Analysis and implementation of message authentication code (MAC) algorithms for GOOSE message security

Abstract

There is growing awareness towards cybersecurity threats in power systems. IEC 61850 standard facilitates communication between different Intelligent Electronic devices (IEDs) and eases interoperable operation with set data and message structures. An unwanted consequence of this standardized communication over ethernet is increased viability to cyber threats. The IEC 62351-6 standard stipulates the use of digital signatures for ensuring integrity in IEC 61850 message exchanges. However, the digital signatures result in higher computational times which makes it very difficult to use for Generic Object-Oriented Substation Events (GOOSE) messages. This short communication article proposes implementation of the Message Authentication Code (MAC) algorithms, such as Hash-based Message Authentication Code (HMAC) and Advanced Encryption Standard-Galois Message Authentication Code (AES-GMAC), for GOOSE message integrity. Lab tests are run to observe their timing performances and feasibility for GOOSE.