As a continuous process of extending the functionality of 61850 products family, JPEmbedded implemented support for routable GOOSE (R-GOOSE) feature. The advantage of R-GOOSE is that it allows to deliver data beyond local (LAN) networks. It facilitates implementation of centralized systems overlooking operation of the infrastructure on wide geographical areas.
As a transport protocol R-GOOSE is using multicast UDP/IP. Since GOOSE messages might be sent over public IP networks, there is a need to provide adequate cyber security means for both authentication of data source and encryption of data content.
R-GOOSE implementation by JPEmbedded supports GDOI protocol (described by RFC 6407) used for key negotiation between IDE and Key Distribution Center (KDC) and most popular encryption algorithms like AES-CBC or 3DES-CBC.
From developer perspective there is no difference between enabling GOOSE or R-GOOSE in given IED application, so migration of existing applications using GOOSE to R-GOOSE is smooth and easy. In most cases enabling R-GOOSE for IED will mean generation of certificates required for key negotiation and update of CID file which defines a multicast group to which R-GOOSE messages shall be delivered.
R-Goose communication between Intelligent Electronic Devices (IEDs) in distribution automation systems (DAS) is defined in IEC 61850-8-1 and cybersecurity issues related to multicast groups are specified by IEC 62351-9.
If you would like to know more about our R-GOOSE implementation please contact us at firstname.lastname@example.org.