De-Synchronisation Attack Modelling in Real-Time Protocols Using Queue Networks : Attacking the ISO/IEC 61850 Substation Automation Protocol. / Wright, James; Wolthusen, Stephen.

Proceedings of the 12th International Conference on Critical Information Infrastructures Security (CRITIS 2017). Springer-Verlag, 2018. p. 131-143 (Lecture Notes in Computer Science; Vol. 10707).

Research output: Chapter in Book/Report/Conference proceedingConference contribution




Applications for developed Supervisory Control And Data Acquisition (SCADA) protocols in several domains, particularly the energy sector, must satisfy hard real-time constraints to ensure the safety of the systems they are deployed on. These systems are highly sensitive to Quality of Service (QoS) violations, but it is not always clear whether a compliant implementation will satisfy the stated QoS in the standard. This paper proposes a framework for studying a protocol’s QoS properties based on a queuing network approach that offers a number of advantages over state machine or model-checking approaches. The authors describe the framework as an instance of a network of M/M/1/K of queues with the block-after-service discipline to allow for the analysis of probabilistic
packet flows in valid protocol runs. This framework allows for the study of denial of service (DoS), performance degradation, and de-synchronisation attacks. The model is validated by a tool allowing automation of queue network analysis and is used to demonstrate a possible breach of the QoS guarantees of the ISO/IEC 61850-7-2 substation automation standard with a de-synchronisation attack.
Original languageEnglish
Title of host publicationProceedings of the 12th International Conference on Critical Information Infrastructures Security (CRITIS 2017)
Number of pages13
ISBN (Electronic)978-3-319-99843-5
ISBN (Print)978-3-319-99842-8
Publication statusPublished - 9 Sep 2018

Publication series

NameLecture Notes in Computer Science
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 28814999