saucis Sakarya University Journal of Computer and Information Sciences 2636-8129 Sakarya University 10.35377/saucis...1754929 Computer Software Bilgisayar Yazılımı Firmware Analyzer of Intelligent Electronic Devices in Substations Based on Vulnerability Databases https://orcid.org/0000-0002-8121-1234 Gargouri Khouloud Sakarya Üniversitesi Bilgisayar ve Bilişim Bilimleri Fakültesi https://orcid.org/0000-0002-8210-5070 İskefiyeli Murat Sakarya Üniversitesi Bilgisayar ve Bilişim Bilimleri Fakültesi 09 30 2025 8 3 553 569 07 31 2025 09 08 2025 Copyright © 2018, Sakarya University Journal of Computer and Information Sciences 2018 Sakarya University Journal of Computer and Information Sciences

In recent years, with the acceleration of digitalization, Intelligent Electronic Devices (IEDs) used particularly in energy transmission and distribution infrastructures have become one of the primary targets of cyber-attacks. This has made the detection and management of vulnerabilities in IEDs more challenging. Most energy system operators rely on security advisories published by vendors to identify security vulnerabilities. This study presents an approach aimed at automating this process. Manufacturer, model, hardware, and software version information of the devices is passively obtained from SCL files compliant with the IEC 61850 standard, and this data is correlated with the NVD, CWE, and vendor security bulletins to generate a comprehensive vulnerability report. In the implementations carried out in the CENTER-SAÜ test environment, the developed system was observed to produce accurate and complete results. The reports include the identified vulnerabilities and the risk level, attack vector, affected versions, patches and recommended mitigation measures for each vulnerability.

 Passive Vulnerability Scanning Configuration Analysis Intelligent Electronic Devices Energy System AFAD, 2014-2023 Kritik Altyapıların Korunması: Yol Haritası Belgesi. 2014. A. Pinto, L.-C. Herrera, Y. Donoso, and J. A. Gutierrez, “Survey on Intrusion Detection Systems Based on Machine Learning Techniques for the Protection of Critical Infrastructure,” Sensors, vol. 23, no. 5, p. 2415, Feb. 2023, doi: 10.3390/s23052415. P. E. Weerathunga and A. Cioraca, “Securing IEDs against cyber threats in critical substation automation and industrial control systems,” in 2017 70th Annual Conference for Protective Relay Engineers (CPRE), Apr. 2017, pp. 1–20, doi: 10.1109/CPRE.2017.8090048. K. Stouffer, V. Pillitteri, S. Lightman, M. Abrams, and A. Hahn, “Guide to Industrial Control Systems (ICS) Security,” Gaithersburg, MD, Jun. 2015. doi: 10.6028/NIST.SP.800-82r2. TEİAŞ, “GRAFİK VI.I- TÜRKİYE İLETİM HAT UZUNLUKLARININ GELİŞİMİ (2013-2023),” 2024. [Online]. Available: https://www.teias.gov.tr/turkiye-elektrik-uretim-iletim-istatistikleri. TEİAŞ, “GRAFİK VI.III- TÜRKİYE TRAFO ADETLERİNİN GELİŞİMİ (2013-2023),” 2024. [Online]. Available: https://www.teias.gov.tr/turkiye-elektrik-uretim-iletim-istatistikleri. TEDAŞ, “2023 Yılı Türki̇ye Elektri̇k Dağıtımı Sektör Raporu,” 2024. [Online]. Available: https://www.tedas.gov.tr/FileUpload/MediaFolder/25819eac-d024-4308-891a-d248db8c1e0a.pdf. A. Abedi, L. Gaudard, and F. Romerio, “Review of major approaches to analyze vulnerability in power systems,” Reliab. Eng. Syst. Saf., vol. 183, no. November, pp. 153–172, Mar. 2019, doi: 10.1016/j.ress.2018.11.019. CISA, “Cyber-Attack Against Ukrainian Critical Infrastructure,” ICS