Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
Mitigating Fragmentation Attacks in DNP3-Based Microgrids through Permissioned Blockchain Validation
1 Department of Computer Engineering, Faculty of Engineering and Technology (FET), University of Buea, Buea, Cameroon
2 Department of Mathematics and Computer Science, Faculty of Science (FS), University of Dschang, Dschang, Cameroon
* Corresponding Author: Benedict Djouboussi. Email:
Journal of Cyber Security 2026, 8, 171-187. https://doi.org/10.32604/jcs.2026.079617
Received 24 January 2026; Accepted 16 March 2026; Issue published 15 April 2026
View Full Text
Download PDFAbstract
The Distributed Network Protocol 3 (DNP3) is widely deployed in SCADA-based microgrids; however, it was not originally designed to meet the cybersecurity requirements of modern decentralized energy infrastructures. Although DNP3 Secure Authentication (DNP3-SA) introduces HMAC-based session-level protection, it does not ensure fragment-level integrity, leaving the protocol vulnerable to fragmentation disruption, replay attacks, and sequence manipulation. Such vulnerabilities can cause desynchronization between master and outstation devices, compromising the operational reliability of distributed energy resources. This paper proposes DNP3Chain, a blockchain-enabled framework that provides real-time fragment-level validation and enforces end-to-end message integrity in DNP3 communications. An OpenDNP3-based experimental testbed was implemented to simulate fragmentation attacks by manipulating the FIR/FIN flags and transport sequence numbers, thereby preventing correct fragment reassembly at the master station. In the proposed architecture, each DNP3 fragment is associated with a unique HMAC fingerprint stored as an immutable transaction on a private permissioned blockchain (Ethereum/Ganache). A Web3-based verification service performs real-time integrity checks by comparing received fragments against blockchain records. An experimental evaluation shows that classical DNP3 lacks real-time validation capabilities, whereas DNP3-SA provides only session-level protection. In contrast, DNP3Chain detects missing and replayed fragments, restores sequence integrity, and ensures ordered message delivery. By leveraging decentralization, immutability, and distributed consensus, the framework eliminates single points of failure and significantly enhances the resilience and cybersecurity of hierarchical SCADA communications in microgrid environments.Keywords
DNP3 secure authentication (DNP3-SA); microgrids; SCADA systems; blockchain; fragment interruption attacks; HMAC integrity verification; distributed ledger technology (DLT); distributed energy resources (DERs)
Cite This Article
APA Style
Djouboussi, B., Tagne, E.F. (2026). Mitigating Fragmentation Attacks in DNP3-Based Microgrids through Permissioned Blockchain Validation. Journal of Cyber Security, 8(1), 171–187. https://doi.org/10.32604/jcs.2026.079617
Vancouver Style
Djouboussi B, Tagne EF. Mitigating Fragmentation Attacks in DNP3-Based Microgrids through Permissioned Blockchain Validation. J Cyber Secur. 2026;8(1):171–187. https://doi.org/10.32604/jcs.2026.079617
IEEE Style
B. Djouboussi and E. F. Tagne, “Mitigating Fragmentation Attacks in DNP3-Based Microgrids through Permissioned Blockchain Validation,” J. Cyber Secur., vol. 8, no. 1, pp. 171–187, 2026. https://doi.org/10.32604/jcs.2026.079617
Copyright © 2026 The Author(s). Published by Tech Science Press.This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
