{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,18]],"date-time":"2026-06-18T13:48:12Z","timestamp":1781790492792,"version":"3.54.5"},"reference-count":39,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2021,2,23]],"date-time":"2021-02-23T00:00:00Z","timestamp":1614038400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100001790","name":"Central Queensland University","doi-asserted-by":"publisher","award":["HE3341"],"award-info":[{"award-number":["HE3341"]}],"id":[{"id":"10.13039\/501100001790","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>IEC 61850 is one of the most prominent communication standards adopted by the smart grid community due to its high scalability, multi-vendor interoperability, and support for several input\/output devices. Generic Object-Oriented Substation Events (GOOSE), which is a widely used communication protocol defined in IEC 61850, provides reliable and fast transmission of events for the electrical substation system. This paper investigates the security vulnerabilities of this protocol and analyzes the potential impact on the smart grid by rigorously analyzing the security of the GOOSE protocol using an automated process and identifying vulnerabilities in the context of smart grid communication. The vulnerabilities are tested using a real-time simulation and industry standard hardware-in-the-loop emulation. An in-depth experimental analysis is performed to demonstrate and verify the security weakness of the GOOSE publish-subscribe protocol towards the substation protection within the smart grid setup. It is observed that an adversary who might have familiarity with the substation network architecture can create falsified attack scenarios that can affect the physical operation of the power system. Extensive experiments using the real-time testbed validate the theoretical analysis, and the obtained experimental results prove that the GOOSE-based IEC 61850 compliant substation system is vulnerable to attacks from malicious intruders.<\/jats:p>","DOI":"10.3390\/s21041554","type":"journal-article","created":{"date-parts":[[2021,2,23]],"date-time":"2021-02-23T20:19:36Z","timestamp":1614111576000},"page":"1554","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":72,"title":["Vulnerability and Impact Analysis of the IEC 61850 GOOSE Protocol in the Smart Grid"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2063-9197","authenticated-orcid":false,"given":"Haftu Tasew","family":"Reda","sequence":"first","affiliation":[{"name":"Department of Computer Science and IT, La Trobe University, Plenty Rd., Bundoora 3086, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3016-1695","authenticated-orcid":false,"given":"Biplob","family":"Ray","sequence":"additional","affiliation":[{"name":"Centre for Intelligent Systems (CIS), School of Engineering and Technology, CQUniversity, Rockhampton 4700, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0036-9951","authenticated-orcid":false,"given":"Pejman","family":"Peidaee","sequence":"additional","affiliation":[{"name":"Department of Electrical and Electronics Engineering, Victoria University, Ballarat Rd., Footscray 3011, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3916-1381","authenticated-orcid":false,"given":"Adnan","family":"Anwar","sequence":"additional","affiliation":[{"name":"School of IT, Deakin University, 75 Pigdons Rd, Waurn Ponds 3216, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-8340-1058","authenticated-orcid":false,"given":"Abdun","family":"Mahmood","sequence":"additional","affiliation":[{"name":"Department of Computer Science and IT, La Trobe University, Plenty Rd., Bundoora 3086, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5933-6380","authenticated-orcid":false,"given":"Akhtar","family":"Kalam","sequence":"additional","affiliation":[{"name":"Department of Electrical and Electronics Engineering, Victoria University, Ballarat Rd., Footscray 3011, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5469-8104","authenticated-orcid":false,"given":"Nahina","family":"Islam","sequence":"additional","affiliation":[{"name":"Centre for Intelligent Systems (CIS), School of Engineering and Technology, CQUniversity, Rockhampton 4700, Australia"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2021,2,23]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Angulo, I., Arrinda, A., Fern\u00e1ndez, I., Uribe-P\u00e9rez, N., Arechalde, I., and Hern\u00e1ndez, L. (2016, January 4\u20138). A review on measurement techniques for non-intentional emissions above 2 kHz. Proceedings of the 2016 IEEE International Energy Conference (ENERGYCON), Leuven, Belgium.","DOI":"10.1109\/ENERGYCON.2016.7513893"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Uribe-P\u00e9rez, N., Angulo, I., Hern\u00e1ndez-Callejo, L., Arzuaga, T., De la Vega, D., and Arrinda, A. (2016). Study of unwanted emissions in the CENELEC-A band generated by distributed energy resources and their influence over narrow band power line communications. Energies, 9.","DOI":"10.20944\/preprints201609.0108.v1"},{"key":"ref_3","unstructured":"Anwar, A., and Mahmood, A.N. (2014). Cyber security of smart grid infrastructure. arXiv."