Alert, 2021. https://www.cisa.gov/news-events/ics-alerts/ir-alert-h-16-056-01 (accessed Jul. 14, 2025). ISA, “Ukrainian power grids cyberattack,” ISA’s Flagship Publications, 2017. https://www.isa.org/intech-home/2017/march-april/features/ukrainian-power-grids-cyberattack. V. S. Rajkumar, M. Tealane, A. Stefanov, and P. Palensky, “Cyber attacks on protective relays in digital substations and impact analysis,” 8th Work. Model. Simul. Cyber-Physical Energy Syst. MSCPES 2020 - Proc., 2020, doi: 10.1109/MSCPES49613.2020.9133698. P. E. Weerathunga and A. Cioraca, “The importance of testing Smart Grid IEDs against security vulnerabilities,” 69th Annu. Conf. Prot. Relay Eng. CPRE 2016, pp. 1–21, 2017, doi: 10.1109/CPRE.2016.7914920. IEEE, “Cybersecurity of Critical Infrastructure with ICS/SCADA Systems,” IEEE Public Safety Technology. https://publicsafety.ieee.org/topics/cybersecurity-of-critical-infrastructure-with-ics-scada-systems/ (accessed Jul. 15, 2025). Y. Xia, J. Wang, C. Liu, and K. Yu, “Design and Implementation of Vulnerability Scanning Tools for Intelligent Substation Industrial Control System Based on Openvas,” IOP Conf. Ser. Earth Environ. Sci., vol. 440, no. 4, p. 042031, Feb. 2020, doi: 10.1088/1755-1315/440/4/042031. K. Stouffer et al., “Guide to Operational Technology (OT) security,” Sep. 2023. doi: 10.6028/NIST.SP.800-82r3. M. Bristow, “A SANS 2021 Survey: OT/ICS Cybersecurity.” [Online]. Available: https://www.sans.org/white-papers/SANS-2021-Survey-OTICS-Cybersecurity/. H. Ecik, “Comparison of Active Vulnerability Scanning vs. Passive Vulnerability Detection,” in 2021 International Conference on Information Security and Cryptology (ISCTURKEY), Dec. 2021, no. December, pp. 87–92, doi: 10.1109/ISCTURKEY53027.2021.9654331. D. Kennedy, J. O’Gorman, D. Kearns, and M. Aharoni, Metasploit: The Penetration Tester’s Guide. William Pollock, 2011. B. Filkins and D. Wylie, “SANS 2019 State of OT/ICS Cybersecurity Survey,” 2019. [Online]. Available: https://sansorg.egnyte.com/dl/6hWfMGKRKWqx. NIST, “Minimum security requirements for federal information and information systems,” 2006. doi: 10.6028/NIST.FIPS.200. S. Samtani, S. Yu, H. Zhu, M. Patton, and H. Chen, “Identifying SCADA vulnerabilities using passive and active vulnerability assessment techniques,” in 2016 IEEE Conference on Intelligence and Security Informatics (ISI), Sep. 2016, pp. 25–30, doi: 10.1109/ISI.2016.7745438. CVE Numbering Authority (CNA), “Common Vulnerabilities and Exposures,” 2000. https://www.cve.org/ (accessed Jul. 12, 2025). NIST, “NVD Dashboard,” NVD, 2025. https://nvd.nist.gov/general/nvd-dashboard (accessed Jul. 17, 2025). MITRE, “Common Weakness Enumeration (CWE).” https://cwe.mitre.org/ (accessed Jun. 21, 2025). M. El, E. McMahon, S. Samtani, M. Patton, and H. Chen, “Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments,” in 2017 IEEE International Conference on Intelligence and Security Informatics (ISI), Jul. 2017, pp. 83–88, doi: 10.1109/ISI.2017.8004879. M. EL, “Benchmarking vulnerability scanners: An experiment on SCADA devices and scientific instruments,” THE UNIVERSITY OF ARIZONA, 2017. E. McMahon, M. Patton, S. Samtani, and H. Chen, “Benchmarking Vulnerability Assessment Tools for Enhanced Cyber-Physical System (CPS) Resiliency,” in 2018 IEEE International Conference on Intelligence and Security Informatics (ISI), Nov. 2018, vol. 945, no. 05 0, pp. 100–105, doi: 10.1109/ISI.2018.8587353. E. McMahon, “Benchmarking