The growing convergence of Information Technology and Operational Technology has enhanced communication and visibility across power grids. This, coupled with the growing use of Distributed Energy Resources in power grids, has enhanced the grid capabilities while also creating a larger attack surface for malicious actors. A common protocol vulnerable to these attacks is the IEC-61850 GOOSE protocol due to its low-latency requirements, multicast packet delivery method, and lack of encryption. In this paper, we evaluate the security implications of different hardware implementations of this protocol by contrasting device response and recovery of two commercial off-the-shelf Intelligent Electronic Devices from separate manufacturers. The cyberattacks utilized in this paper are research-established GOOSE attacks with results measured in device latency and GOOSE endpoint response success.

信息技术和运营技术的日益融合增强了整个电网的通信和可见性。再加上分布式能源在电网中的使用不断增加，增强了电网能力，同时也为恶意行为者创造了更大的攻击面。容易受到这些攻击的常见协议是 IEC-61850 GOOSE协议由于其低延迟要求、多播数据包传送方法以及缺乏加密而被采用。在本文中，我们通过对比来自不同制造商的两种商用现成智能电子设备的设备响应和恢复来评估该协议的不同硬件实现的安全影响。本文中使用的网络攻击是经过研究的 GOOSE 攻击，其结果通过设备延迟和 GOOSE 端点响应成功来衡量。