Litcius/Paper detail

Attacking Power Grid Substations: An Experiment Demonstrating How to Attack the SCADA Protocol IEC 60870-5-104

László Erdődi, Pallavi Kaliyar, Siv Hilde Houmb, Aida Akbarzadeh, Andre Jung Waltoft-Olsen

2022Proceedings of the 17th International Conference on Availability, Reliability and Security16 citationsDOIOpen Access PDF

Abstract

Smart grid brings various advantages such as increased automation in decision making, tighter coupling between production and consumption, and increased digitalization. Because of the many changes that the smart grid inflicts on the power grid as critical infrastructure, cyber security and robust resilience against cyberattacks are essential to handle. With an increased number of attack interfaces and more use of IP-enabled communication, digital stations or IEC 61850 substations need to operate according to a zero-trust security model. Cyber resilience needs to be an integrated part of the substation and its components. This paper presents an experiment utilizing a Hardware-In-the-Loop (HIL) Digital Station environment (enclave), where the focus is on attacking the SCADA protocol IEC 60870-5-104. We implemented 14 attacks, the attacks are described in detail, including the result of each attack action. Furthermore, the paper discusses the implications of the findings in the experiment and what power grid asset owners can do to protect their substations as part of their digitizing efforts.

Topics & Concepts

IEC 61850SCADASmart gridResilience (materials science)Computer securityGridComputer scienceAutomationEngineeringEmbedded systemElectrical engineeringThermodynamicsMechanical engineeringMathematicsPhysicsGeometrySmart Grid Security and ResilienceSecurity and Verification in ComputingNetwork Security and Intrusion Detection