The Easy Button for IEC 61850 Security

Authentication & Encryption for
Routable GOOSE & Sampled Values

Free Webinar - Watch Now!
Previously held on Wednesday, June 29, 2022 at 10 AM EDT

PROBLEM:

Layer 2 GOOSE has long allowed for event-based communication within a substation. As emerging 61850 use cases require communications to extend beyond a single substation, the need for a secure and routable solution has emerged. Secure Routable GOOSE (R-GOOSE) and Routable Sampled Values (R-SV) satisfies the security and communications requirements of the utility industry.

SOLUTION:

Secure R-GOOSE/R-SV requires that publishers and subscribers share a common symmetric key, which is distributed via a mechanism specified in IEC 62351-9. The engineering process of IEC 61850 allows for the configuration of publication groups, destination addresses for the publications, and addresses for key manage­ment for that group. The System Configuration Tool (SCT) stores this information in an SCL file, which can be leveraged by the Garibaldi Key Distribution Center (KDC) to simplify security configuration.

When integrated with an IEC 61850 device, Triangle MicroWork's KDC Client Source Code Library enables direct communication with a KDC Server, such as Garibaldi, for key exchange. These keys are then used by the IEC 61850 Source Code Library in GOOSE and Sampled Values messages that are configured for authentication or encryption. Leveraging the IEC 61850 & KDC Source Code Li­braries will provide ‘out of the box’ support for Secure R-GOOSE/R-SV.

• Why it's important to use R-GOOSE & R-Sample Values and the need for security and review of real-life use cases
• Learn about Key & Policy Exchange creating a Security Management Plane
• Learn about Pull and Push Re-synchronization as defined by IEC 62351-9
• Discuss IEC 61850 Multicast Security in Real Time Plane
• How to configure Garibaldi Key Distribution Center using SCL to save time & minimize configuration mistakes
• Learn the impacts of security on a simulated system using Distributed Test Manager (DTM)
• Learn how Authentication and Encryption is used to protect against Spoofing, Snooping, and other Man in the Middle Attacks

Instructors:

Mark Adamiak
Principle Consultant
Adamiak Consulting LLC

Mark Adamiak is an independent consultant for the electric power industry.  Mark started his career in the utility business with American Electric Power (AEP) and in mid-career, joined General Electric where his activities have ranged from advanced development, product planning, application engineering, and system integration in the Protection and Control industry.  Mr. Adamiak is an original member of the IEC61850 WG, a Life Fellow of the IEEE, a registered Professional Engineer in the State of Ohio and a GE Edison award winner.  Mark was the Principal Investigator for the EPRI IntelliGrid project to develop a reference architecture for the Smart Grid. In 2012, Mr. Adamiak was elected to the US National Academy of Engineering.

Herb Falk
Managing Director
Outside The Box Consulting Services

Mr. Falk has over 40 years of experience working in the automation, information exchange, standardization activities, and systems integration.  Previous employment was Westinghouse Numa-Logic and SISCO where he was responsible for 61850 and CIM integration projects and products.  Mr. Falk has been involved with IEC 61850 technology since 1982 and cyber security since 1993.  Mr. Falk is an editor of IEC 61850-8-1, editor of several cyber security standards, and is the Vice President of Testing for the UCA International Users Group (UCA Iug) . His work for His work for the UCA Iug has involved the coordination of IEC 61850 interoperability testing in 2011, 2013, 2015, and 2017.

Jackson Moore
Applications Engineer
Triangle MicroWorks, Inc.

Jackson received B.S. degrees in Electrical Engineering and Computer Engineering from North Carolina State University and has a background in power systems engineering. Prior to joining Triangle Microworks, Jackson spent five years as a Microgrid Systems Engineer, where he designed and developed load management control systems for multi-source microgrids ranging from 1MW to 30MW. In his current role of Application Engineer, Jackson serves as a bridge between our customers and our development team, seeking to understand and solve the unique and complex challenges our clients face.