@Article{jcs.2026.079617,
AUTHOR = {Benedict Djouboussi, Elie Fute Tagne},
TITLE = {Mitigating Fragmentation Attacks in DNP3-Based Microgrids through Permissioned Blockchain Validation},
JOURNAL = {Journal of Cyber Security},
VOLUME = {8},
YEAR = {2026},
NUMBER = {1},
PAGES = {171--187},
URL = {http://www.techscience.com/JCS/v8n1/67005},
ISSN = {2579-0064},
ABSTRACT = {The Distributed Network Protocol 3 (DNP3) is widely deployed in SCADA-based microgrids; however, it was not originally designed to meet the cybersecurity requirements of modern decentralized energy infrastructures. Although DNP3 Secure Authentication (DNP3-SA) introduces HMAC-based session-level protection, it does not ensure fragment-level integrity, leaving the protocol vulnerable to fragmentation disruption, replay attacks, and sequence manipulation. Such vulnerabilities can cause desynchronization between master and outstation devices, compromising the operational reliability of distributed energy resources. This paper proposes DNP3Chain, a blockchain-enabled framework that provides real-time fragment-level validation and enforces end-to-end message integrity in DNP3 communications. An OpenDNP3-based experimental testbed was implemented to simulate fragmentation attacks by manipulating the FIR/FIN flags and transport sequence numbers, thereby preventing correct fragment reassembly at the master station. In the proposed architecture, each DNP3 fragment is associated with a unique HMAC fingerprint stored as an immutable transaction on a private permissioned blockchain (Ethereum/Ganache). A Web3-based verification service performs real-time integrity checks by comparing received fragments against blockchain records. An experimental evaluation shows that classical DNP3 lacks real-time validation capabilities, whereas DNP3-SA provides only session-level protection. In contrast, DNP3Chain detects missing and replayed fragments, restores sequence integrity, and ensures ordered message delivery. By leveraging decentralization, immutability, and distributed consensus, the framework eliminates single points of failure and significantly enhances the resilience and cybersecurity of hierarchical SCADA communications in microgrid environments.},
DOI = {10.32604/jcs.2026.079617}
}