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"5643","DOI":"10.1109\/TII.2019.2956734","article-title":"A Review of IEC 62351 Security Mechanisms for IEC 61850 Message Exchanges","volume":"16","author":"Hussain","year":"2020","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"3299","DOI":"10.1109\/TII.2017.2740324","article-title":"Ensuring data integrity of OPF module and energy database by detecting changes in power flow patterns in smart grids","volume":"13","author":"Anwar","year":"2017","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1799","DOI":"10.1109\/TII.2019.2923714","article-title":"Enhancing power grid resilience through an IEC61850-based ev-assisted load restoration","volume":"16","author":"Jamborsalamati","year":"2019","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_7","unstructured":"Barrett, M.P. (2018). Framework for Improving Critical Infrastructure Cybersecurity, National Institute of Standards and Technology. Technic Report."},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"2442","DOI":"10.1109\/TII.2017.2770096","article-title":"Toward threat of implementation attacks on substation security: Case study on fault detection and isolation","volume":"14","author":"Chattopadhyay","year":"2017","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_9","unstructured":"Adamiak, M., Baigent, D., and Mackiewicz, R. (2010). IEC 61850 communication networks and systems in substations. Prot. Control. J. Smart Grid, 61\u201368. Available online: www.ucaiug.org\/Meetings\/CIGRE_2014\/USB%20Promo%20Content\/GE%20Digital%20Energy\/Whitepapers\/IEC%2061850%20Communication%20Networks%20and%20Systems%20in%20Substations.pdf."},{"key":"ref_10","unstructured":"Code, P., and Prix, C. (2011). Communication Networks and Systems for Power Utility Automation\u2013Part 8-1: Specific Communication Service Mapping (SCSM)\u2013Mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO\/IEC 8802-3 R\u00e9seaux et syst\u00e8mes de Communication Pour l\u2019Automatisation des Syst\u00e8mes \u00e9lectriques\u2013, International Electrotechnical Commission."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"1436","DOI":"10.1109\/TII.2012.2217977","article-title":"IEC61850\u2013based systems\u2014Functional testing and interoperability issues","volume":"9","author":"Manassero","year":"2012","journal-title":"IEEE Trans. Ind. Inform."},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Youssef, T.A., El Hariri, M., Bugay, N., and Mohammed, O. (2016, January 7\u201310). IEC 61850: Technology standards and cyber-threats. Proceedings of the 2016 IEEE 16th International Conference on Environment and Electrical Engineering (EEEIC), Florence, Italy.","DOI":"10.1109\/EEEIC.2016.7555647"},{"key":"ref_13","unstructured":"IEEE Substation Committee (2017). IEEE Recommended Practice for Implementing an IEC 61850-Based Substation Communications, Protection, Monitoring and Control System, IEEE Substation Committee."},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Nimma, K.S., and Faraj, S.N. (2018). Modeling intelligent control switch iec 61850 based substation automation communication. Appl. Syst. Innov., 1.","DOI":"10.3390\/asi1010007"},{"key":"ref_15","unstructured":"Draffin, C. (2021, January 06). Cybersecurity White Paper. Available online: http:\/\/energy.mit.edu\/wp-content\/uploads\/2017\/07\/Cybersecurity-White-Paper.pdf."},{"key":"ref_16","unstructured":"Cleveland, F. (2012). Iec tc57 wg15: Iec 62351 Security Standards for the Power System Information Infrastructure, International Electrotechnical Commission. White Paper."},{"key":"ref_17","unstructured":"Code, P. (2021, January 06). Communication Networks and Systems in Substations\u2013Part 5: Communication Requirements for Functions and Device Models. Available online: https:\/\/webstore.iec.ch\/preview\/info_iec61850-5%7Bed1.0%7Den.pdf."},{"key":"ref_18","doi-asserted-by":"crossref","first-page":"107233","DOI":"10.1016\/j.comnet.2020.107233","article-title":"Towards formal verification of IoT protocols: A Review","volume":"174","year":"2020","journal-title":"Comput. Netw."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1007\/s00165-012-0269-9","article-title":"Formal verification of security protocol implementations: A survey","volume":"26","author":"Avalle","year":"2014","journal-title":"Form. Asp. Comput."},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"139","DOI":"10.1016\/j.tcs.2006.08.034","article-title":"Injective synchronisation: An extension of the authentication hierarchy","volume":"367","author":"Cremers","year":"2006","journal-title":"Theor. Comput. Sci."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Elgargouri, A., and Elmusrati, M. (2017, January 20\u201322). Analysis of cyber-attacks on IEC 61850 networks. Proceedings of the 2017 IEEE 11th International Conference on Application of Information and Communication Technologies (AICT), Moscow, Russia.","DOI":"10.1109\/ICAICT.2017.8686894"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Elgargouri, A., Virrankoski, R., and Elmusrati, M. (2015, January 17\u201319). IEC 61850 based smart grid security. Proceedings of the 2015 IEEE International Conference on Industrial Technology (ICIT), Seville, Spain.","DOI":"10.1109\/ICIT.2015.7125460"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Xu, Y., Yang, Y., Li, T., Ju, J., and Wang, Q. (2017, January 26\u201328). Review on cyber vulnerabilities of communication protocols in industrial control systems. Proceedings of the 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2), Beijing, China.","DOI":"10.1109\/EI2.2017.8245509"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Hoyos, J., Dehus, M., and Brown, T.X. (2012, January 20\u201323). Exploiting the GOOSE protocol: A practical attack on cyber-infrastructure. Proceedings of the 2012 IEEE Globecom Workshops, Auckland, New Zealand.","DOI":"10.1109\/GLOCOMW.2012.6477809"},{"key":"ref_25","unstructured":"Kush, N.S., Ahmed, E., Branagan, M., and Foo, E. (2014, January 20\u201323). Poisoned GOOSE: Exploiting the GOOSE protocol. Proceedings of the Twelfth Australasian Information Security Conference (AISC 2014) [Conferences in Research and Practice in Information Technology, Volume 149], Auckland, New Zealand."