Professional Documents
Culture Documents
Boakye-Boateng2019 Securing GOOSE The Return of One-Time Pads
Boakye-Boateng2019 Securing GOOSE The Return of One-Time Pads
Boakye-Boateng2019 Securing GOOSE The Return of One-Time Pads
Abstract—IEC 61850 is an international standard that is widely [3]) protocol,which is required for real-time operations of a
used in substation automation systems (SAS) in smart grids. substation, with a performance constraint requirement of not
During its development, security was not considered thus leaving more 4 milliseconds (ms).
SAS vulnerable to attacks from adversaries. IEC 62351 was
developed to provide security recommendations for SAS against A. IEC 61850-Based Substation Architecture
(distributed) denial-of-service, replay, alteration, spoofing and
detection of devices attacks. However, real-time communications, A typical electric substation comprises primary and sec-
which require protocols such as Generic Object-Oriented Sub- ondary equipment [4]. The primary equipment is made up
station Event (GOOSE) to function efficiently, cannot implement of high voltage devices while the secondary equipment is
these recommendations due to latency constraints. There has
been researching that sought to improve the security of GOOSE made up of medium to low-voltage devices. The secondary
messages, however, some cannot be practically implemented due equipment is responsible for the control and protection of the
to hardware requirements while others are theoretical, even primary equipment. An SAS is based on a lot of dedicated
though latency requirements were met. This research investi- software stored in pieces of hardware that belong to a set of
gates the possibility of encrypting GOOSE messages with One- substation secondary components. An SAS is composed of
Time Pads (OTP), leveraging the fact that encryption/decryption
processes require the random generation of OTPs and modulo three groups of devices namely the process devices group,
addition (XOR), which could be a realistic approach to secure interface devices group and application devices group. The
GOOSE while maintaining latency requirements. Results show process devices group includes analog-to-digital converters
that GOOSE messages can be encrypted with some future work (known as Merging Units) and actuator devices to make the
required. transition between SAS and high voltage equipment. The
Index Terms—substation security, substation automation sys-
tems, smart grid security, One-Time Pads, Secure GOOSE, IEC
interface devices group covers a set of Intelligent Electronic
61850, IEC 62351. Devices (IEDs) that receive and process signals coming from
high voltage equipment. IEDs can also control some devices
in the process group. The application devices group includes
I. I NTRODUCTION
all computers and other components required to run control
A smart grid is a power grid that has been enhanced, functionalities and to communicate with internal and external
using Information and Communications Technology (ICT), subsystems. IEC 61850 as a communication standard, ensures,
for advanced remote control and automation; to generate, among other things, vendor interoperability among devices
transmit and distribute electricity, with substations being a within the substation environment and has been integral in
critical component. Substation automation systems (SAS) are the communication and information exchange implemented
essential in economically maintaining the energy balance within an electrical substation environment. SAS has a hier-
between generation and demand in the operation of electrical archical structure and IEC 61850 defines three typical levels
power [1]. The most important functions of SAS are control, for communication and application functions (Fig. 1). These
monitoring, alarming, measurement, setting and monitoring are process, bay and station levels [5]. The process level
of protective relays, control and monitoring of the auxiliary includes primary equipment and process devices group in
power system, and voltage regulation. One of the most critical the substation. The process level communicates with the bay
requirements for real-time operations within a substation is level via the process bus. The bay level includes the interface
efficient communication within the SAS. To this end, the devices group and communicates with the station level via
International Electrotechnical Commission (IEC) developed the station bus. The station level includes Supervisory Control
the IEC 61850 [2] standard to ensure vendor interoperability and Data Acquisition (SCADA), Human Machine Interface
among devices; and abstracting data and services that can (HMI) and other station computers and devices found in the
allow underlying protocols to be mapped to them. Theoret- application devices group.
ically, a protocol can be developed specifically for substations
based on the standard, in spite of its complexity. IEC 61850 B. IEC 61850 OSI Architecture, GOOSE Protocol and Secu-
is integral in the communication and information exchange rity Issues
implemented within an electrical substation environment. One Due to its Ethernet-based communication (IEEE 802.3),
of the communication protocols included in IEC 61850 is an IEC 61850-based substation is more advantageous than
the Generic Objected-Oriented Substation Event (GOOSE the traditional substation, in ensuring reliable and efficient
978-1-7281-1576-4/19/$31.00
2019
c IEEE
and analog data such as circuit breaker status, circuit breaker
control, interlocking, general alarms, and power transformer
temperature into transmitted Ethernet packets. Referring to
the IEC 61850-defined performance constraints requirements
for different types of data in Table I and the stack in Fig. 2,
GOOSE messages are classified as Type 1, which means that
they require high-speed transmission of their data.