Vulnerability Assessment Tools for Enhanced Cyber-Physical System (CPS) Resiliency,” THE UNIVERSITY OF ARIZONA, 2018. E. Samanis, J. Gardiner, and A. Rashid, “A Taxonomy for Contrasting Industrial Control Systems Asset Discovery Tools,” in Proceedings of the 17th International Conference on Availability, Reliability and Security, Aug. 2022, pp. 1–12, doi: 10.1145/3538969.3538979. L. Pöhler, M. Schuba, T. Höner, S. Hack, and G. Neugebauer, “An Open-Source Approach to OT Asset Management in Industrial Environments,” in Proceedings of the 10th International Conference on Information Systems Security and Privacy, 2024, vol. 1, no. Icissp, pp. 128–136, doi: 10.5220/0012362200003648. NISTIR 7628, “Guidelines for smart grid cybersecurity,” Gaithersburg, MD, Sep. 2014. doi: 10.6028/NIST.IR.7628r1. P. Shirani et al., “BINARM: Scalable and Efficient Detection of Vulnerabilities in Firmware Images of Intelligent Electronic Devices,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 10885 LNCS, 2018, pp. 114–138. L. Collard, “Fingerprinting Vulnerabilities In Intelligent Electronic Device Firmware,” Concordia University, 2018. Q. S. Qassim, N. Jamil, M. Daud, A. Patel, and N. Ja’affar, “A review of security assessment methodologies in industrial control systems,” Inf. Comput. Secur., vol. 27, no. 1, pp. 47–61, 2019, doi: 10.1108/ICS-04-2018-0048. H. Wen, “Vulnerability Assessment of Industrial Control System with an Improved CVSS,” ArXiv Prepr., Jun. 2023, [Online]. Available: http://arxiv.org/abs/2306.08631. M. Alonso, J. Turanzas, H. Amaris, and A. T. Ledo, “Cyber-physical vulnerability assessment in smart grids based on multilayer complex networks,” Sensors, vol. 21, no. 17, 2021, doi: 10.3390/s21175826. W. Shang, T. Gong, J. Hou, J. Lu, and Z. Cao, “Quantitative Evaluation Method for Industrial Control System Vulnerability Based on Improved Expert Elicitation and Fuzzy Set Method,” IEEE Access, vol. 11, no. August, pp. 101007–101019, 2023, doi: 10.1109/ACCESS.2023.3314629. S. Alhasawi, “ICSrank: A Security Assessment Framework for Industrial Control Systems (ICS),” Liverpool John Moores University, 2020. U. D. Ani, J. Watson, H. He, P. Radanliev, and G. Epiphaniou, “Minimising cybersecurity risk exposures in industrial control system environments: a techno-human vulnerability analysis approach,” J. Cyber Secur. Technol., vol. 00, no. 00, pp. 1–40, Nov. 2024, doi: 10.1080/23742917.2024.2421589. C.-L. Hor and P. A. Crossley, “Knowledge Extraction from Intelligent Electronic Devices,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 3400 LNCS, no. November, 2005, pp. 82–111. J. D. McDonald, “Substation automation. IED integration and availability of information,” IEEE Power Energy Mag., vol. 1, no. 2, pp. 22–31, Mar. 2003, doi: 10.1109/MPAE.2003.1192023. M. Abdulrazzaq and Y. Wei, “Industrial Control System (ICS) Network Asset Identification and Risk Management,” HALMSTAD UNIVERSITY, 2018. B. M. R. Amin, M. J. Hossain, A. Anwar, and S. Zaman, “Cyber Attacks and Faults Discrimination in Intelligent Electronic Device-Based Energy Management Systems,” Electronics, vol. 10, no. 6, p. 650, Mar. 2021, doi: 10.3390/electronics10060650. X. Huang, Z. Qin, and H. Liu, “A Survey on Power Grid Cyber Security: From Component-Wise Vulnerability Assessment to System-Wide Impact Analysis,” IEEE Access, vol. 6, pp. 69023–69035, 2018, doi: 10.1109/ACCESS.2018.2879996. J. Wang and D. Shi, “Cyber-Attacks Related to