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Kabir-Querrec, M., Mocanu, S., Thiriet, J.M., and Savary, E. (2016, January 6\u20139). A test bed dedicated to the study of vulnerabilities in IEC 61850 power utility automation networks. Proceedings of the 2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA), Berlin, Germany.","DOI":"10.1109\/ETFA.2016.7733644"},{"key":"ref_27","first-page":"236","article-title":"Implementation of Secure GOOSE Protocol using HSM","volume":"260","author":"Kim","year":"2013","journal-title":"Appl. Mech. Mater."},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"708","DOI":"10.15837\/ijccc.2013.5.329","article-title":"A detailed analysis of the GOOSE message structure in an IEC 61850 standard-based substation automation system","volume":"8","author":"Kriger","year":"2013","journal-title":"Int. J. Comput. Commun. Control."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Yang, Y., Jiang, H., McLaughlin, K., Gao, L., Yuan, Y., Huang, W., and Sezer, S. (2015, January 26\u201330). Cybersecurity test-bed for IEC 61850 based smart substations. Proceedings of the 2015 IEEE Power & Energy Society General Meeting, Denver, CO, USA.","DOI":"10.1109\/PESGM.2015.7286357"},{"key":"ref_30","unstructured":"Tebekaemi, E., and Wijesekera, D. (2016, January 9\u201313). Designing an IEC 61850 based power distribution substation simulation\/emulation testbed for cyber-physical security studies. Proceedings of the First International Conference on Cyber-Technologies and Cyber-Systems, Venice, Italy."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Fovino, I.N., Carcano, A., De Lacheze Murel, T., Trombetta, A., and Masera, M. (2010, January 20\u201323). Modbus\/DNP3 State-Based Intrusion Detection System. Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications, Perth, Australia.","DOI":"10.1109\/AINA.2010.86"},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Clarke, G., Reynders, D., and Wright, E. (2004). Practical Modern SCADA Protocols: DNP3, 60870.5 and Related Systems, Newnes.","DOI":"10.1016\/B978-075065799-0\/50019-X"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Kanabar, M., Cioraca, A., and Johnson, A. (2016, January 4\u20137). Wide area protection & control using high-speed and secured routable goose mechanism. Proceedings of the 69th Annual Conference for Protective Relay Engineers (CPRE) IEEE, College Station, TX, USA.","DOI":"10.1109\/CPRE.2016.7914928"},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"544","DOI":"10.1109\/JIOT.2016.2572729","article-title":"Secure object tracking protocol for the Internet of Things","volume":"3","author":"Ray","year":"2016","journal-title":"IEEE Internet Things J."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"838","DOI":"10.1016\/j.future.2017.02.020","article-title":"Universal and secure object ownership transfer protocol for the Internet of Things","volume":"78","author":"Ray","year":"2018","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_36","unstructured":"Foley, S.N., Gollmann, D., and Snekkenes, E. (2017). Secure Authentication in the Grid: A Formal Analysis of DNP3: SAv5, Springer International Publishing. Computer Security\u2013ESORICS 2017."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Cremers, C., and Mauw, S. (2012). Operational Semantics and Verification of Security Protocols, Springer.","DOI":"10.1007\/978-3-540-78636-8"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Peidaee, P., Kalam, A., and Shi, J. (2018, January 27\u201330). A Real-Time Simulation Framework for System Protection in Smart Grid Applications. Proceedings of the 2018 Australasian Universities Power Engineering Conference (AUPEC), Auckland, New Zealand.","DOI":"10.1109\/AUPEC.2018.8757972"},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Peidaee, P., Kalam, A., and Moghaddam, M.H. (2017, January 19\u201322). Developing a simulation framework for integrating multi-agent protection system into smart grids. Proceedings of the 2017 Australasian Universities Power Engineering Conference (AUPEC), Melbourne, Australia.","DOI":"10.1109\/AUPEC.2017.8282427"}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/4\/1554\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:27:16Z","timestamp":1760160436000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/4\/1554"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,2,23]]},"references-count":39,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2021,2]]}},"alternative-id":["s21041554"],"URL":"https:\/\/doi.org\/10.3390\/s21041554","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,2,23]]}}}