Researchers in Spain have proposed using time sensitive networking technology to provide more secure power smart grids.
As the power grid is critical infrastructure, it needs to be protected against cyberattacks. IEC 61850 has been the standard to digitize power substations, independent of underlying protocols, and provides flexibility, reconfigurability, and interoperability, but it does not include specific cyber protection.
On the other hand, Time-sensitive networking (TSN), the deterministic Ethernet solution has merged operational and information technologies in those digitized substations. Nevertheless, both standards have open the door to new specific vulnerabilities in this critical energy sector, such as potential cyberattacks on the synchronization plane and the real-time traffic.
The researchers at the University of the Basque Country (UPV/EHU) in Bilbao and System-on-Chip Engineering in Erandio have used the security mechanisms from IEC 62351-, and applied to time-sensitive networking.
However, TSN has some particularities that need to be taken into account. The synchronization is the base of its functionality, and this depends on IEEE 1588. The security of IEEE 1588 is not straightforward, and the current commercial equipment cannot ensure adequate protection over the multiple vulnerabilities of this standard.
Moreover, some TSN traffic, such as the scheduled type, is strict real time that requires arriving at the listener before a definite time boundary. Therefore, the latency introduced by every node must be minimized (and globally deterministic). If encryption and authentication need to be applied to this traffic, the performance of regular microprocessor-based embedded systems is an issue
This tunnelling through the scheduled traffic minimises the latency in delivering messages but creates problems for cybersecurity as the messages cannot be thoroughly analyzed before been forwarded. This means non-authenticated, hostile traffic could be injected into the network for malicious purposes.
As TSN separates real-time data from the rest, it allows for the exploitation of usual security resources on non-critical traffic, in addition to its normal redundancy, as another protection. IEC 62351 sets some