KIT | KIT-Bibliothek | Impressum | Datenschutz

On the Detection of Cyber-Attacks in the Communication Network of IEC 61850 Electrical Substations

Elbez, Ghada ORCID iD icon 1
1 Institut für Automation und angewandte Informatik (IAI), Karlsruher Institut für Technologie (KIT)


The availability of the data within the network communication remains one of the most critical requirement when compared to integrity and confidentiality. Several threats such as Denial of Service (DoS) or flooding attacks caused by Generic Object Oriented Substation Event (GOOSE) poisoning attacks, for instance, might hinder the availability of the communication within IEC 61850 substations.
To tackle such threats, a novel method for the Early Detection of Attacks for the GOOSE Network Traffic (EDA4GNeT) is developed in the present work.

Few of previously available intrusion detection systems take into account the specific features of IEC 61850 substations and offer a good trade-off between the detection performance and the detection time. Moreover, to the best of our knowledge, none of the existing works proposes an early anomaly detection method of GOOSE attacks in the network traffic of IEC 61850 substations that account for the specific characteristics of the network data in electrical substations.

The EDA4GNeT method considers the dynamic behavior of network traffic in electrical substations. The mathematical modeling of the GOOSE network traffic first enables the development of the proposed method for anomaly detection. ... mehr

Volltext §
DOI: 10.5445/IR/1000146668
Veröffentlicht am 30.05.2022
Cover der Publikation
Zugehörige Institution(en) am KIT Institut für Automation und angewandte Informatik (IAI)
Publikationstyp Hochschulschrift
Publikationsdatum 30.05.2022
Sprache Englisch
Identifikator KITopen-ID: 1000146668
HGF-Programm 46.23.02 (POF IV, LK 01) Engineering Security for Energy Systems
Verlag Karlsruher Institut für Technologie (KIT)
Umfang xiii, 138 S.
Art der Arbeit Dissertation
Fakultät Fakultät für Informatik (INFORMATIK)
Institut Institut für Automation und angewandte Informatik (IAI)
Prüfungsdatum 05.05.2022
Schlagwörter anomaly detection, communication network, cyber-security, electrical substations, GOOSE, IDS, IEC 61850, IEC 62351
Referent/Betreuer Hagenmeyer, Veit
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page