A Key Management Schema Based on ECC to Secure the Substation and Control Center Communications in Smart Grids

Document Type : Computer and Network Security-Ghaemi


1 Imamreza University of Mashhad



Since the invention of electricity, global power grids have been at the forefront of technological advances. The antiquated infrastructure of power system which provides power to the city's homes, factories and businesses are replaced with a new power distribution system. This new infrastructure of power distribution includes the collection of digital systems called the smart grid. In the smart grid, one of the main components is the distribution system, and the consumption reports are transferred from the substations to the control center. Currently, the smart substations use the IEC61850, however, it is not completely safe. IEC 62351 is used to secure this standard. However, the security protocols are provided for IEC 62351 standard, and there are different security issues to this standard. This paper presents a key agreement scheme with an authentication mechanism based on ECC for securing the communication between the data center and substation. In addition, it can cover the standard security weaknesses, and the session key is generated due to the time limit for the two important protocols in IEC 62851 (i.e. GOOSE and SV).


[1] Q. Song, W. Sheng, L. Kou, D. Zhao, Z. Wu, and H. Fang, "Smart substation integration technology and its application in distribution power grid," CSEE Journal of Power and Energy Systems, vol. 2, no. 4, pp. 31-36, 2016.
[2] E. Tebekaemi and D. Wijesekera, "Designing an IEC 61850 based power distribution substation simulation/emulation testbed for cyber-physical security studies," in Proceedings of the First International Conference on Cyber-Technologies and Cyber-Systems, pp. 41-49, 2016.
[3] C. Wester, M. Adamiak, and J. Vico, "IEC61850 protocol-practical applications in industrial facilities," in Industry Applications Society Annual Meeting (IAS), IEEE,pp. 1-7: IEEE, 2011.
[4] R. Tawde, A. Nivangune, and M. Sankhe, "Cyber security in smart grid SCADA automation systems," in Innovations in Information, Embedded and Communication Systems (ICIIECS), International Conference on, 2015, pp. 1-5: IEEE, 2015.
[5] L. Zhang, S. Tang, Y. Jiang, and Z. Ma, "Robust and efficient authentication protocol based on elliptic curve cryptography for smart grids," in Green Computing and Communications (GreenCom), IEEE and Internet of Things (iThings/CPSCom), IEEE International Conference on and IEEE Cyber, Physical and Social Computing, pp. 2089-2093: IEEE, 2013.
[6] J. Northcote-Green, R. G. Wilson, “Control and automation of electrical power distribution systems”. CRC Press, 2006.
[7] K. C. Ruland, J. Sassmannshausen, K. Waedt, and N. Zivic, "Smart grid security–an overview of standards and guidelines," e & i Elektrotechnik und Informationstechnik, vol. 134, no. 1, pp. 19-25, 2017.
[8] M. Strobel, N. Wiedermann, and C. Eckert, "Novel weaknesses in IEC 62351 protected Smart Grid control systems," in Smart Grid Communications (SmartGridComm), 2016 IEEE International Conference on, pp. 266-270: IEEE, 2016.
[9] Miao, Jianqiang, Ning Zhang, Chongqing Kang, Jianxiao Wang, Yi Wang, and Qing Xia. "Steady-state power flow model of energy router embedded AC network and its application in optimizing power system operation." IEEE Transactions on Smart Grid 9, no. 5, 4828-4837, 2017.
[10] T. Güneysu, T. Kasper, M. Novotný, C. Paar, and A. Rupp, "Cryptanalysis with COPACOBANA," IEEE Transactions on Computers, no. 11, pp. 1498-1513, 2008.
