Key Distribution Center

Empowering the Secure Digital Grid

GARIBALDI

Garibaldi is a standards-based Key Distribution and Management Center (KDC) that secures real-time communication in digital substations and critical infrastructure networks. Built on IEC 61850 and IEC 62351, it delivers automated cryptographic key management, strong authentication, and encryption for GOOSE, R-GOOSE, and Sampled Values.

Designed for scalability and resiliency, Garibaldi protects mission-critical multicast traffic across substations, control centers, and field devices—enabling secure, interoperable grid operations from single substations to nationwide deployments.

APPLICATIONS

  • Secure R-GOOSE Messaging: Authenticated, encrypted multicast for protection and control applications
  • Remedial Action Schemes (RAS): Fast, secure coordination to prevent cascading outages
  • Inverter-Based Resource (IBR) Security: Scalable key management for distributed renewable assets
  • Demand-Side Management: Secure, low-latency communications supporting large-scale demand response

As power systems evolve toward distributed, data-driven operations, protecting real-time control traffic is essential. Garibaldi integrates directly with IEC 61850 systems to secure communications for protection, control, and monitoring across substations, control centers, and field devices.

WHY GARIBALDI?

  • Proven GDOI-based multicast security
  • Scales to thousands of substations
  • Enables multi-vendor interoperability
  • Rapid deployment—IEC 61850 security configured in minutes
  • Strengthens compliance with IEC and NERC-CIP frameworks

Garibaldi provides a secure foundation for the digital substation—ensuring that every control signal, measurement, and status update is protected by design.

Image

Features

  • Standards-based security: Compliant with IEC 61850-8-1, IEC 61850-9-2, IEC 62351-6, and IEC 62351-9
  • Automated key lifecycle management: Policy-based key distribution and rotation using GDOI
  • High availability design: Built-in redundancy and failover support
  • Role-Based Access Control (RBAC): RADIUS and certificate-based authentication
  • Web-based management: HTML5 interface with HTTPS support
  • Flexible database options: Supports SQL Server and SQLite
  • Security monitoring and auditing: OCSP, Syslog integration, and audit-ready logging
  • Multi-vendor interoperability: Compatible with leading vendors including GE, Siemens, Schneider, Toshiba, and others

Resources

KDC - Brochure

Contact us for more info