Study of Cybersecurity in Power Automation: Implementation Challenges of IEC 62351 for IEC 61850 Systems

(IEDs) vendors do not support key parts of IEC 62351 (specifically Parts 3, 4, and 6), posing practical challenges for full-scale deployment.

To address this gap, several researchers implement Bump-in-the-Wire (BIW) approach, introducing security functions externally without requiring modifications to legacy IEDs. This methodology allows for the evaluation of IEC 62351 operational effects in a controlled environment while maintaining compatibility with devices that cannot directly support the standard. However, these approaches use minimal setup, which does not mimic the real substation environments. In this paper, a realistic laboratory testbed was established, incorporating IEDs, SCADA/HMI interfaces, engineering workstations, and time-critical station bus networks. BIW solutions are implemented as per 62351 recommendations to study the operational impact of security mechanisms. Measurable performance metrics were defined, including failure detection time, recovery time, message loss, latency, and operator diagnostic effort. Test scenarios included baseline operations, BIW-enabled IEC 62351 configurations, security-triggered failures, and network disturbances, providing quantitative insights.

Based on the demonstrated test cases, it is observed that introducing IEC 62351 recommendations via BIW produces measurable operational overheads such as increased recovery times, additional diagnostic steps, minor latencies, and occasional message rejections during security state transitions. These results highlight that operational manageability, rather than cryptographic performance, is often the limiting factor when deploying cybersecurity measures in live systems. The study emphasizes the importance of phased implementation, detailed operator training, and close collaboration with vendors to ensure that security measures enhance protection without compromising system reliability.