A lightweight integrity protection scheme for low latency smart grid applications

Alireza Jolfaei, Krishna Kant

Research output: Contribution to journalArticleResearchpeer-review

Abstract

The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).
LanguageEnglish
Pages471-483
Number of pages13
JournalComputers and Security
Volume86
DOIs
Publication statusPublished - 1 Sep 2019
Externally publishedYes

Fingerprint

Phasor measurement units
integrity
Communication
Electric potential
Time measurement
Cryptography
Network protocols
communication
communications
scenario

Keywords

  • GOOSE message
  • Integrity protection
  • Permutation
  • Phasor measurement
  • Substation automation system

Cite this

@article{6ae63d8d09024a0e9c9caa419b6715ec,
title = "A lightweight integrity protection scheme for low latency smart grid applications",
abstract = "The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).",
keywords = "GOOSE message, Integrity protection, Permutation, Phasor measurement, Substation automation system",
author = "Alireza Jolfaei and Krishna Kant",
year = "2019",
month = "9",
day = "1",
doi = "10.1016/j.cose.2018.09.014",
language = "English",
volume = "86",
pages = "471--483",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "ELSEVIER ADVANCED TECHNOLOGY",

}

A lightweight integrity protection scheme for low latency smart grid applications. / Jolfaei, Alireza; Kant, Krishna.

In: Computers and Security, Vol. 86, 01.09.2019, p. 471-483.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - A lightweight integrity protection scheme for low latency smart grid applications

AU - Jolfaei, Alireza

AU - Kant, Krishna

PY - 2019/9/1

Y1 - 2019/9/1

N2 - The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).

AB - The substation communication protocol used in smart grid allows the transmission of messages without integrity protection for applications that require very low communication latency. This leaves the real-time measurements taken by phasor measurement units (PMUs) vulnerable to man-in-the-middle attacks, and hence makes high voltage to medium voltage (HV/MV) substations vulnerable to cyber-attacks. In this paper, a lightweight and secure integrity protection algorithm has been proposed to maintain the integrity of PMU data, which fills the missing integrity protection in the IEC 61850-90-5 standard, when the MAC identifier is declared 0. The rigorous security analysis proves the security of the proposed integrity protection method against ciphertext-only attacks and known/chosen plaintext attacks. A comparison with existing integrity protection methods shows that our method is much faster, and is also the only integrity protection scheme that meets the strict timing requirement. Not only the proposed method can be used in power protection applications, but it also can be used in emerging anomaly detection scenarios, where a fast integrity check coupled with low latency communications is used for multiple rounds of message exchanges. This paper is an extension of work originally reported in Proceedings of 14th International Conference on Security and Cryptography (Jolfaei and Kant, 2017).

KW - GOOSE message

KW - Integrity protection

KW - Permutation

KW - Phasor measurement

KW - Substation automation system

UR - http://www.scopus.com/inward/record.url?scp=85055583974&partnerID=8YFLogxK

U2 - 10.1016/j.cose.2018.09.014

DO - 10.1016/j.cose.2018.09.014

M3 - Article

VL - 86

SP - 471

EP - 483

JO - Computers and Security

T2 - Computers and Security

JF - Computers and Security

SN - 0167-4048

ER -