Analysis of Message Authentication Solutions for IEC 61850 in Substation Automation Systems

An inevitable consequence of automated control and communication in electric substations is the vulnerability against cyberattacks that compromise the integrity and authenticity of messages. IEC 62351 standard stipulates the use of message authentication solutions, although there is no firm guidance on the exact method to be adopted. The earlier IEC 62351-6:2007 standard recommended the use of digital signatures. However, digital signatures do not meet the timing requirements of IEC 61850 GOOSE and SV. Thus, the recent revisions to IEC 62351–6 backtracked from digital signatures in favor of message authentication code (MAC) algorithms, thereby sacrificing key properties, i.e., scaling well for multiple destinations, easy key distribution and management, public verifiability, and non-repudiation. Following these revisions, tailoring MAC-based algorithms for IEC 61850 message structure has gained traction. Additionally, new message authentication solutions that exploit the small or low entropy messages, such as those in GOOSE and SV, have been proposed to secure time-critical communication. These solutions retain certain key properties of digital signatures within the delay requirements of GOOSE and SV. This paper addresses the key trade-offs and discusses the feasibility of the promising message authentication solutions for IEC 61850 GOOSE and SV. Through their implementation on a low-cost hardware BeagleBoard-X15 we report on the real-world comparison of performance metrics.