@inproceedings{9cb61513662742b8b06a74bc71be70b9,
title = "Access Control and Availability Vulnerabilities in the ISO/IEC 61850 Substation Automation Protocol",
abstract = "The ISO/IEC 61850 protocol for substation automation is a key component for the safe and efficient operation of smart grids, whilst offering a substantial range of functions. While extension standards, particularly ISO/IEC 62351 provide further security controls, the baseline protocol offers the assurances of access control and availability. In this paper a systematic study of selected aspects of the basic ISO/IEC 61850 protocol demonstrates that protocol-level vulnerabilities exist. The main finding is the development of a credential interception attack allowing an adversary, without credentials, to hijack a session during an initial association; the feasibility of this attack is proven using a formal language representation. A second attack based on a workflow amplification attack which relies on the assumptions in the protocol{\textquoteright}s substation event model, which is independent of layered security controls and only relies on the protocol{\textquoteright}s communication patterns is shown.",
author = "James Wright and Stephen Wolthusen",
year = "2017",
doi = "10.1007/978-3-319-71368-7_20",
language = "English",
isbn = "978-3-319-71367-0",
series = "Lecture Notes in Computer Science",
publisher = "Springer",
pages = "239--251",
editor = "Havarneanu, {Grigore } and Setola, {Roberto } and Nassopoulos, {Hypatia } and Wolthusen, {Stephen }",
booktitle = "Critical Information Infrastructures Security",
}