Intelligent Electronic Devices and Their Countermeasures: A Review,” in 2018 53rd International Universities Power Engineering Conference (UPEC), Sep. 2018, pp. 1–6, doi: 10.1109/UPEC.2018.8542059. NIST, “CVE-2020-11907 Detail,” NVD, 2020. https://nvd.nist.gov/vuln/detail/CVE-2020-11907 (accessed May 07, 2024). ABB, “TCP Predictability Vulnerability in Relion® 670 series version 2.0 ABB-VU-PGGA-1MRG019772,” 2016. [Online]. Available: https://publisher.hitachienergy.com/preview?DocumentID=1MRG023264&LanguageCode=en&DocumentPartId=&Action=Launch. NIST, “CVE-2019-12256 Detail,” NVD, 2022. https://nvd.nist.gov/vuln/detail/CVE-2019-12256 (accessed May 15, 2024). ABB, “WindRiver VxWorks IPNet Vulnerabilities , impact on Relion 670 , Relion 650 , SAM600-IO series ABBVU-PGGA-Relion670-1MRG035814 ABBVU-PGGA-Relion650-1MRG035815 ABBVU-PGGA-SAM600-IO-1MRG035816,” 2020. [Online]. Available: https://device.report/m/6b0850dd3f66a375b47f30730f75243a64672806995ae4acdb8d542aaeb4649f.pdf. MITRE, “CWE-20: Improper Input Validation,” CWE, 2023. https://cwe.mitre.org/data/definitions/20.html (accessed Apr. 25, 2024). MITRE, “CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition’),” CWE, 2023. https://cwe.mitre.org/data/definitions/362.html (accessed May 16, 2024). MITRE, “CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow’),” CWE, 2023. https://cwe.mitre.org/data/definitions/120.html (accessed Jun. 29, 2024). MITRE, “CWE-121: Stack-based Buffer Overflow,” CWE, 2023. https://cwe.mitre.org/data/definitions/121.html (accessed May 16, 2024). D. Salmon, M. Zeller, A. Guzman, V. Mynam, and M. Donolo, “Mitigating the Aurora Vulnerability With Existing Technology,” in 36th Annual Western Protective Relay Conference, 2009, no. October 2009, pp. 1–7, [Online]. Available: https://cdn.selinc.com/assets/Literature/Publications/Technical Papers/6392_MitigatingAurora_MZ_20090918_Web.pdf. NCCIC, “IR-ALERT-H-16-043-01AP CYBER-ATTACK AGAINST UKRAINIAN CRITICAL INFRASTRUCTURE,” 2016. [Online]. Available: https://nsarchive.gwu.edu/sites/default/files/documents/4164304/Department-of-Homeland-Security-NCCIS-ICS-CERT.pdf?utm_source=chatgpt.com. S. Sridhar and M. Govindarasu, “Model-Based Attack Detection and Mitigation for Automatic Generation Control,” IEEE Trans. Smart Grid, vol. 5, no. 2, pp. 580–591, Mar. 2014, doi: 10.1109/TSG.2014.2298195. S. Mangalwedekar, S. K. Surve, and H. A. Mangalvedekar, “False Data Injection Attacks and detection scenarios in the power system,” in 2015 Annual IEEE India Conference (INDICON), Dec. 2015, no. 8, pp. 1–6, doi: 10.1109/INDICON.2015.7443817. E.-N. S. Youssef and F. Labeau, “False Data Injection Attacks Against State Estimation in Smart Grids: Challenges and Opportunities,” in 2018 IEEE Canadian Conference on Electrical & Computer Engineering (CCECE), May 2018, vol. 2018-May, no. 1, pp. 1–5, doi: 10.1109/CCECE.2018.8447683. T.-T. Tran, O.-S. Shin, and J.-H. Lee, “Detection of replay attacks in smart grid systems,” in 2013 International Conference on Computing, Management and Telecommunications (ComManTel), Jan. 2013, pp. 298–302, doi: 10.1109/ComManTel.2013.6482409. R. Kalluri, L. Mahendra, R. K. S. Kumar, and G. L. G. Prasad, “Simulation and impact analysis of denial-of-service attacks on power SCADA,” in 2016 National Power Systems Conference (NPSC), Dec. 2016, no. 1, pp. 1–5, doi: 10.1109/NPSC.2016.7858908. Z. Zhang, S. Gong, A. D. Dimitrovski, and H. Li, “Time Synchronization Attack in Smart Grid: Impact and Analysis,” IEEE Trans. Smart Grid, vol. 4, no. 1, pp. 87–98, Mar. 2013, doi: 10.1109/TSG.2012.2227342. X. Jiang, J. Zhang, B. J. Harding, J. J. Makela, and A. D. Dominguez-Garcia, “Spoofing GPS Receiver Clock Offset of Phasor Measurement Units,” IEEE Trans. Power Syst., vol. 28, no. 3, pp. 3253–3262, Aug. 2013, doi: 10.1109/TPWRS.2013.2240706. R. Bulbul, Y. Gong, C.