Security Challenges in Smart-Grid Metering and Control Systems _ TIM Review.pdf

Embed Size (px)

Text of Security Challenges in Smart-Grid Metering and Control Systems _ TIM Review.pdf

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 1/7

    Search

    PleaseLoginorRegister

    HOME TOPICS UPCOMINGTHEMES ISSUEARCHIVE CONTRIBUTE ABOUT CONTACTUS

    InthisissueEditorial:Cybersecurity(July2013)CybersecurityFutures:HowCanWeRegulateEmergentRisks?SecuringCanadasInformationTechnologyInfrastructure:Context,Principles,andFocusAreasofCybersecurityResearchPeertoPeerEnclavesforImprovingNetworkDefenceKeystoneBusinessModelsforNetworkSecurityProcessorsManagingCybersecurityResearchandExperimentalDevelopment:TheREVOApproachSecurityChallengesinSmartGridMeteringandControlSystemsQ&A.ShouldStartupsCareaboutApplicationSecurity?TIMLectureSeriesGreenBusinessModelstoChangetheWorld:HowCanEntrepreneursRidetheSustainabilityWave?

    AboutthisarticleCitation:Fan,X.,&Gong,G.2013.Security Challenges in

    Smart-Grid Metering and Control Systems.TechnologyInnovationManagementReview,3(7):4249.http://timreview.ca/article/702

    Citethisarticle:BibTex RTF Tagged MARC XML RIS

    Authorinformation

    XinxinFanUniversityofWaterlooXinxinFanisaResearchAssociateintheDepartmentofElectricalandComputerEngineeringattheUniversityofWaterloo,Canada.HeholdsaPhDdegreeinElectricalandComputerEngineeringfromtheUniversityofWaterloo,aswellasaBScdegreeinAppliedMathematicsandanMEngdegreeinInformationSystemsandTelecommunicationEngineeringfromXidianUniversity,China.Hisresearchinterestsrangefromfastandsecuresoftwareandhardwareimplementationsofcryptographicalgorithmstothedesignandtheanalysisofsecurityprotocolsforwirelessandwirelinenetworks.

    Morebythisauthor

    GuangGongUniversityofWaterlooGuangGongisaProfessorintheDepartmentofElectricalandComputerEngineeringattheUniversityofWaterloo,Canada,andsheistheManagingDirectoroftheCentreforAppliedCryptographicResearchatUniversityofWaterloo.SheholdsaBScdegreeinMathematics,anMScdegreeinAppliedMathematics,andaPhDdegreeinElectricalEngineeringfromuniversitiesinChina.Dr.GonghasalsoheldafellowshipattheFondazioneUgoBordoni,inRome,Italy,andwasAssociateProfessorattheUniversityofElectricalScienceandTechnologyofChina.Herresearchinterestsareintheareasofsequencedesign,cryptography,andcommunicationsecurity.

    Morebythisauthor

    Login

    Username*

    Password*

    Createnewaccount

    July2013

    SecurityChallengesinSmartGridMeteringandControlSystemsXinxinFan,GuangGong

    DownloadthisarticleasaPDF

    Aswemodernizethenationselectricinfrastructuretomakeitsmarter,moreefficient,andmorecapable,weneedtomakeitmoresecurefromendtoend.

