Cyber Threat Extenuation for Substation Data Communication: Evaluation of Encrypt-Authenticator Prototype for IEC 60870–5 Data

Data communicated at many existing secondary electrical substations is currently not encrypted. In order to improve their data security level, a low-cost cryptography prototype is proposed. Both lightweight and conventional crypto-algorithm types are chosen to encrypt, authenticate and encrypt-authenticate data packets of IEC 60870–5, the data protocol being used at most substations. Implementations of selected algorithms are on a programmable logic arrays (FPGA) to meet communication time sensitivity while employing an eight-bit processor. The FPGA implementations are optimized for speed rather than footprint. The processor is mainly to handle processing of data packets either coming from or going into substation devices. The performance in term of latency for both the conventional and lightweight cryptography is evaluated to meet different data transmission speeds. The lightweight encryption has lower latency compared to the conventional one, while both types of authentication algorithms yield similar latency as expected.