IEC 61850 was designed without security in mind. The
isolated nature of the substation network, at the time of
the standard’s design, did not warrant the need for security.
Due to current advancements in technology and the need for
automation and remote access, this reason is no longer valid
[11]. This has exposed the substation to attacks such as denial-
of-service, man-in-the-middle, masquerade and eavesdropping
Fig. 1. IEC 61850-based Substation Architecture [5] attacks. There has also been research exposing the vulnera-
bilities and the various attacks that can be associated with it
[12]. Some of these vulnerabilities are published in websites
communication through the use of its protocols. Fig. 2 shows that record these vulnerabilities [13]. In 2007, IEC 62351 was
the Open Systems Interconnection(OSI) Architecture of IEC developed to ensure security in industrial control protocols,
61850. The client-server-based Manufacturing Message Spec- including IEC 61850, with authentication of data, transfers
ification (MMS) protocol [6] is used for the management and through digital signatures, prevention of eavesdropping and
monitoring of substation devices. Time Sync (currently Preci- spoofing, and intrusion detection as their main objectives [10].
sion Time Protocol-implemented [7]) is used to synchronize However, these standards do not work on GOOSE due to
clocks throughout the SAS. Sample Value (SV) protocol [8] is the cost of latency when these security recommendations are
used to transmit high-speed streams of raw information, par- implemented in GOOSE. Standard encryption algorithms do
ticularly those measured by instrument transformers, encoded not work because their time of execution exceeds the 4ms
in multicast Ethernet frames. The Generic Object Oriented constraint [14] [15]. This is due to a number of operations
that need to be applied to the messages in order to achieve
TABLE I security. They are also not feasible because of the processor
IEC 61850 M ESSAGE T YPES AND C ONSTRAINTS [9] constraints on the devices, known as Intelligent Electronic
Devices (IEDs), that implement GOOSE.
Message Type Delay Constraint(ms)
1A - Fast messages, trip ≤3 substation ⊕ poltmcngsj = himlf cgogw (1)
1B - Fast messages, others ≤20
2 - Medium speed messages ≤100 himlf cgogw ⊕ poltmcngsj = substation (2)
3 - Low speed Messages ≤500
4 - Raw Data Messages ≤3, ≤10 This research aims to investigate the possibility of ensuring se-
5 - File Transfer Functions ≤1000 curity in GOOSE protocol by encrypting its messages/packets
6 - Time synchronization messages N/A
7 - Command Message With Access control N/A
(messages and packets are used interchangeably in this paper)
with One-Time Pads (OTP) [16]. The OTP is an encryption key
that has its characters randomly generated and has been mathe-
matically proven to be computationally secure and unbreakable
due to its uniform frequency of distribution. Encryption and
decryption with OTPs requires only a modulo addition (XOR)
operation with the plain text. It is also a requirement that
the lengths of the OTP and plaintext be the same. The
OTP is used only once hence its name. Assuming that we
have a plaintext(substation) and an OTP (poltmcngsj); the
encryption generates the cyphertext (himlf cgogw) in Equa-
tion 1 and decrypting it with the OTP reveals the plaintext in
Equation 2. The only resource intensive operation anticipated
Fig. 2. IEC 61850 Communication Stack [10] in this process is the random generation of the OTP. It is
expected that latency should be negligible after the protocol
Substation Event (GOOSE) is an event-driven protocol used is implemented.
for protection and control of primary equipment as well as
other applications by providing a fast and reliable mechanism II. R ELATED W ORKS
that allows the exchange of data between two or more IEDs In this section, a taxonomy of attacks related to GOOSE
over IEEE 802.3 networks. GOOSE embeds certain logical and the recommendations against these attacks by IEC 62351
standard are discussed. Later, related work on protocols de- is recommended by the standard to implement it. However,
signed to ensure encryption in GOOSE is discussed. How these the large computation overhead and low efficiency involved in
protocols measure up against these attacks are also discussed. the implementation makes it difficult to match the real-time
requirements of data transmission for GOOSE.
