IEC 61850.

An international standard for communications inside electrical substations, covering object-oriented data models (LNs), high-speed messaging (GOOSE), sampled-values measurements (SV), and MMS-based client/server traffic. 它属于网络安全的 OT / ICS / 物联网 分类。

An international standard for communications inside electrical substations, covering object-oriented data models (LNs), high-speed messaging (GOOSE), sampled-values measurements (SV), and MMS-based client/server traffic.

IEC 61850 is the international standard family for communications in electrical substation automation, first published in 2003 and now the dominant protocol stack in modern substations. It specifies an object-oriented data model — Intelligent Electronic Devices (IEDs) expose Logical Nodes (LNs) such as PIOC (overcurrent protection), XCBR (circuit breaker), MMXU (measurements) — independent of the underlying transport. On the wire it defines three communication services: MMS-based client/server traffic (e.g. SCADA reads), GOOSE multicast peer-to-peer messages used for time-critical protection signaling (trip commands within milliseconds), and Sampled Values (SV) for digital instrument transformer measurements. IEC 61850 typically runs on dedicated process and station Ethernet networks inside a substation, with the corresponding IEC 62351 standard adding authentication, integrity, and (more rarely) encryption. Security concerns include unauthenticated GOOSE/SV by default, denial of service against the protection bus, malicious IED firmware, and inadequate segmentation between the substation LAN and corporate IT. Compromise of IEC 61850 traffic is the engineering primitive behind the 2016 Industroyer attack and remains a primary OT threat model for utilities.

针对 IEC 61850 的防御通常结合技术控制与运营实践,详见上方完整定义。

常见的别称包括: IEC 61850 substation, GOOSE / MMS / SV。