    GaryLockeU.S.AmbassadortoChinaandFormerSecretaryofCommerce

    Abstract

    Thesmartgridisanextgenerationpowersystemthatisincreasinglyattractingtheattentionofgovernment,industry,andacademia.Itisanupgradedelectricitynetworkthatdependsontwowaydigitalcommunicationsbetweensupplierandconsumerthatinturngivesupporttointelligentmeteringandmonitoringsystems.Consideringthatenergyutilitiesplayanincreasinglyimportantroleinourdailylife,smartgridtechnologyintroducesnewsecuritychallengesthatmustbeaddressed.Deployingasmartgridwithoutadequatesecuritymightresultinseriousconsequencessuchasgridinstability,utilityfraud,andlossofuserinformationandenergyconsumptiondata.Duetotheheterogeneouscommunicationarchitectureofsmartgrids,itisquiteachallengetodesignsophisticatedandrobustsecuritymechanismsthatcanbeeasilydeployedtoprotectcommunicationsamongdifferentlayersofthesmartgridinfrastructure.Inthisarticle,wefocusonthecommunicationsecurityaspectofasmartgridmeteringandcontrolsystemfromtheperspectiveofcryptographictechniques,andwediscussdifferentmechanismstoenhancecybersecurityoftheemergingsmartgrid.Weaimtoprovideacomprehensivevulnerabilityanalysisaswellasnovelinsightsonthecybersecurityofasmartgrid.

    Introduction

    Theterm"smartgrid"generallyreferstoanextgenerationpowergridinwhichthegeneration,transmission,distribution,andmanagementofelectricityareupgradedandautomatedbyincorporatingadvancedcomputingandcommunicationtechnologiesforimprovingtheefficiency,reliability,economics,andsafetyofthegrid.Looselyspeaking,asmartgridiscomposedofapowergridandatwowaycommunicationnetworkforinformationretrievalandmanagement.Whencomparedtolegacyandclosedpowercontrolsystems,thesmartgridisenvisionedtoestablishascalable,pervasive,andinteractivecommunicationinfrastructurewithnewenergymanagementanddemandresponsecapabilities.Duringthepastfewyears,smartgridmeteringandcontrolsystemshavebeenwidelydeployedthroughouttheworld.AccordingtoanewNavigantResearchreport(2013),theglobalmarketpotentialforsmartgridequipmentmanufacturersandsolutionproviderswillnearlydoubleby2020,reaching$73billioninannualrevenueand$461billionincumulativeprofit.

    Asmartgridbringsgreatperformancebenefittothepowerindustryandenablesenduserstooptimizetheirpowerconsumptionhowever,theheavydependenceoncommunicationnetworkshasmadesmartgridsvulnerabletoawiderangeofcyberspacethreats.Forexample,ithasbeenshownthatsecuritybreachesinsmartgridscanresultinavarietyofseriousconsequences,fromblackoutsandphysicaldamageofinfrastructuretotheleakageofcustomerinformation.Consideringthevastscaleandcomplexarchitectureofasmartgrid,itisnotdifficulttounderstandthatthevulnerabilitiesassociatedwiththesmartgridcommunicationsystemmayalsobeenormous.Thosesecurityvulnerabilitiesneedtobeproperlyaddressedtoensurethatsmartgridsarenotonlysecureandfunctioncorrectly,butthattheyalsomaximizetheiradoptionandsuccessfullyfulfillthepromiseofsmartgridinvestment.

    Althoughmostofthearchitectures,frameworks,androadmapsforsmartgridshavealreadybeendefinedbythegovernments,industry,andacademia,therearestillmanyimportantsecurityandprivacyissuesinsmartgridcommunications.Theseissuesarenowconsideredbygovernmentsandindustrytobeoneofthehighestprioritiesforsmartgriddesign,andtheymustberesolvedbeforesmartgridscanbeoperationallyreadyforthemarket.Inthisarticle,wewillpresentthehighlevelarchitectureofasmartgridmeteringandcontrolsystem,andwewilldescribetypicalcyberspaceattacksonsmartgridcommunications.Wealsowillsummarizethesecurityrequirements,reviewsomeexistingsolutions,andhighlightseveralimportantdirectionsalongthisemergingresearchline.

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 2/7

    Requestnewpassword

    Login

    RelatedarticlesTIMLectureSeriesTheInternetofEverything:Fridgebots,SmartSneakers,andConnectedCarsJ.Greene

    RealTimeMobileCommunicationofPowerRequirementsforElectricVehiclesD.Smith

    Theperiodicpowerrequirementsofanelectricvehiclearedifficulttopredictbecausethevehicle'slocation,theamountofchargeremaininginitsbatteries,andthetimingofitsnextchargearenotknown.Forclustersofelectricvehicles,theproblemismagnified,andthereisariskthatthedemandwillstrainandoverloadapowerutilitysinfrastructure.Operationalmanagersare...