A. Taxonomy of Attacks Related to GOOSE 3) DoS/DDoS Attacks: Denial-of-service (DoS) or Dis-
Volkova et al. [10] as well as other researchers( [17] [18]) tributed DoS (DDoS) attacks have a sole purpose of ensuring
provide an extensive review of attacks in control network that a device is unable to render services to its intended
protocols (including IEC 61850) and the recommendations users. The adversary achieves this by flooding the device
provided by IEC 62351. In this paper, attacks related to with illegitimate messages/requests thereby making the device
GOOSE are mentioned. unable to respond to legitimate messages. It can slow down the
1) Detection of control devices: Author mentions two ap- performance of devices which can have a cascading effect on
proaches used by the adversary to detect number and types substations. As mentioned previously, an attacker can realise
of devices within the network. These are active and passive a DoS attack by sending malicious messages with higher
approaches. The active approach requires the adversary to send sequence numbers than the legitimate messages. as a result, all
packets within the network to obtain responses and based legitimate messages will be seen as stale and dropped while
on those responses, the type and number of devices can be the malicious messages are accepted. IEC 62351 does not have
determined. In the passive approach, the adversary sets up solutions that are sufficient in dealing with DoS attacks.
a device’s interface to promiscuous mode to monitor traffic
within the network. Results from the monitoring are used to B. Existing Encryption Protocols
determine the number and types of devices within the network. Mei et al. [11] discussed the implementation of a Hash-
However, it is stated that IEC 62351 provide no comprehensive based MAC (HMAC) [21] as a more efficient security protocol
countermeasures to stop it [10]. as opposed to IEC 62351’s recommendation. However it was
2) Replay, alteration and spoofing attacks: Replay attacks not implemented and there were no theoretical proofs to
involve the retransmission of captured original packets by the calculate its efficiency. Premnath et al. [22] applied the NTRU
adversary. These packets, obtained during a passive detection [23] encryption algorithm in ensuring security of SCADA.
approach, are retransmitted to obtain further information or Randomly-generated 32-byte messages were encrypted on
observe the behaviour of the network which could be useful Raspberry Pi and compared with RSA. NTRUEncrypt was
to the adversary. Also such packets can be captured, modified used to encrypt packets and NTRUSign was used to sign
and retransmitted by the adversary to either extract more in- the packets to ensure integrity. Even though NTRU was
formation or provoke disurbances, or emergencies, within the better, the computational time was more than 50ms which
substation environment. Quite often, the altered or modified exceeds the GOOSE performance requirements. Wang et al.
GOOSE packets are used to compromise IEDs and cause [24] designed a security scheme based on a hybrid DES-
damage within the substation. In the replay attack, original RSA algorithm but it requires high-computing performance
messages replayed by the attacker, when the 32-bit stN um to satisfy GOOSE performance requirements. There is also
value (see Section III) is reset to zero, will be accepted by the issue of packet overhead which can also affect GOOSE
the receiving device as legitimate messages. This strategy can performance requirements, should a maximum-size packet be
be used as form of denial-of-service attack because legitimate used. Zhang et al. [25] developed a hardware-based secu-
messages will always be dropped because their stN um values rity scheme for GOOSE using Certificate-less Public Key
are always lesser than those of malicious messages. Cryptography(CL-PKC) [26] which had latencies of less than
Hoyos et al. [14] exploited GOOSE by injecting false 1.5ms - well within the GOOSE performance requirements.
GOOSE packets into the network. After monitoring the repet- However, the calculations of the delay were purely theoretical
itive nature of GOOSE communication, a pattern was es- based on the performance of the A980 chip on encryption
tablished. Using Scapy [19] and Python scripts, a GOOSE algorithms. Also, the assumption made was that encryption is
packet was captured, parsed and modified into a malicious implemented on a security chip before the packet is sent to
packet. The malicious packet was injected at a time when the master CPU for processing. This may not be feasible for
the retransmission interval was steady to deceive recipients implementation for devices that do not have security chips.
that it was a new packet. This was processed by an IED Existing devices may not be replaced with new devices, that
that triggered a circuit breaker thus demonstrating that such have these security chips, by substation operators due to
malicious packets can cause the substation to be in a critical capital expenditure issues thus making this security scheme
state. Wright et al. [20] also developed a model to calculate not suitable for substations. Table III provides an overview of
the minimum requirements for an attacker to inject a malicious previous research on GOOSE encryption.
