Skip to main content
Springer Nature Link
Log in

Emulation of IEC 60870-5-104 Communication in Digital Secondary Substations

  • Conference paper
  • First Online:
Intelligent Technologies and Applications (INTAP 2021)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1616))

Included in the following conference series:

  • 935 Accesses

  • 1 Citation

Abstract

This paper describes two methods of emulation of digital secondary substations and their communication to the control center via the IEC 60870-5-104 protocol. The first method describes use of Mininet network emulator, which omits certain minor networking features, but can create the topology very efficiently. The second method describes use of virtual machines, which can be interconnected to achieve the full functionality including router devices and VPN connections.

An open source library libIEC60870-5 is used for communication between substations and the control center. The library is analyzed and compared to real traffic provided by Norwegian National Smart Grid Laboratory. Based on found differences, the paper provides information of how to modify the library in order to create messages identical to the real traffic. These messages can be used to verify the substation behavior, or for security penetration testing by creating messages with spoofed temperature or multimeter sensor values.

This work was funded by the Research Council of Norway, Innovation Project for the Industrial Sector - ENERGIX program, project number 296381 (Security of supply in smartgrids with interacting digital systems).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+
from €37.37 /Month
  • Starting from 10 chapters or articles per month
  • Access and download chapters and articles from more than 300k books and 2,500 journals
  • Cancel anytime
View plans

Buy Now

Chapter
EUR 29.95
Price includes VAT (Norway)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
EUR 85.59
Price includes VAT (Norway)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
EUR 99.99
Price excludes VAT (Norway)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Explore related subjects

Discover the latest articles, books and news in related subjects, suggested using machine learning.

References

  1. Grammatikis, P.R., Sarigiannidis, P., Sarigiannidis, A., Margounakis, D., Tsiakalos, A., Efstathopoulos, G.: An anomaly detection mechanism for IEC 60870-5-104. In: 2020 9th International Conference on Modern Circuits and Systems Technologies (MOCAST), pp. 1–4, September 2020. https://doi.org/10.1109/MOCAST49295.2020.9200285

  2. Holik, F.: DSS (2021). https://github.com/filipholik/DSS. Accessed 26 Aug 2021

  3. IEC 60870-5-104:2006 (2016). https://webstore.iec.ch/publication/25035. Accessed 01 Mar 2021

  4. Introduction to the IEC 60870-5-104 standard (2021). https://www.ensotest.com/iec-60870-5-104/introduction-to-the-iec-60870-5-104-standard/. Accessed 22 Mar 2021

  5. Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks, p. 19 (2010). https://doi.org/10.1145/1868447.1868466

  6. libIEC61850/lib60870-5 (2020). https://libiec61850.com/libiec61850/about/. Accessed 01 Mar 2021

  7. Mai, K., Qin, X., Ortiz Silva, N., Cardenas, A.A.: IEC 60870–5-104 network characterization of a large-scale operational power grid. In: 2019 IEEE Security and Privacy Workshops (SPW), pp. 236–241, May 2019. https://doi.org/10.1109/SPW.2019.00051

  8. Mininet (2018). http://mininet.org/. Accessed 25 Feb 2021

  9. Musil, P., Mlynek, P.: Overview of communication scenarios for IEC 60870-5-104 substation model. In: 2020 21st International Scientific Conference on Electric Power Engineering (EPE), pp. 1–4, October 2020. https://doi.org/10.1109/EPE51172.2020.9269173

  10. Omerovic, A., Vefsnmo, H., Gjerde, O., Ravndal, S.T., Kvinnesland, A.: An industrial trial of an approach to identification and modelling of cybersecurity risks in the context of digital secondary substations. In: Kallel, S., Cuppens, F., Cuppens-Boulahia, N., Hadj Kacem, A. (eds.) CRiSIS 2019. LNCS, vol. 12026, pp. 17–33. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-41568-6_2

    Chapter  Google Scholar 

  11. Oracle VM VirtualBox (2021). https://www.virtualbox.org/, last accessed 05 Mar 2021

  12. Radoglou-Grammatikis, P., Sarigiannidis, P., Giannoulakis, I., Kafetzakis, E., Panaousis, E.: Attacking IEC-60870-5-104 SCADA systems. In: 2019 IEEE World Congress on Services (SERVICES), vol. 2642–939X, pp. 41–46, July 2019. https://doi.org/10.1109/SERVICES.2019.00022

  13. Salazar, L., Ortiz, N., Qin, X., Cardenas, A.A.: Towards a high-fidelity network emulation of IEC 104 SCADA systems. In: Proceedings of the 2020 Joint Workshop on CPS; IoT Security and Privacy, CPSIOTSEC 2020, pp. 3–12. Association for Computing Machinery, New York (2020). https://doi.org/10.1145/3411498.3419969

  14. Smart Grid Laboratory - SINTEF (2017). https://www.sintef.no/en/all-laboratories/smartgridlaboratory/. Accessed 15 Mar 2021

  15. Wireshark (2021). https://www.wireshark.org/. Accessed 15 Mar 2021

Download references

Author information

Authors and Affiliations

  1. Norwegian University of Science and Technology, 2815, Gjøvik, Norway

    Filip Holik, Doney Abraham & Sule Yildirim Yayilgan

Authors
  1. Filip Holik
    View author publications

    Search author on:PubMed Google Scholar

  2. Doney Abraham
    View author publications

    Search author on:PubMed Google Scholar

  3. Sule Yildirim Yayilgan
    View author publications

    Search author on:PubMed Google Scholar

Corresponding author

Correspondence to Filip Holik .

Editor information

Editors and Affiliations

  1. University of Agder (UiA), Grimstad, Norway

    Filippo Sanfilippo

  2. University of Agder (UiA), Grimstad, Norway

    Ole-Christoffer Granmo

  3. Norwegian University of Science and Technology (NTNU), Gjøvik, Norway

    Sule Yildirim Yayilgan

  4. The Islamia University of Bahawalpur (IUB), Bahawalpur, Pakistan

    Imran Sarwar Bajwa

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Holik, F., Abraham, D., Yayilgan, S.Y. (2022). Emulation of IEC 60870-5-104 Communication in Digital Secondary Substations. In: Sanfilippo, F., Granmo, OC., Yayilgan, S.Y., Bajwa, I.S. (eds) Intelligent Technologies and Applications. INTAP 2021. Communications in Computer and Information Science, vol 1616. Springer, Cham. https://doi.org/10.1007/978-3-031-10525-8_19

Download citation

Keywords

Publish with us

Policies and ethics

Profiles

  1. Sule Yildirim Yayilgan View author profile