New Cybersecurity Scheme for Electrical Substation using Wifi Protected Access 3 and Local Authenticator
Abstract views: 46 / PDF downloads: 25
Keywords:Advanced Encryption Standard (AES), Cybersecurity, Local Authentication Server, Real Time Performance, Wireless Network, Wifi Protected Access3
The wireless local area network technologies are attractive solutions to upgrade the communication network of the traditional electrical substation toward smart electrical substation. Unfortunately, the wireless communication network suffers from additional drawbacks compared to wired technologies such as cyber threats in particular the common wireless channel. The current work suggests a cybersecurity model for the wireless communication network (WCN) that serves the substation automation system (SAS) of electrical substations. The adopted model protects the wireless communication between the high-voltage devices and the switched access point (S-AP) in the electrical substation using wifi protected access 3 (WPA3) security scheme. This work proposes a new architecture scheme to provide a secure and reliable key management module based on WPA3. Hence, a local authenticator is responsible for distributing the keys safely rather than the remote authentication dial-in user service (RADIUS) server. In addition, a lightweight security scheme as possible is handled to overcome the challenges of SAS system performance requirements. The results indicated that the adopted ciphering algorithms do not break the latency requirements of real-time protection of SAS (less than 4 msec).
S. E. Quincozes, C. Albuquerque, D. Passos, and D. Mossé, “A survey on intrusion detection and prevention systems in digital substations,” Computer Networks, vol. 184, p. 107679, Jan. 2021, doi: 10.1016/j.comnet.2020.107679.
J. Hong, C.-C. Liu, and M. Govindarasu, “Detection of cyber intrusions using network-based multicast messages for substation automation,” in ISGT 2014, Feb. 2014, pp. 1–5. doi: 10.1109/ISGT.2014.6816375.
F. S. Alsharbaty and Q. I. Ali, “An Enhanced Industrial Wireless Communication Network for Hard Real Time Performance Substation Automation Purposes,” AlRafidain Engineering Journal (AREJ), vol. 27, no. 2, pp. 216–226, Sep. 2022, doi: 10.33899/rengj.2022.133860.1173.
S. Hussain, J. Hernandez Fernandez, A. K. Al-Ali, and A. Shikfa, “Vulnerabilities and countermeasures in electrical substations,” International Journal of Critical Infrastructure Protection, vol. 33, p. 100406, Jun. 2021, doi: 10.1016/j.ijcip.2020.100406.
F. Holik, L. H. Flå, M. G. Jaatun, S. Y. Yayilgan, and J. Foros, “Threat Modeling of a Smart Grid Secondary Substation,” Electronics, vol. 11, no. 6, Art. no. 6, Jan. 2022, doi: 10.3390/electronics11060850.
Y. Xiao, L. Yang, J. Li, J. Xu, and K. Liu, “Valuing the cyber-attacks budget in high voltage power substations to increase cyber-security; providing a method based on Fuzzy Analytical Hierarchy Process,” Energy Reports, vol. 7, pp. 8322–8331, Nov. 2021, doi: 10.1016/j.egyr.2021.08.002.
N. Moreira, E. Molina, J. Lázaro, E. Jacob, and A. Astarloa, “Cyber-security in substation automation systems,” Renewable and Sustainable Energy Reviews, vol. 54, pp. 1552–1562, Feb. 2016, doi: 10.1016/j.rser.2015.10.124.
L. Yang, Y. Zhai, Y. Zhang, Y. Zhao, Z. Li, and T. Xu, “A new methodology for anomaly detection of attacks in IEC 61850-based substation system,” Journal of Information Security and Applications, vol. 68, p. 103262, Aug. 2022, doi: 10.1016/j.jisa.2022.103262.
P. Kreimel, O. Eigner, F. Mercaldo, A. Santone, and P. Tavolato, “Anomaly detection in substation networks,” Journal of Information Security and Applications, vol. 54, p. 102527, Oct. 2020, doi: 10.1016/j.jisa.2020.102527.
N. Wang, R. Yao, Y. Liu, Y. Wu, and D. Mou, “A Key Management Method For Smart Substation,” Energy Procedia, vol. 156, pp. 337–342, Jan. 2019, doi: 10.1016/j.egypro.2018.11.152.
M. Moradi and A. H. Jahangir, “A new delay attack detection algorithm for PTP network in a power substation,” International Journal of Electrical Power & Energy Systems, vol. 133, p. 107226, Dec. 2021, doi: 10.1016/j.ijepes.2021.107226.
N. Ahmad, L. M. Wei, and M. H. Jabbar, “Advanced Encryption Standard with Galois Counter Mode using Field Programmable Gate Array.,” J. Phys.: Conf. Ser., vol. 1019, no. 1, p. 012008, Jun. 2018, doi: 10.1088/1742-6596/1019/1/012008.
C. Cazan and M. Y. Mansour, “WPA3 is the latest generation of Wi-Fi security, bringing simplicity, backward compatibility, and enhanced security. Intel Wi-Fi clients are certified and industry-tested—ready to equip your organization with higher network protection and minimal deployment effort.,” p. 4.
L. Wang, J. Yang, and P.-J. Wan, “Educational modules and research surveys on critical cybersecurity topics,” International Journal of Distributed Sensor Networks, vol. 16, no. 9, p. 1550147720954678, Sep. 2020, doi: 10.1177/1550147720954678.
K. Kumar, K. R. Ramkumar, and A. Kaur, “A lightweight AES algorithm implementation for encrypting voice messages using field programmable gate arrays,” Journal of King Saud University -Computer and Information Sciences, vol. 34, no. 6, Part B, pp. 3878–3885, Jun. 2022, doi: 10.1016/j.jksuci.2020.08.005.
C. P. Kohlios and T. Hayajneh, “A Comprehensive Attack Flow Model and Security Analysis for Wi-Fi and WPA3,” Electronics, vol. 7, no. 11, Art. no. 11, Nov. 2018, doi: 10.3390/electronics7110284.
Q. Ali, “An Embedded Securıty Center For Internet Of Thıngs (IOT) Infrastructure,” Aug. 2017.