-W. Ten, A. Ginter, and S. Mei, “Impact quantification of hypothesized attack scenarios on bus differential relays,” in 2014 Power Systems Computation Conference, Aug. 2014, pp. 1–7, doi: 10.1109/PSCC.2014.7038497. M. S. Rahman, H. R. Pota, and M. J. Hossain, “Cyber vulnerabilities on agent-based smart grid protection system,” in 2014 IEEE PES General Meeting | Conference & Exposition, Jul. 2014, vol. 2014-Octob, no. October, pp. 1–5, doi: 10.1109/PESGM.2014.6939298. J. Zhang and Y. Dong, “Cyber attacks on remote relays in smart grid,” in 2017 IEEE Conference on Communications and Network Security (CNS), Oct. 2017, vol. 2017-Janua, pp. 1–9, doi: 10.1109/CNS.2017.8228637. M. Niedermaier, T. Hanka, S. Plaga, A. von Bodisco, and D. Merli, “Efficient Passive ICS Device Discovery and Identification by MAC Address Correlation,” in Proceedings of ICS & SCADA 2018, Aug. 2018, pp. 21–30, doi: 10.14236/ewic/ICS2018.3. A. Wedgbury and K. Jones, “Automated Asset Discovery in Industrial Control Systems - Exploring the Problem,” 2015, pp. 73–83, doi: 10.14236/ewic/ICS2015.8. R. Gula, “Passive Vulnerability Detection,” Netw. Secur. Wizards, vol. 9, p. 7, 1999, [Online]. Available: https://markowsky.us/papers/net-papers/gula_passive_vulnerability_detection.pdf. Tenable® Inc, “Plugins,” 2025. https://www.tenable.com/plugins (accessed Jul. 17, 2025). M. Gawron, F. Cheng, and C. Meinel, “PVD: Passive vulnerability detection,” in 2017 8th International Conference on Information and Communication Systems (ICICS), Apr. 2017, pp. 322–327, doi: 10.1109/IACS.2017.7921992. R. Deraison, R. Gula, and T. Hayton, “Passive vulnerability scanning: Introduction to NeVO,” 2003. [Online]. Available: https://ouah.lescigales.org/passive_scanning_tenable.pdf. L. Alberto, B. Sanguino, and R. Uetz, “Software Vulnerability Analysis Using CPE and CVE.” R. J. Thomas, J. Gardiner, T. Chothia, E. Samanis, J. Perrett, and A. Rashid, “Catch Me If You Can: An In-Depth Study of CVE Discovery Time and Inconsistencies for Managing Risks in Critical Infrastructures,” in Proceedings of the 2020 Joint Workshop on CPS&IoT Security and Privacy, Nov. 2020, pp. 49–60, doi: 10.1145/3411498.3419970. M. Bristow, “SANS White Paper - ICS Asset Identification: It’s More Than Just Security,” 2020. [Online]. Available: https://www.sans.org/white-papers/39650/. N. Wallace and B. Proctor, “Passive Real-Time Asset Inventory Tracking and Security Monitoring of Grid-Edge Devices,” in 2018 IEEE/PES Transmission and Distribution Conference and Exposition (T&D), Apr. 2018, vol. 2018-April, doi: 10.1109/TDC.2018.8440434. R. E. Mackiewicz, “Overview of IEC 61850 and Benefits,” in 2006 IEEE PES Power Systems Conference and Exposition, 2006, vol. 57, no. 57, pp. 623–630, doi: 10.1109/PSCE.2006.296392. ABB, 615 series IEC 61850 Engineering Guide, G. ABB, 2012. A. Hadbah, T. S. Ustun, and A. Kalam, “Using IEDScout software for managing multivendor IEC61850 IEDs in substation automation systems,” in 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), Nov. 2014, pp. 67–72, doi: 10.1109/SmartGridComm.2014.7007624. ABB, 