Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations

BooJoong Kang; Peter Maynard; Kieran McLaughlin; Sakir Sezer; Filip Andrén; Christian Seitl; Friederich Kupzog; Thomas Strasser

doi:10.1109/ETFA.2015.7301457

Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations

BooJoong Kang, Peter Maynard, Kieran McLaughlin, Sakir Sezer, Filip Andrén, Christian Seitl, Friederich Kupzog, Thomas Strasser

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

38 Citations (Scopus)

2260 Downloads (Pure)

Abstract

Cyber-attacks against Smart Grids have been found in the real world. Malware such as Havex and BlackEnergy have been found targeting industrial control systems (ICS) and researchers have shown that cyber-attacks can exploit vulnerabilities in widely used Smart Grid communication standards. This paper addresses a deep investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids. We investigate how an attacker can build a custom tool to execute man-in-the-middle attacks, manipulate data, and affect the physical system. Attack capabilities are demonstrated based on NESCOR scenarios to make it possible to thoroughly test these scenarios in a real system. The goal is to help understand the potential for such attacks, and to aid the development and testing of cyber security solutions. An attack use-case is presented that focuses on the standard for power utility automation, IEC 61850 in the context of inverter-based distributed energy resource devices; especially photovoltaic (PV) generators.

Original language	English
Title of host publication	Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)
Place of Publication	Luxembourg
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	1-8
Number of pages	8
ISBN (Print)	978-1-4673-7929-8
DOIs	https://doi.org/10.1109/ETFA.2015.7301457
Publication status	Published - Sep 2015
Event	IEEE 20th International Conference on Emerging Technologies and Factory Automation - Luxembourg, Luxembourg Duration: 08 Sep 2015 → 11 Sep 2015

Conference

Conference	IEEE 20th International Conference on Emerging Technologies and Factory Automation
Country/Territory	Luxembourg
City	Luxembourg
Period	08/09/2015 → 11/09/2015

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1109/ETFA.2015.7301457

Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations
© 2015 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.”
Accepted author manuscript, 1.11 MB

http://www.etfa2015.org/

R6440ECI: Smart Grid Protection Against Cyber Attacks
Sezer, S. & McLaughlin, K.
15/04/2014 → 30/06/2017
Project: Research

Cite this

Kang, B., Maynard, P., McLaughlin, K., Sezer, S., Andrén, F., Seitl, C., Kupzog, F., & Strasser, T. (2015). Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations. In Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA) (pp. 1-8). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ETFA.2015.7301457

@inproceedings{32e314da587f471fa2267cb4a4f943b7,

title = "Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations",

abstract = "Cyber-attacks against Smart Grids have been found in the real world. Malware such as Havex and BlackEnergy have been found targeting industrial control systems (ICS) and researchers have shown that cyber-attacks can exploit vulnerabilities in widely used Smart Grid communication standards. This paper addresses a deep investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids. We investigate how an attacker can build a custom tool to execute man-in-the-middle attacks, manipulate data, and affect the physical system. Attack capabilities are demonstrated based on NESCOR scenarios to make it possible to thoroughly test these scenarios in a real system. The goal is to help understand the potential for such attacks, and to aid the development and testing of cyber security solutions. An attack use-case is presented that focuses on the standard for power utility automation, IEC 61850 in the context of inverter-based distributed energy resource devices; especially photovoltaic (PV) generators.",

author = "BooJoong Kang and Peter Maynard and Kieran McLaughlin and Sakir Sezer and Filip Andr{\'e}n and Christian Seitl and Friederich Kupzog and Thomas Strasser",

year = "2015",

month = sep,

doi = "10.1109/ETFA.2015.7301457",

language = "English",

isbn = "978-1-4673-7929-8",

pages = "1--8",

booktitle = "Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

note = "IEEE 20th International Conference on Emerging Technologies and Factory Automation ; Conference date: 08-09-2015 Through 11-09-2015",

}

Kang, B, Maynard, P, McLaughlin, K , Sezer, S, Andrén, F, Seitl, C, Kupzog, F & Strasser, T 2015, Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations. in Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA). Institute of Electrical and Electronics Engineers Inc., Luxembourg, pp. 1-8, IEEE 20th International Conference on Emerging Technologies and Factory Automation, Luxembourg, Luxembourg, 08/09/2015. https://doi.org/10.1109/ETFA.2015.7301457

Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations. / Kang, BooJoong; Maynard, Peter; McLaughlin, Kieran et al.

Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA). Luxembourg : Institute of Electrical and Electronics Engineers Inc., 2015. p. 1-8.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations

AU - Kang, BooJoong

AU - Maynard, Peter

AU - McLaughlin, Kieran

AU - Sezer, Sakir

AU - Andrén, Filip

AU - Seitl, Christian

AU - Kupzog, Friederich

AU - Strasser, Thomas

PY - 2015/9

Y1 - 2015/9

N2 - Cyber-attacks against Smart Grids have been found in the real world. Malware such as Havex and BlackEnergy have been found targeting industrial control systems (ICS) and researchers have shown that cyber-attacks can exploit vulnerabilities in widely used Smart Grid communication standards. This paper addresses a deep investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids. We investigate how an attacker can build a custom tool to execute man-in-the-middle attacks, manipulate data, and affect the physical system. Attack capabilities are demonstrated based on NESCOR scenarios to make it possible to thoroughly test these scenarios in a real system. The goal is to help understand the potential for such attacks, and to aid the development and testing of cyber security solutions. An attack use-case is presented that focuses on the standard for power utility automation, IEC 61850 in the context of inverter-based distributed energy resource devices; especially photovoltaic (PV) generators.

AB - Cyber-attacks against Smart Grids have been found in the real world. Malware such as Havex and BlackEnergy have been found targeting industrial control systems (ICS) and researchers have shown that cyber-attacks can exploit vulnerabilities in widely used Smart Grid communication standards. This paper addresses a deep investigation of attacks against the manufacturing message specification of IEC 61850, which is expected to become one of the most widely used communication services in Smart Grids. We investigate how an attacker can build a custom tool to execute man-in-the-middle attacks, manipulate data, and affect the physical system. Attack capabilities are demonstrated based on NESCOR scenarios to make it possible to thoroughly test these scenarios in a real system. The goal is to help understand the potential for such attacks, and to aid the development and testing of cyber security solutions. An attack use-case is presented that focuses on the standard for power utility automation, IEC 61850 in the context of inverter-based distributed energy resource devices; especially photovoltaic (PV) generators.

U2 - 10.1109/ETFA.2015.7301457

DO - 10.1109/ETFA.2015.7301457

M3 - Conference contribution

SN - 978-1-4673-7929-8

SP - 1

EP - 8

BT - Proceedings of 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA)

PB - Institute of Electrical and Electronics Engineers Inc.

CY - Luxembourg

T2 - IEEE 20th International Conference on Emerging Technologies and Factory Automation

Y2 - 8 September 2015 through 11 September 2015

ER -

Investigating Cyber-Physical Attacks against IEC 61850 Photovoltaic Inverter Installations

Abstract

Conference

UN SDGs

Access to Document

Fingerprint

Projects

R6440ECI: Smart Grid Protection Against Cyber Attacks

Cite this