The datasets reflect on two main scenarios (S1-S2) related to SUC4 - corresponding to cyber attacks affecting the Coordinated Overcurrent Protection Scheme. The first scenario explores the response of the coordinated overcurrent protection when circuit breakers (CBs) are healthy, under normal operation, i.e., SUC4/S1(without attack), and the under a FDI cyberattack on IEC 61850 - GOOSE communication protocol, i.e., SUC4/S1(with FDI attack). Similarly, the second scenario investigates the response of the coordinated overcurrent protection when there a mechanical failure in the CB of the downstream feeder, under normal operation, i.e., SUC4/S2(without attack), and the under a message suppresion (MS) cyber-attack on GOOSE protocol, i.e., SUC4/S2(with MS attack). Details regarding the datasets captured during the execution of each scenario (with and without attacks), including electrical measurements and network traffic, are briefly rsummarized below, while the full details are provided in the supporting documents.

• SUC4/S1(without attack) datasets/Normal operation (without cyber-attack on GOOSE) when CBs are healthy : This dataset is related to the operation of the sandboxing use case SUC4 described in this document, which examines operation of the protection scheme in a substation using overcurrent protective relays (IEDs) in the sandboxing environment, that communicate with each other via IEC6180/GOOSE protocol. Specifically, this dataset corresponds to the first scenario (S1) of SUC4, without any attack. More details about the scenario related to this dataset can be found in Section 1.3.1 of the SUC4 supporting document. The dataset includes electrical measurements of the upstream and downstream feeders of the substation, the status (stNum) and sequence (sqNum) numbers, along with the binary values in “alldata” field of the GOOSE messages of IED1 and IED2, as well as the status of the CB1 and CB2. The dataset is provided in the form of time-series measurements available as MATLAB (.mat) and CSV (.csv) files. The measurements were recorded with a 0.5-millisecond time resolution by specific blocks in RT-Lab environment of the real time simulator. In addition, network traffic data as Packer CAPture files (.pcapng) are included in this database.
• SUC4/S1(with FDI attack) datasets/FDI cyber-attack on GOOSE signals when CBs are healthy:  This dataset corresponds to the first scenario (S1) of SUC4, where an FDI cyber-attack is conducted in the local network by an attacker model, in order to inject fake messages to deceive an IED to unnecessarily trip its CB during normal grid conditions (without a shortcircuit event) and cause a regional blackout. More details about the scenario related to this dataset can be found in Section 1.3.1 of the supporting document. The dataset includes electrical measurements of the upstream and downstream feeders of the substation, the status (stNum) and sequence (sqNum) numbers, along with the binary values in “alldata” field of the GOOSE messages of IED1 and IED2, as well as the status of the CB1 and CB2. The dataset is provided in the form of time-series measurements available as MATLAB (.mat) and CSV (.csv) files. The measurements were recorded with a 0.5-millisecond time resolution by specific blocks in RT-Lab environment of the real time simulator. In addition, network traffic data as Packer CAPture files (.pcapng) are included in this database.
  
• SUC4/S2(without attack) datasets/ Normal operation (without attack on GOOSE) when CB presents a failure: This dataset corresponds to the first scenario (S1) of SUC4, where an FDI cyber-attack is conducted in the local network by an attacker model, in order to inject fake messages to deceive an IED to unnecessarily trip its CB during normal grid conditions (without a shortcircuit event) and cause a regional blackout. More details about the scenario related to this dataset can be found in Section 1.3.1 of the supporting document. The dataset includes electrical measurements of the upstream and downstream feeders of the substation, the status (stNum) and sequence (sqNum) numbers, along with the binary values in “alldata” field of the GOOSE messages of IED1 and IED2, as well as the status of
  the CB1 and CB2. The dataset is provided in the form of time-series measurements available as MATLAB (.mat) and CSV (.csv) files. The measurements were recorded with a 0.5-millisecond time resolution by specific blocks in RT-Lab environment of the real time simulator. In addition, network traffic data as Packer CAPture files (.pcapng) are included in this database.
  
• SUC4/S2(with MS attack) datasets/MS cyber-attack on GOOSE signals when CB presents a failure: This dataset corresponds to the second scenario (S2) of SUC4, where an MS cyber-attack is conducted in the local network in order prevent critical benign messages, such inter-trip messages requesting backup protection, to reach their destination (back-up IED) when a CB failure occurs during a short-circuit event. As a result, the duration of a short-circuit is prolonged or the protection scheme is not able to clear the short-circuit event, which can cause catastrophic failures to power system. More details about the scenario related to
  this dataset can be found in Section 1.3.2 of the support document. The dataset includes electrical measurements of the upstream and downstream feeders of
  the substation, the status (stNum) and sequence (sqNum) numbers, along with the binary values in “alldata” field of the GOOSE messages of IED1 and IED2, as well as the status of the CB1 and CB2. The dataset is provided in the form of time-series measurements available as MATLAB (.mat) and CSV (.csv) files. The measurements were recorded with a 0.5-millisecond time resolution by specific blocks in RT-Lab environment of the real time simulator. In addition, network traffic data as Packer CAPture files (.pcapng) are included in this database.