In this chapter, a comprehensive and realistic cyber-physical test-bed has been built to investigate potential cybersecurity vulnerabilities and the impact of cyberattacks on IEC 61850-based smart substations. A fuzz testing approach is proposed for detecting IEC 61850-based intelligent electronic devices (IEDs) and validated in the proposed test-bed. This chapter proposes a novel intrusion detection system (IDS) tailored for cybersecurity of IEC 61850-based substations. The proposed IDS integrates physical knowledge, protocol specifications, and logical behaviors to provide a comprehensive and effective solution that is able to mitigate various cyberattacks. The proposed approach comprises access control detection, protocol whitelisting, model-based detection, and multi-parameter-based detection. This supervisory control and data acquisition (SCADA)-specific IDS is implemented and validated using a comprehensive and realistic cyber-physical test-bed and data from a real 500 kV smart substation. In addition, some recommendations are presented for cybersecurity in smart substations.
|Title of host publication||IEC 61850-Based Smart Substations|
|Subtitle of host publication||Principles, Testing, Operation and Maintenance|
|Publication status||Published - Jun 2019|
Yang, Y., Xu, H., McLaughlin, K., Sezer, S., Jiang, H., & Hunag, W. (2019). Cybersecurity Testing Technology in Smart Substations. In IEC 61850-Based Smart Substations: Principles, Testing, Operation and Maintenance (pp. 223-254) https://doi.org/10.1016/B978-0-12-815158-7.00007-X