packet into the network. These attacks on GOOSE could In terms of attacks in Table II, there are a few drawbacks
have cascading problems throughout, not only in a substation, from these protocols suffer from. All protocols are unable to
but an entire smart grid. IEC 62351 standard recommends handle DoS/DDoS and replay attacks because they did not
implementing Message Authentication Code (MAC) [21] for implement any techniques to verify the freshness of the mes-
security in GOOSE and the RSA [16] encryption algorithm sage. Only the CLPLK is vulnerable to the detection of devices
TABLE II
TAXONOMY OF GOOSE-R ELATED ATTACKS
TABLE III AP P ID, Length, Reserved1 and Reserved2 each has a size
OVERVIEW OF P REVIOUS R ESEARCH ON GOOSE E NCRYPTION of 2 bytes. AP P ID holds the identification of a logical device,
Protocol Latency(ms) Problem which can be found within an IED, responsible for GOOSE
CLPKC [25] ≈ 1.409 Theoretical, hardware-based and operations. Reserved1 and Reserved2 fields are reserved for
difficult to be replicated practi- future extensions for functions for GOOSE messages and are
cally
NTRU [22] > 50 High latency, even though im- always set to 0. The Length field specifies the length of the
plemented on Raspberry Pi message; it is calculated as m + 8 where m is the length of
Hybrid DES- <2 Requires high performance com- the AP DU . The APDU, which holds the actual GOOSE data,
RSA [24] puting
contains the following fields: gocbRef , timeAllowedT oLive,
datSet, goID, t, stN um, sqN um, test, conf Rev, ndsCom,
attack because the contents of the messages are not hidden numDatSetEntries and allData. gocbRef is the name
and its primary concern is the integrity and non-repudiation of the GOOSE Control Block which is within the IED.
of messages. Against alteration and spoofing attacks, there timeAllowedtoLive provides the time that next GOOSE
are no known drawbacks for all three protocols. Table IV packet is expected. dataSet refers to the name of the dataset
provides a summary of the drawbacks of the protocols.Review object, within the IED, within which values of its members
of these papers proves that there is a need for a protocol that are transmitted. The members are uniquely numbered starting
should be easily implemented on a software or hardware level from 1. goID is the GOOSE ID of the GOOSE block within
depending on the choice of the operator or manufacturer. Such the IED. t holds the timestamp of the GOOSE packet that was
a protocol should neither require high computing overhead nor transmitted. Because GOOSE is an event driven protocol, a
incur packet overhead. Above all such a protocol must satisfy unique state number, stN um, is required to record each event,
the performance constraints requirements of GOOSE. of which its data is being transmitted, in a GOOSE packet.
The value of stN um changes in increasing order. sqN um is
III. GOOSE PACKET S TRUCTURE AND C OMMUNICATION the number assigned to retransmitted GOOSE messages of a
M ECHANISM particular event in increasing order. sqN um is reset to 0 when
A GOOSE packet (Fig. 3), which is an Ethernet-based stN um is incremented to indicate that a new event has its data
packet, has the following fields: Destination, Source, being transmitted.
EtherT ype, P ayload, and F ieldControlSequence (F CS) When the value of test is 1 (TRUE), it means that the
fields. The Source and Destination fields are Ethernet- values of the dataset in the message are being used for
based Media Access Control(MAC) addresses and each has testing purposes, a value of 0 means that they shall be used
a size of 6 bytes. The Destination field is a multicast MAC for operational purposes. conf Rev displays the configura-
address with the recommended format being 01 − 0C − CD − tion version of the IED. ndsCom, which stands for ”needs
01 − Y Y − Y Y , where Y Y − Y Y is within the range of commissioning”, when set to TRUE, means that the IED
01 − 00 to 01 − F F . In a situation where the recommended requires further configuration. numDatSetEntries provides
format will not be followed, the first octet must have its least the number of data members in the dataset in GOOSE packet.
significant bit set to 1 to indicate that address is a multicast alldata represents the actual data in the dataset encoded in
address and the fourth octet must have always have a value ASN.1/BER [27] format. In fact, data within the APDU is
of 01 to indicate that it is a GOOSE multicast address. The encoded using Abstract Syntax Notation ONE/Basic Encoding
2-byte EtherT ype field specifies the type of packet and Rules (ASN.1/BER). Each field within the APDU has the
has a value of 0x88B8 which means that the packet is a format T AG, LEN GT H and DAT A (actual value/data of
GOOSE packet. The F CS field, which has a size of 4 bytes, the field). T AG indicates the type of information represented
is used for error detection and control. The P ayload field by DAT A. LEN GT H indicates the size of DAT A in bytes.
