The effects of flooding attacks on time-critical communications in the smart grid

Li, Qinghua; Ross, Chase; Yang, Jing; Di, Jia; Balda, Juan Carlos; Mantooth, H. Alan

doi:10.1109/isgt.2015.7131802

Cited by 20 publications

(8 citation statements)

References 8 publications

(7 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…If the security settings and the network design are inefficient all our intranet can be inoperable. To display the Li et al (2015) effects caused by this attack we will do it with the help of images, but to avoid making a collage of this, we will summarize the process into two parts: when the attack is generated and how to set the protection.…”

Section: Resultsmentioning

confidence: 99%

Security in the data link layer of the OSI model on LANs wired Cisco

Santos

Marcillo

2018

JSR

View full text Add to dashboard Cite

There are no technologies or protocols completely secure in network infrastructures, for this reason, this document aims to demonstrate the importance of configuring security options on network equipments. On this occasion we will focus on the data link layer of the OSI model, which is where controls have begun to be implemented at level of protocols. The tools that are used in the research facilitate the implementation of a virtual laboratory, which consists of a base operating system (windows) in which virtualbox is installed to mount linux mint, which will generate attacks; while in VMware, we installed a virtual machine that allows you to add the image of a switch to our network simulation software (GNS3), which integrates all the components. The tests were able to identify the vulnerabilities in MAC, ARP, VLAN and STP, and then to proceed to patch these security aws. Keeping the setting by default or ignoring the characteristics of network equipment are usually the reasons why these vulnerabilities exist. Finally, it was proved how easy it can be to run an attack and at the same time to implement security measures on the layer 2 of the OSI.

show abstract

Section: Resultsmentioning

confidence: 99%

Security in the data link layer of the OSI model on LANs wired Cisco

Santos

Marcillo

2018

JSR

View full text Add to dashboard Cite

show abstract

“…Flooding attacks in IEC 61850 communication systems are extensively studied in [26] and [27]. They allow an attacker to inject false messages in the network, which could be real messages previously captured with the sole purpose of consuming communication or processing resources that could prevent legitimate messages from being delivered or processed on time.…”

Section: A High Level Vulnerabilitiesmentioning

confidence: 99%

A Fixed-Latency Architecture to Secure GOOSE and Sampled Value Messages in Substation Systems

Rodríguez¹,

Lázaro

Bidarte

et al. 2021

IEEE Access

View full text Add to dashboard Cite

International Electrotechnical Commission (IEC) 62351-6 standard specifies the security mechanisms to protect real-time communications based on IEC 61850. Generic Object Oriented Substation Events (GOOSE) and Sampled Value (SV) messages must be generated, transmitted and processed in less than 3 ms, which challenges the introduction of IEC 62351-6. After evaluating the security threats to IEC 61850 communications and the state of the art in GOOSE and SV security, this work presents a novel architecture based on wire-speed processing able to provide message authentication and confidentiality. This architecture has been implemented and tested to evaluate its performance, resource usage, and the latency introduced. Other proposals in the scientific literature do not support real-time traffic, so they are not suitable for GOOSE and SV messages. Whereas the others exceed the target latency of 3 ms or do not comply with the standards, our design authenticates and encrypts real-time IEC 61850 data in less than 7 µs -predictable latency-, and complies with IEC 62351:2020.

show abstract

“…This type of attack is referred to as flooding attack and it can result to not meeting the timing constraint for message delivery of IEC 61850 realtime protocols. The effects of flooding attacks on time-critical communications in IEC 61850 substation were studied in [25], [26]. Both papers concluded that the effects of flooding attacks are more severe in the wireless network than in the wired network.…”

Section: B Attacks Against Iec 61850mentioning

confidence: 99%

Adversary Model for Attacks Against IEC 61850 Real-Time Communication Protocols

Nweke

Weldehawaryat

Wolthusen

2020

2020 16th International Conference on the Design of Reliable Communication Networks DRCN 2020

View full text Add to dashboard Cite

Adversarial models are well-established for cryptographic protocols, but distributed real-time protocols have requirements that these abstractions are not intended to cover. The IEEE/IEC 61850 standard for communication networks and systems for power utility automation in particular not only requires distributed processing, but in case of the generic object oriented substation events and sampled value (GOOSE/SV) protocols also hard real-time characteristics. This motivates the desire to include both quality of service (QoS) and explicit network topology in an adversary model based on a π-calculus process algebraic formalism based on earlier work. This allows reasoning over process states, placement of adversarial entities and communication behaviour. We demonstrate the use of our model for the simple case of a replay attack against the publish/subscribe GOOSE/SV subprotocol, showing bounds for non-detectability of such an attack.Index Terms-Adversary model, Quality of services, IEC 61850, Real-time communication protocols I. INTRODUCTIONReal-time communication protocols are among the most prominent communication protocols used in networked critical infrastructures. They are used to monitor and control industrial automation processes deployed in critical infrastructures including power stations, power and water distribution, and traffic systems. The resilience of networked critical infrastructures is depended on the ability of the communication protocols used in such environments to adapt well in the face adversarial actions.Adversary model describes the capabilities of an attacker [1] and facilitates reasoning about how a system may be compromised. The conventional adversary models are not suitable for capturing the capabilities of an attacker in IEC 61850 environment due to the stringent QoS requirements and the network topology [2]. Also, the conventional adversary models do not consider the network topology of IEC 61850 because they assume that there is a point-to-point communication between all parties. Thus, it is important to develop an adversary model which takes into account the constraints imposed on an attacker with the intention of attacking the IEC 61850 real-time communication protocols.We therefore propose an adversary model for IEC 61850 real-time communication protocols in this paper. First, we use IEC 61850 GOOSE messaging service as an example, and derive its formalization using π−calculus variant. We then show that the relative positions of the adversary in relation to the publisher, event notification service, and subscriber determine the type of attacks that can be launched by an attacker. Lastly, we use our model to describe a reply attack that can result in a denial of service (DoS) attack.The rest of this paper is organized as follows. Section II presents a general discussion on real-time communication protocols and introduces the π−calculus syntax. Section III discusses the related works. Section IV describes the adversary model and its formalization using π−calculus variant. Section V pr...

show abstract

The effects of flooding attacks on time-critical communications in the smart grid

Cited by 20 publications

References 8 publications

Security in the data link layer of the OSI model on LANs wired Cisco

Security in the data link layer of the OSI model on LANs wired Cisco

A Fixed-Latency Architecture to Secure GOOSE and Sampled Value Messages in Substation Systems

Adversary Model for Attacks Against IEC 61850 Real-Time Communication Protocols

Contact Info

Product

Resources

About