630 series IEC 61850 Communication Protocol Manual, A. ABB, 2009. P. Lloret, J. L. Velasquez, L. Molas-Balada, R. Villafafila, A. Sumper, and S. Galceran-Arellano, “IEC 61850 as a flexible tool for electrical systems monitoring,” in 2007 9th International Conference on Electrical Power Quality and Utilisation, Oct. 2007, pp. 1–6, doi: 10.1109/EPQU.2007.4424193. SIEMENS, SIPROTEC 5 Transformer Differential Protection 7UT82, 7UT85, 7UT86, 7UT87 V9.90 and Higher Manual, 11.2024. SIEMENS, 2024. Omicron, “IEDScout: Versatile software tool for working with IEC 61850 devices,” 2024. https://www.omicronenergy.com/en/products/iedscout/ (accessed Jul. 10, 2025). ABB, “Simplifying management of protection and control relays with PCM600 - Protection and control IED manager.” https://new.abb.com/medium-voltage/digital-substations/software-products/protection-and-control-ied-manager-pcm600 (accessed Jul. 10, 2025). Pavel Charvat, “IEDExplorer,” 2013. https://sourceforge.net/projects/iedexplorer/ (accessed Jun. 15, 2024). Sakarya Üniversitesi, “Kritik Altyapılar Ulusal Test Yatağı Merkezi,” CENTER-SAÜ, 2023. https://center.sakarya.edu.tr/ (accessed Jul. 20, 2025). I. Ozcelik, M. Iskefiyeli, M. Balta, K. Ovaz Akpinar, and F. S. Toker, “CENTER Energy: A Secure Testbed Infrastructure Proposal for Electricity Power Grid,” in 2021 International Conference on Information Security and Cryptology (ISCTURKEY), Dec. 2021, no. December, pp. 149–154, doi: 10.1109/ISCTURKEY53027.2021.9654352. ABB, “Relion protection and control.” https://new.abb.com/medium-voltage/digital-substations/relion (accessed Jul. 06, 2025). ABB, “OpenSSL vulnerabilities in Relion® 650 series version 2.1 and Relion® 670 series version 2.1 ABB-VU-PGGA-1MRG024369 ABB-VU-PGGA-1MRG025160,” 2019. [Online]. Available: https://publisher.hitachienergy.com/preview?DocumentID=9AKK107492A9254&LanguageCode=en&DocumentPartId=&Action=Launch. NIST, “CVE-2016-2177 Detail,” NVD, 2016. https://nvd.nist.gov/vuln/detail/cve-2016-2177 (accessed Jul. 28, 2025). NIST, “CVE-2016-2178 Detail,” NVD, 22016. https://nvd.nist.gov/vuln/detail/cve-2016-2178 (accessed Jul. 28, 2025). NIST, “CVE-2016-2182 Detail,” NVD, 2016. https://nvd.nist.gov/vuln/detail/cve-2016-2182 (accessed Jul. 28, 2025). NIST, “CVE-2016-2183 Detail,” NVD, 2016. https://nvd.nist.gov/vuln/detail/cve-2016-2183 (accessed Jul. 28, 2025). NIST, “CVE-2016-6304 Detail,” NVD, 2016. https://nvd.nist.gov/vuln/detail/cve-2016-6304 (accessed Jul. 28, 2025). NIST, “CVE-2016-6306 Detail,” NVD, 2016. https://nvd.nist.gov/vuln/detail/cve-2016-6306 (accessed Jul. 28, 2025). ABB, “Feeder protection and control REF615 IEC.” https://new.abb.com/medium-voltage/digital-substations/protection-relays/feeder-protection-and-control/feeder-protection-and-control-ref615-iec (accessed Jul. 15, 2025). ABB, “Feeder protection relay REF615 ANSI.” https://new.abb.com/medium-voltage/digital-substations/protection-relays/feeder-protection-and-control/feeder-protection-relay-ref615-ansi (accessed Jul. 15, 2025). ABB, “Firmware update releases for digital substation products.” https://new.abb.com/medium-voltage/digital-substations/protection-relay-services/firmware-update-release (accessed Jul. 06, 2025). ABB, Feeder protection relay REF615 ANSI Prouct Guide. ABB Inc., 2007. ABB Oy., Feeder Protection and Control REf615 Product Guide. ABB Oy., 2010. ABB, RELION® 615 SERIES: Feeder Protection and Control REF615 Application Manual. ABB, 2021.