Loading...

Analysis and Evaluation of Security Vulnerabilities of Precision time Protocol (PTP) and Securing IEEE61850 based Digital Substations

Moradi, Mohsen | 2023

114 Viewed
  1. Type of Document: Ph.D. Dissertation
  2. Language: Farsi
  3. Document No: 56564 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jahangir, Amir Hossein
  7. Abstract:
  8. Nowadays, power systems and substations are the most important components of the vital infrastructure of a country, which handle the production, transmission and distribution of the electrical energy. Automation systems increase the efficiency of the power industry while making remote control possible, but the use of computer-based control systems is a potential field for cyberattacks which may cause equipment destruction and electricity network destabilization. One of the main requirements for the utilization of digital substations is the synchronization between different equipment used in it. Several algorithms and protocols have been proposed so far for time synchronization in distributed networks such as 1-PPS, IRGB-B, NTP, SNTP, and PTP. Due to the high accuracy of the PTP (in the order of microsecond), this protocol has attracted the most attention among the users. The increase in the distribution of new messages in PTP compared to other protocols has yielded several vulnerabilities in a PTP network and attacks accomplished for replaying messages or commands, interception and removal of information, packet delay manipulation, spoofing of the network clocks, and DoS. Due to the importance of this issue, besides the recommendations of the Annex-P security plugin standard of the PTP in 2020, many research studies have treated the PTP security and reported some solutions. While these security plugins and solutions have been considered, the time delay attack to the PTP messages is still a big concern in timely industrail networks. Due to the message properties (size, direction and period of spreading), an attacker can launch a delay attack even on the encrypted messages. Given the breadth of the subject, this research work studies the effect of the delay attack on the PTP messages and tries to detect the attacks, and propose proper innovative counter-attack approaches. The basis of the proposed method is the block building of the PTP network clocks (switches). This method identifies the exact location (link or clock) and duration of the attacks on the network elements by diffusing and analyzing some new messages. The modeling, formal proof, and simulation results confirm that the proposed solution has the ability to achieve the goal of this research, while having negligible traffic overhead. Furthermore, the security of the messages added to the protocol is also evaluated, so as to prevent the attacker from hiding the attacks. This study presents a relatively holistic view of vulnerabilities of the PTP protocol, and also, the ways to prevent, or at least detect, any attacks by designers and users of the digital equipment and electrical industry automation
  9. Keywords:
  10. Cyber Attacks ; IEC 61850 Standard ; Industrial Network ; Precision Time Protocol (PTP)Synchronization ; Precision Time Protocol (PTP)Network Attack ; Delay Attack ; Software Vulnerabilities Analysis ; Security Vulnerability

 Digital Object List

 Bookmark