Exploiting the GOOSE protocol: A practical attack on cyber-infrastructure

Author

Hoyos, Jose ; Dehus, M. ; Brown, Timothy X.

Author_Institution

Interdiscipl. Telecommun. Program, Univ. of Colorado Boulder, Boulder, CO, USA

fYear

2012

fDate

3-7 Dec. 2012

Firstpage

1508

Lastpage

1513

Abstract

Security issues for the power industry have become increasingly relevant during the past decade as the industry has relied more and more on communication protocols. The Generic Object Oriented Substation Events (GOOSE) protocol is defined in IEC 61850 for the purpose of distributing event data across entire substation networks. In this paper we demonstrate a practical attack by exploiting weaknesses in GOOSE. We also show that this attack can have devastating consequences on the reliability of the grid and is capable of creating a widespread interruption in power generation and distribution.

Keywords

electricity supply industry; object-oriented methods; power distribution protection; power engineering computing; power generation protection; protocols; substation protection; GOOSE protocol; IEC 61850; communication protocols; cyber-infrastructure attack; devastating consequences; event data distribution; generic object oriented substation events protocol; grid reliability; power distribution; power generation; power industry; security issues; substation networks; Digital signatures; IEC standards; Protocols; Substations; Vectors; GOOSE messages; IEC 61850; critical infrastructure; cybersecurity; substation security;

fLanguage

English

Publisher

ieee

Conference_Titel

Globecom Workshops (GC Wkshps), 2012 IEEE

Conference_Location

Anaheim, CA

Print_ISBN

978-1-4673-4942-0

Electronic_ISBN

978-1-4673-4940-6

Type

conf

DOI

10.1109/GLOCOMW.2012.6477809

Filename

6477809