# SCAMPER -- Synchrophasor Covert chAnnel for Malicious and Protective ERrands

**Authors:** Prashanth Krishnamurthy, Ramesh Karri, Farshad Khorrami

arXiv: 2508.20051 · 2025-08-28

## TL;DR

The paper introduces SCAMPER, a framework exploiting overprovisioned fields in synchrophasor communication for covert channels, enabling malicious communication and a defensive cryptographic integrity mechanism, validated through HIL testbeds.

## Contribution

It presents a novel covert channel framework in synchrophasor protocols and demonstrates its dual use for malicious attacks and defensive security measures.

## Key findings

- SCAMPER can embed covert messages without disrupting power system operations.
- The framework enables surreptitious device communication for malicious purposes.
- SCAMPER can be used as a cryptographic integrity check to detect false data injection.

## Abstract

We note that constituent fields (notably the fraction-of-seconds timestamp field) in the data payload structure of the synchrophasor communication protocol (IEEE C37.118 standard) are overprovisioned relative to real-world usage and needs, lending themselves to abuse for embedding of covert channels. We develop the SCAMPER (Synchrophasor Covert Channel for Malicious and Protective ERrands) framework to exploit these overprovisioned fields for covert communication and show that SCAMPER can be applied for both malicious (attack) and protective (defense) purposes. Through modifications of the timestamp field, we demonstrate that SCAMPER enables an attacker to accomplish surreptitious communications between devices in the power system to trigger a variety of malicious actions. These timestamp modifications can be performed without having any impact on the operation of the power system. However, having recognized the potential for this covert channel, we show that SCAMPER can instead be applied for defensive security purposes as an integrated cryptographic data integrity mechanism that can facilitate detection of false data injection (FDI) attacks. We perform experimental studies of the proposed methods on two Hardware-in-the-Loop (HIL) testbeds to demonstrate the effectiveness of the proposed SCAMPER framework for both malicious and protective purposes.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/2508.20051/full.md

## Figures

20 figures with captions in the complete paper: https://tomesphere.com/paper/2508.20051/full.md

## References

45 references — full list in the complete paper: https://tomesphere.com/paper/2508.20051/full.md

---
Source: https://tomesphere.com/paper/2508.20051