has a varying size not more than 1500 bytes and has five GOOSE implements the publish-subscribe mechanism which
fields namely the AP P ID, Length, Reserved1, Reserved2 involves sending multicast messages within the network. In
and GooseP ayload/Application Protocol Data Unit(AP DU ). the publish-subscribe mechanism, one device (the publisher)
TABLE IV
D RAWBACKS OF P REVIOUS R ESEARCH ON GOOSE E NCRYPTION IN R ELATION TO GOOSE-R ELATED ATTACKS
Type of Attack
Protocol Detection of devices Replay Alteration and spoofing DoS/DDoS
CLPLK Attacker can monitor Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
messages. accepted by devices be- authentication and signature fied replay packets will be accepted
cause there is no check for fields. by devices.
freshness.
NTRU No known drawbacks. Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
Attacker is unable to accepted by devices be- authentication and signature fied replay packets will be accepted
monitor encrypted pack- cause there is no check for fields. by devices.
ets. freshness.
Hybrid RSA and DES No known drawbacks. Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
Attacker is unable to accepted by devices be- authentication and signature fied replay packets will be accepted
monitor encrypted pack- cause there is no check for fields. by devices.
ets. freshness.
TABLE V
L IST OF N OTATIONS
Type of Attack
Protocol Detection of devices Replay Alteration and spoofing DoS/DDoS
CLPLK Attacker can monitor Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
messages. accepted by devices be- authentication and signature fied replay packets will be accepted
cause there is no check for fields. by devices.
freshness.
NTRU No known drawbacks. Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
Attacker is unable to accepted by devices be- authentication and signature fied replay packets will be accepted
monitor encrypted pack- cause there is no check for fields. by devices.
ets. freshness.
Hybrid RSA and DES No known drawbacks. Replayed packets will be No known drawbacks due to Flooding of devices with unmodi-
Attacker is unable to accepted by devices be- authentication and signature fied replay packets will be accepted
monitor encrypted pack- cause there is no check for fields. by devices.
ets. freshness.
OTP No known drawbacks. No known drawbacks. No known drawbacks. Tam- No known drawbacks. Packets will
Attacker is unable to Packets will be dropped pering will be detected from be dropped because of mismatched
monitor encrypted pack- because of mismatched the FCS field after decryption. keys and integrity errors detected
ets. keys. from the FCS field.
[4] M. Kezunovic, M. Ghavami, C. Guo, Y. Guan, G. Karady, and L. Dam, [16] B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source
“The 21 st Century Substation Design Final Project Report Project Code in {C}. New York: Wiley, 1996.
Team,” Tech. Rep., 2010. [Online]. Available: http://www.pserc.org. [17] Y. Xu, Y. Yang, T. Li, J. Ju, and Q. Wang, “Review on cyber vulnerabil-
[5] S. Nick, G. Nourbakhsh, A. Ghosh, and N. Ghasemi, “CIGRÉ Australia ities of communication protocols in industrial control systems,” in 2017
APB5 SEAPAC 2015 A technique for analysing GOOSE packets when IEEE Conference on Energy Internet and Energy System Integration
testing relays in an IEC 61850-8-1 environment,” Tech. Rep. [Online]. (EI2). IEEE, 2017, pp. 1–6.
Available: https://eprints.qut.edu.au/84005/1/32 AU Nick doc.pdf [18] M. T. A. Rashid, S. Yussof, Y. Yusoff, and R. Ismail, “A review of
[6] “Ieee recommended practice for implementing an iec 61850-based security attacks on iec61850 substation automation system network,”
substation communications, protection, monitoring, and control system,” in Proceedings of the 6th International Conference on Information
IEEE Std 2030.100-2017, pp. 1–67, June 2017. Technology and Multimedia. IEEE, 2014, pp. 5–10.
[7] K. Correll, N. Barendt, and M. Branicky, “Design considerations for [19] P. Biondi, “Scapy,” 2011. [Online]. Available: https://scapy.net/
software only implementations of the ieee 1588 precision time protocol,” [20] J. G. Wright and S. D. Wolthusen, “Stealthy injection attacks against
in Conference on IEEE, vol. 1588, 2005, pp. 11–15. iec61850’s goose messaging service,” in 2018 IEEE PES Innovative
Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE,
[8] F. Cleveland, “Iec tc57 security standards for the power system’s
2018, pp. 1–6.
information infrastructure–beyond simple encryption,” in Transmission
[21] H. Krawczyk, M. Bellare, and R. Canetti, “Hmac: Keyed-hashing for
and Distribution Conference and Exhibition, vol. 2006, 2005, pp. 1079–
message authentication,” Tech. Rep., 1997.
