Department of Electrical Engineering, Qatar University, Doha, Qatar.
Dipartimento di Elettronica, Informazione e Bioingegneria, Politecnico di Milano, Milan, Italy.
Sci Rep. 2023 Feb 1;13(1):1857. doi: 10.1038/s41598-022-27157-z.
IEC 61850 is emerging as a popular communication standard for smart grids. Standardized communication in smart grids has an unwanted consequence of higher vulnerability to cyber-attacks. Attackers exploit the standardized semantics of the communication protocols to launch different types of attacks such as false data injection (FDI) attacks. Hence, there is a need to develop a cybersecurity testbed and novel mitigation strategies to study the impact of attacks and mitigate them. This paper presents a testbed and methodology to simulate FDI attacks on IEC 61850 standard compliant Generic Object-Oriented Substation Events (GOOSE) protocol using real time digital simulator (RTDS) together with open-source tools such as Snort and Wireshark. Furthermore, a novel hybrid cybersecurity solution by the name of sequence content resolver is proposed to counter such attacks on the GOOSE protocol in smart grids. Utilizing the developed testbed FDI attacks in the form of replay and masquerade attacks on are launched and the impact of attacks on electrical side is studied. Finally, the proposed hybrid cybersecurity solution is implemented with the developed testbed and its effectiveness is demonstrated.
IEC 61850 正在成为智能电网中流行的通信标准。智能电网中的标准化通信具有更高的网络攻击易损性这一意外后果。攻击者利用通信协议的标准化语义发起各种类型的攻击,例如虚假数据注入 (FDI) 攻击。因此,需要开发网络安全测试平台和新的缓解策略来研究攻击的影响并加以缓解。本文提出了一种使用实时数字模拟器 (RTDS) 结合 Snort 和 Wireshark 等开源工具模拟对符合 IEC 61850 标准的通用面向对象的变电站事件 (GOOSE) 协议进行 FDI 攻击的测试平台和方法。此外,还提出了一种名为“序列内容解析器”的新型混合网络安全解决方案,以应对智能电网中 GOOSE 协议上的此类攻击。利用所开发的测试平台,以重播和伪装攻击的形式发起 FDI 攻击,并研究攻击对电力侧的影响。最后,在开发的测试平台上实现了所提出的混合网络安全解决方案,并展示了其有效性。