[11] David L. Mills. Network Time Protocol (Version 3) Specification, Implementation and Analysis. Internet Request for Comments, March, RFC 1305, 1992.
[12] H. Nicanfar, P. Jokar, K. Beznosov, and V. C. Leung, "Efficient authentication and key management mechanisms for smart grid communications," IEEE Systems Journal, vol. 8, no. 2, pp. 629-640, 2014.
[13] H. Niederreiter, "Knapsack-type cryptosystems and algebraic coding theory," Prob. Control and Inf. Theory, vol. 15, no. 2, pp. 159-166, 1986.
[14] D. Abbasinezhad-Mood and M. Nikooghadam, "An anonymous ECC-based self-certified key distribution scheme for the smart grid," IEEE Transactions on Industrial Electronics, vol. 65, no. 10, pp. 7996-8004, 2018.
[15] M. Alishahi, M. Farhadi, S. Jafari, M. Taghavi, H. Moosavi, and A. Mohajerzadeh, "An efficient and light asymmetric cryptography to secure communication in smart grid," in 2017 IEEE International Conference on Smart Energy Grid Engineering (SEGE), pp. 248-252: IEEE, 2017.
[16] Odelu, Vanga, Ashok Kumar Das, Mohammad Wazid, and Mauro Conti. "Provably secure authenticated key agreement scheme for smart grid." IEEE Transactions on Smart Grid 9, no. 3. 1900-1910. 2016.
[17] D. He, H. Wang, M. K. Khan, and L. Wang, "Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography," IET Communications, vol. 10, no. 14, pp. 1795-1802, 2016.
[18] R. Amoah, S. Camtepe, and E. Foo, "Securing DNP3 broadcast communications in SCADA systems," IEEE Transactions on Industrial Informatics, vol. 12, no. 4, pp. 1474-1485, 2016.
[19] J.-L. Tsai and N.-W. Lo, "Secure anonymous key distribution scheme for smart grid," IEEE Transactions on Smart Grid, vol. 7, no. 2, pp. 906-914, 2016.
[20] K. Mahmood, S. A. Chaudhry, H. Naqvi, T. Shon, and H. F. Ahmad, "A lightweight message authentication scheme for Smart Grid communications in power sector," Computers and Electrical Engineering, vol. 52, pp. 114-124, 2016.
[21] D. He, H. Wang, M. K. Khan, and L. Wang, “Lightweight anonymous key distribution scheme for smart grid using elliptic curve cryptography,” IET Communications, vol. 10, no. 14, pp. 1795-1802, 2016.
[22] R. Amoah, S. Camtepe, and E. Foo, “Securing DNP3 broadcast communications in SCADA systems,” IEEE Transactions on Industrial Informatics, vol. 12, no. 4, pp. 1474-1485, 2016.
[23] B. Vaidya, D. Makrakis, and H. T. Mouftah, "Authentication and authorization mechanisms for substation automation in smart grid network," IEEE Network, vol. 27, no. 1, pp. 5-11, 2013.
[24] K. G. Nagananda and P. Khargonekar, "An approximately optimal algorithm for scheduling Phasor data transmissions in smart grid networks," IEEE Transactions on Smart Grid, vol. 8, no. 4, pp. 1649-1657, 2017.
[25] M. T. A. Rashid, S. Yussof, Y. Yusoff, and R. Ismail, "A review of security attacks on IEC61850 substation automation system network," in Information Technology and Multimedia (ICIMU), International Conference on, pp. 5-10: IEEE, 2014.
[26] C. Kriger, S. Behardien, and J.-C. Retonda-Modiya, "A detailed analysis of the GOOSE message structure in an IEC 61850 standard-based substation automation system," International Journal of Computers Communications & Control, vol. 8, no. 5, pp. 708-721, 2013.
[27] J. Hoyos, M. Dehus, and T. X. Brown, "Exploiting the GOOSE protocol: A practical attack on cyber-infrastructure," in Globecom Workshops (GC Wkshps), IEEE, pp. 1508-1513: 2012.
[28] Mohammadali, Amin, Mohammad Sayad Haghighi, Mohammad Hesam Tadayon, and Alireza Mohammadi-Nodooshan. "A novel identity-based key establishment method for advanced metering infrastructure in smart grid." IEEE Transactions on Smart Grid 9, no. 4. 2834-2842, 2016.