1087.
[22] A. P. Premnath, J.-Y. Jo, and Y. Kim, “Application of
[9] M. Hosny Tawfeek Essa and P. Crossley, “GOOSE performance NTRU Cryptographic Algorithm for SCADA Security,” in 2014
assessment on an IEC 61850 redundant network,” The Journal of Engi- 11th International Conference on Information Technology: New
neering, vol. 2018, no. 15, pp. 841–845, oct 2018. [Online]. Available: Generations. IEEE, apr 2014, pp. 341–346. [Online]. Available:
https://digital-library.theiet.org/content/journals/10.1049/joe.2018.0208 http://ieeexplore.ieee.org/document/6822221/
[10] A. Volkova, M. Niedermeier, R. Basmadjian, and H. de Meer, [23] J. Hoffstein, J. Pipher, and J. H. Silverman, “Ntru: A ring-based
“Security Challenges in Control Network Protocols: A Survey,” IEEE public key cryptosystem,” in International Algorithmic Number Theory
Communications Surveys & Tutorials, vol. 21, no. 1, pp. 619–639, 2019. Symposium. Springer, 1998, pp. 267–288.
[Online]. Available: https://ieeexplore.ieee.org/document/8472799/ [24] W. Fangfang, W. Huazhong, C. Dongqing, and P. Yong,
[11] D. Mei, B. Zhou, J. Zheng, H. Luo, and Y. Yao, “Realization of “Substation Communication Security Research Based on Hybrid
Communication Security in Substation,” in 2018 5th International Encryption of DES and RSA,” in 2013 Ninth International
Conference on Information Science and Control Engineering Conference on Intelligent Information Hiding and Multimedia Signal
(ICISCE). IEEE, jul 2018, pp. 910–916. [Online]. Available: Processing. IEEE, oct 2013, pp. 437–441. [Online]. Available:
https://ieeexplore.ieee.org/document/8612688/ http://ieeexplore.ieee.org/document/6846671/
[12] J. Noce, Y. Lopes, N. C. Fernandes, C. V. N. Albuquerque, and D. C. [25] J. ZHANG, L. Jun’e, C. Xiong, N. Ming, W. Ting, and L. Jianbo, “A
Muchaluat-Saade, “Identifying vulnerabilities in smart gric communica- security scheme for intelligent substation communications considering
tion networks of electrical substations using geese 2.0,” in 2017 IEEE real-time performance,” Journal of Modern Power Systems and Clean
26th International Symposium on Industrial Electronics (ISIE), June Energy, pp. 1–14, 2019.
2017, pp. 111–116. [26] S. S. Al-Riyami and K. G. Paterson, “Certificateless public key cryp-
[13] S. Samtani, S. Yu, H. Zhu, M. Patton, J. Matherly, and H. Chen, tography,” in International conference on the theory and application of
“Identifying SCADA Systems and Their Vulnerabilities on the cryptology and information security. Springer, 2003, pp. 452–473.
Internet of Things: A Text-Mining Approach,” IEEE Intelligent [27] B. S. Kaliski Jr and C. Redwood City, “A layman’s guide to a subset
Systems, vol. 33, no. 2, pp. 63–73, mar 2018. [Online]. Available: of asn. 1, ber, and der,” 1993.
https://ieeexplore.ieee.org/document/8255786/ [28] C. Kriger, S. Behardien, and J.-C. Retonda-Modiya, “A detailed analysis
[14] J. Hoyos, M. Dehus, and T. X. Brown, “Exploiting the GOOSE of the goose message structure in an iec 61850 standard-based substation
protocol: A practical attack on cyber-infrastructure,” in 2012 IEEE automation system,” International Journal of Computers Communica-
Globecom Workshops. IEEE, dec 2012, pp. 1508–1513. [Online]. tions & Control, vol. 8, no. 5, pp. 708–721, 2013.
Available: http://ieeexplore.ieee.org/document/6477809/
[15] A. Hadbah, A. Kalam, and A. Zayegh, “Powerful IEDs, ethernet
networks and their effects on IEC 61850-based electric power
utilities security,” in 2017 Australasian Universities Power Engineering
Conference (AUPEC). IEEE, nov 2017, pp. 1–5. [Online]. Available:
http://ieeexplore.ieee.org/document/8282415/