Authentication and Integrity in the Smart Grid: An Empirical Study in Substation Automation Systems

The smart grid is an emerging technology that integrates power infrastructures with information technologies to enable intelligent energy managements. As one of the most important facilities of power infrastructures, electrical substations undertake responsibilities of energy transmissions and distributions by operating interconnected electrical devices in a coordinated manner. Accordingly, it imposes a great challenge on information security, since any falsifications may trigger mal-operations, and result in damages to power usage. In this paper, we aim at authentication and integrity protections in substation automation systems (SAS), by an experimental approach on a small scale SAS prototype, in which messages are transmitted with commonly-used data origin authentication schemes, such as RSA, Message Authentication Code, and One-Time Signature. Through experimental results, we find that, current security solutions cannot be applied directly into the SAS due to insufficient performance considerations in response to application constraints, including limited device computation capabilities, stringent timing requirements and high data sampling rates. Moreover, intrinsic limitations of security schemes, such as complicated computations, shorter key valid time and limited key supplies, can easily be hijacked by malicious attackers, to undermine message deliveries, thus becoming security vulnerabilities. Our experimental results demonstrate guidelines in design of novel security schemes for the smart grid.