    TIMLectureSeriesEnergyEfficiencyandDataSecurityinModernDataCentresJ.Glowka

    TIMLectureSeries:PrivacyandSecurityinaConnectedWorldD.King

    OnMay7,2008,DouglasG.King,AssistantProfessorofSystemsandComputerEngineeringatCarletonUniversity,deliveredapresentationentitled"PrivacyandSecurityinaConnectedWorld".

    TheTIMLectureSeriesprovidesaforumtopromotethetransferofknowledgefromuniversityresearchtotechnologycompanyexecutivesandentrepreneursaswellasresearchand...

    Theremainderofthisarticleisorganizedasfollows.First,wepresentthefundamentalarchitectureandfunctionalitiesofasmartgridmeteringandcontrolsystem.Next,wefocusonthesecurityrequirementsforsmartgridcommunications,followedbyasurveyofcurrenteffortsmadebytheindustryandacademiatosecurethesmartgridnetworksanddevices.Finally,weproposeseveralresearchareasanddirectionsinsmartgridsecurityanddrawsomeconclusions.

    Architecture

    Atypicalsmartgridmeteringandcontrolsystem,asillustratedinFigure1,consistsofacollectionofmeters/sensorsandcontrollers/actuatorsthatcommunicatewithasubstation/dataconcentrator,aconsumerortechnician,andvariousthirdpartyentities.Thecommunicationamongdifferentnetworkentitiesisrealizedbyhighspeedwiredorwirelesslinksoracombinationthereof.Asmartgridmeteringandcontrolsystemhasalayerednetworkstructurethroughwhichitcollectsdataandcontrolsthedeliveryofelectricity.

    Figure1.ArchitectureofatypicalSmartgridmeteringandcontrolsystem

    Themainfunctionalitiesofeachcomponentinasmartgridmeteringandcontrolsystemareasfollows:

    1. Utilitycompany:connectstothesubstationnetworkthroughthewideareanetwork(WAN)interfaceandthecommunicationchannelmightbeWiFi,satellite,4GLTE,WiMax,etc.Theutilitycompanyisresponsibleforprocessingalarmsandalerts,managingthemeterdata,andgeneratingbills.Moreover,itmayalsoprovideawebportalthatallowscustomerstoviewtheirmonthlyenergyconsumptionandbills.

    2. Substation/dataconcentratornetwork:consistsofanumberofsmartmetersinacertainareaaswellasadatacollector.TheconnectionbetweensmartmetersandthedatacollectormightthroughWiFi,ZigBee,powerlinecarrier(PLC),etc.Typically,thesmartmetersformawirelessmeshnetworkandforwardthemeterreadingstothedatacollectorthroughmultihopcommunications.Thedatacollectorthentransmitstheaccumulateddatatotheutilitycompany.

    3. Homeareanetwork(HAN):providestheconsumeraccesspointstocontrolandmonitortherealtimepowerconsumption.TheHANcontainsahomegatewaythatreceivesthepowerconsumptiondatafromthesmartmeteranddisplaysitonhouseholder'sdevices(e.g.,laptop,tablet,smartphone).Furthermore,thehomegatewaymaysendthepowerconsumptiondatatoathirdpartyforothervalueaddedservices(e.g.,efficiencyadvice,supplierselection).TheHANalsoincludesacontrollerthatenableshouseholderstoremotelycontrolthestatusoftheirhomeappliances.

    4. Smartmeter:iscomposedofamicrocontroller,ametrologyboard,andacommunicationboard.Underthecontrolofthemicrocontroller,themetrologyboardmeasurestherealtimepowerconsumption,andthemeterdataistransmittedtoboththesubstationnetworkaswellasthehomeareanetworkthroughthecommunicationboard.TheconnectionbetweenthesmartmeterandhomeappliancesmaybethroughWiFi,ZigBee,Et