A review of security attacks on IEC61850 substation automation system network

Although IEC61850 substations can provide various advantages over traditional substations, the power supplier companies are being cautious about its implementation due to security concerns. Indeed, researchers have identified a number of security vulnerabilities and weaknesses in the IEC61850 standard such as the lack of encryption used in the GOOSE messages, lack of intrusion detection system implementation in IEC61850 network, and no firewall implementation inside IEC61850 substation network. By exploiting these vulnerabilities, researchers have also discovered a number of security attacks that can be launched on IEC61850 substation network. These attacks can be categorized into two, which are common network security attacks on IEC61850 network and security attacks that exploit the IEC61850 multicast messages. This paper provides a review of these security attacks in terms of how the attacks are conducted and the subsequent damages that they may cause.