversary performing attacks targeting clock synchronization.

show abstract

“…In particular, stealthy attacks targeting transmitted data integrity of the integrated Volt-VAR control system is studied in [11]. Furthermore, the capability of attackers to falsify the IEC 61850 data flow controlling the inverters is studied in [4], which could cause damage to the underlying physical system. However, none of these works give a comprehensive analysis about the consequences of cyber attacks on the power system.…”

Section: Introductionmentioning

confidence: 99%

On the Impact of Synchronization Attacks on Distributed and Cooperative Control in Microgrid Systems

Lahmadi

2018

2018 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)

View full text Add to dashboard Cite

Microgrids are adopted to provide distributed generation of renewable energy resources and scalable integration of loads. To ensure the reliability of their power system operations, distributed and cooperative control schemes are proposed by integrating communication networks at their control layers. However, the information exchanged at the communication channels is vulnerable to malicious attacks aiming to introduce voltage instability and blackouts. In this paper, we design and evaluate a novel type of attacks on the cooperative control and communication layers in microgrids, where the attacker targets the communication links between distributed generators (DGs) and manipulates the reference voltage data exchanged by their controllers. We analyze the control-theoretic and detectability properties of this attack to assess its impact on reference voltage synchronization at the different control layers of a microgrid. Results from numerical simulation are presented to demonstrate this attack, and the maximum voltage deviation and inaccurate reference voltage synchronization it causes in the microgrid.

show abstract

Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations

Cited by 73 publications

References 14 publications

An integrated testbed for locally monitoring SCADA systems in smart grids

An integrated testbed for locally monitoring SCADA systems in smart grids

Protecting Clock Synchronization: Adversary Detection through Network Monitoring

On the Impact of Synchronization Attacks on Distributed and Cooperative Control in Microgrid Systems

Contact Info

Product

Resources

About