An Improved Security Scheme for IEC 61850 MMS Messages in Intelligent Substation Communication Networks

Abstract

Read online

Advanced connectivity in substations brings along cybersecurity considerations. Especially, the use of standardized data objects and message structures stipulated by IEC 61850 makes them much more vulnerable to unauthorized access and manipulation. In order to tackle these vulnerabilities, different methods are investigated by researchers all over the world. An important aspect of such efforts is the real-time performance consideration since power systems are bound by the rules of physics and all control/communication tasks need to be completed in a certain time frame. Security schemes for substation communication have been proposed in the recent literature. However, they must be improved to ensure a full security solution. Recently published IEC 62351 standard aims to fill this gap. Node authentication is vital for substation communication networks based on IEC 61850 to mitigate a variety of attacks such as man-in-the-middle (MITM) attack. This short communication presents a node authentication mechanism based on transport layer security (TLS) with certificates to address this knowledge gap. It also investigates the real-time performance by implementing the proposed scheme with Python.

Keywords

• IEC 62351 standard
• certificate authority
• certificate-based authentication
• cybersecurity
• smart grid