Evaluating Security Mechanisms of Substation Automation Systems

Abstract: Substations are important components for transforming voltage and distributing power in electrical infrastructure. Modern substations are usually automated by substation automation systems, which offload the work of operators and reduce potential human error. The IEC 61850 standard was released in 2003 to address the compatibility of electronic devices with substation automation systems. However, it exposed more attack surfaces with the adoption of Ethernet, the wide use of digital devices, and the connection to the Internet. Therefore, it is necessary to analyze the security threats of modern substations. This master thesis investigated the common design options of IEC 61850 substations, then used the graph-based threat modeling method to explore the security weaknesses of those options and compare the effectiveness of security mechanisms. The construction of threat models is carried out with SecuriCAD and several domain-specific modeling languages that developed from the Meta Attack Language framework. Through the analysis of the results, we conclude that the evaluated security mechanisms can bring security benefits and mitigate security threats in the area of substation automation.