A Novel Network Modeling and Evaluation Approach for Security Vulnerability Quantification in Substation Automation Systems

With the proliferation of smart grids and the construction of various electric IT systems and networks, a next-generation substation automation system (SAS) based on IEC 61850 has been agreed upon as a core element of smart grids. However, research on security vulnerability analysis and quantification for automated substations is still in the preliminary phase. In particular, it is not suitable to apply existing security vulnerability quantification approaches to IEC 61850-based SAS because of its heterogeneous characteristics. In this paper, we propose an IEC 61850based SAS network modeling and evaluation approach for security vulnerability quantification. The proposed approach uses network-level and device groupings to categorize the characteristic of the SAS. In addition, novel attack scenarios are proposed through a zoning scheme to evaluate the network model. Finally, an MTTC (Mean Time-to-Compromise) scheme is used to verify the proposed network model using a sample attack scenario. key words: IEC 61850, substation automation system, security vulnerability quantification, smart grid, IEC 62351, CVSS, MTTC