Analysis of Cyber Security Threat of using IEC61850 in Digital Substations involving DERMS

Abstract

Distributed Energy Resource Management System will enable interoperability in communication with all the elements of the electrical grid. Communication protocol such as IEC61850 is already in the substations because of interoperability and performance in maintaining strict real-time transfer of messages in all the communication levels such as process bus, station bus, and the supervisory level. Integration of distributed energy resources, especially grid to vehicle and vehicle to grid technology, increases the substation boundary and its communication network, which is a safety threat, and they can be a vulnerable point to cyber security attacks. In this work, we analyze the impact of the cyberattack on a modified IEEE 13 node test feeder network that operates with Distributed Energy Resource Management System and IEC61850 as a communication protocol. The threat impact is analyzed using a Hardware-in-the-loop test bench with the integration of a physical communication network layer and Intelligent Electronic Devices connected to the circuit breakers. A Man-in-the-middle attack on the power system network, such as spoofing and false data injection in the supervisory communication layer of IEC61850 MMS involved in the Distributed Energy Resource Management System, are executed.