Abstract
The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).
Original language | English |
---|---|
Pages (from-to) | 471-483 |
Number of pages | 13 |
Journal | Computers and Security |
Volume | 86 |
DOIs | |
Publication status | Published - 1 Sept 2019 |
Externally published | Yes |
Keywords
- GOOSE message
- Integrity protection
- Permutation
- Phasor measurement
- Substation automation system