针对IEC61850的GOOSE消息服务的隐形注入攻击

2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) Pub Date : 2018-10-01 DOI:10.1109/ISGTEurope.2018.8571518

James G. Wright, S. Wolthusen

{"title":"针对IEC61850的GOOSE消息服务的隐形注入攻击","authors":"James G. Wright, S. Wolthusen","doi":"10.1109/ISGTEurope.2018.8571518","DOIUrl":null,"url":null,"abstract":"IEC61850 and IEC62351 combined provide a set of security promises for the communications channels that are used to run a substation automation system (SAS), that use IEC61850 based technologies. However, one area that is largely untouched by these security promises is the generic object oriented substation events (GOOSE) messaging service. GOOSE is designed to multicast commands and data across a substation within hard real time quality of service (QoS) requirements. This means that GOOSE is unable to implement the required security technologies as the added latency to any message would violate the QoS.","PeriodicalId":302863,"journal":{"name":"2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)","volume":"2016 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Stealthy Injection Attacks Against IEC61850's GOOSE Messaging Service\",\"authors\":\"James G. Wright, S. Wolthusen\",\"doi\":\"10.1109/ISGTEurope.2018.8571518\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"IEC61850 and IEC62351 combined provide a set of security promises for the communications channels that are used to run a substation automation system (SAS), that use IEC61850 based technologies. However, one area that is largely untouched by these security promises is the generic object oriented substation events (GOOSE) messaging service. GOOSE is designed to multicast commands and data across a substation within hard real time quality of service (QoS) requirements. This means that GOOSE is unable to implement the required security technologies as the added latency to any message would violate the QoS.\",\"PeriodicalId\":302863,\"journal\":{\"name\":\"2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)\",\"volume\":\"2016 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISGTEurope.2018.8571518\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISGTEurope.2018.8571518","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 14

摘要

IEC61850和IEC62351相结合，为运行使用基于IEC61850技术的变电站自动化系统(SAS)的通信通道提供了一套安全承诺。然而，有一个领域基本上没有受到这些安全承诺的影响，那就是通用的面向对象变电站事件(GOOSE)消息传递服务。GOOSE设计用于在硬实时服务质量(QoS)要求下跨变电站多播命令和数据。这意味着GOOSE无法实现所需的安全技术，因为任何消息的延迟都会违反QoS。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Stealthy Injection Attacks Against IEC61850's GOOSE Messaging Service

IEC61850 and IEC62351 combined provide a set of security promises for the communications channels that are used to run a substation automation system (SAS), that use IEC61850 based technologies. However, one area that is largely untouched by these security promises is the generic object oriented substation events (GOOSE) messaging service. GOOSE is designed to multicast commands and data across a substation within hard real time quality of service (QoS) requirements. This means that GOOSE is unable to implement the required security technologies as the added latency to any message would violate the QoS.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe)

自引率

0.00%

发文量