DOI: 10.3390/electronics15132831 ISSN: 2079-9292

Performance Benchmarking of DNP3 Implementations in Smart Grid Environments

Mahesh Narayanan, Hareesh Eemani, Arslan Munir

Secure communication is one of the foundational requirements for modern smart grid operations, where Distributed Network Protocol 3 (DNP3) remains a primary protocol for monitoring and control. Key stakeholders in the smart grid—such as transmission operators, distribution operators, utilities, and balancing authorities—are increasingly required to strengthen their cybersecurity protections. They must maintain the reliability of communications across complex, bandwidth-constrained wide-area networks (WANs). This paper presents a practical evaluation of four DNP3 deployment models: DNP3 in its native unsecured form, DNP3 with Secure Authentication (SA), DNP3 over Transport Layer Security (TLS 1.3), and DNP3 protected using IPsec encryption at the network layer. The paper evaluates how each security approach performs in a production-like smart grid environment. This paper primarily focuses on the widely deployed DNP3-SA model, which provides authentication and integrity but not confidentiality. Although newer Secure Authentication versions exist, including SAv6, they are still less common in operational utility environments. Experiments are conducted using a hardware-informed simulation testbed that emulates realistic utility WAN conditions, including multiple routing hops, MPLS as a transport for packets, and varied link capacities. Performance is assessed in terms of bandwidth efficiency, round-trip latency, and additional computational overhead on the field devices. Based on the findings, the paper presents a decision framework to help utilities select DNP3 security implementations that align with regulatory expectations and operational reliability.

More from our Archive