• Home

  • Documents

  • Security Challenges in Smart-Grid Metering and Control Systems _ TIM Review.pdf
7
Search Please Log in or Register HOME TOPICS UPCOMING THEMES ISSUE ARCHIVE CONTRIBUTE ABOUT CONTACT US In this issue Editorial: Cybersecurity (July 2013) Cybersecurity Futures: How Can We Regulate Emergent Risks? Securing Canada’s InformationTechnology Infrastructure: Context, Principles, and Focus Areas of Cybersecurity Research PeertoPeer Enclaves for Improving Network Defence Keystone Business Models for Network Security Processors Managing Cybersecurity Research and Experimental Development: The REVO Approach Security Challenges in SmartGrid Metering and Control Systems Q&A. Should Startups Care about Application Security? TIM Lecture Series – Green Business Models to Change the World: How Can Entrepreneurs Ride the Sustainability Wave? About this article Citation: Fan, X., & Gong, G. 2013. Security Challenges in Smart-Grid Metering and Control Systems. Technology Innovation Management Review, 3(7): 4249. http://timreview.ca/article/702 Cite this article: BibTex RTF Tagged MARC XML RIS Author information Xinxin Fan University of Waterloo Xinxin Fan is a Research Associate in the Department of Electrical and Computer Engineering at the University of Waterloo, Canada. He holds a PhD degree in Electrical and Computer Engineering from the University of Waterloo, as well as a BSc degree in Applied Mathematics and an MEng degree in Information Systems and Telecommunication Engineering from Xidian University, China. His research interests range from fast and secure software and hardware implementations of cryptographic algorithms to the design and the analysis of security protocols for wireless and wireline networks. More by this author Guang Gong University of Waterloo Guang Gong is a Professor in the Department of Electrical and Computer Engineering at the University of Waterloo, Canada, and she is the Managing Director of the Centre for Applied Cryptographic Research at University of Waterloo. She holds a BSc degree in Mathematics, an MSc degree in Applied Mathematics, and a PhD degree in Electrical Engineering from universities in China. Dr. Gong has also held a fellowship at the Fondazione Ugo Bordoni, in Rome, Italy, and was Associate Professor at the University of Electrical Science and Technology of China. Her research interests are in the areas of sequence design, cryptography, and communication security. More by this author Login Username * Password * Create new account July 2013 Security Challenges in SmartGrid Metering and Control Systems Xinxin Fan, Guang Gong Download this article as a PDF As we modernize the nation’s electric infrastructure to make it smarter, more efficient, and more capable, we need to make it more secure from end to end. Gary Locke U.S. Ambassador to China and Former Secretary of Commerce Abstract The smart grid is a nextgeneration power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on twoway digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smartgrid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energyconsumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart gridinfrastructure. In this article, we focus on the communicationsecurity aspect of a smartgrid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid. Introduction The term "smart grid" generally refers to a nextgeneration power grid in which the generation, transmission, distribution, and management of electricity are upgraded and automated by incorporating advanced computing and communication technologies for improving the efficiency, reliability, economics, and safety of the grid. Loosely speaking, a smart grid is composed of a power grid and a twoway communication network for information retrieval and management. When compared to legacy and closed powercontrol systems, the smart grid is envisioned to establish a scalable, pervasive, and interactive communication infrastructure with new energymanagement and demandresponse capabilities. During the past few years, smartgrid metering and control systems have been widely deployed throughout the world. According to a new Navigant Research report (2013), the global market potential for smartgrid equipment manufacturers and solution providers will nearly double by 2020, reaching $73 billion in annual revenue and $461 billion in cumulative profit. A smart grid brings great performance benefit to the power industry and enables end users to optimize their power consumption; however, the heavy dependence on communication networks has made smart grids vulnerable to a wide range of cyberspace threats. For example, it has been shown that security breaches in smart grids can result in a variety of serious consequences, from blackouts and physical damage of infrastructure to the leakage of customer information. Considering the vast scale and complex architecture of a smart grid, it is not difficult to understand that the vulnerabilities associated with the smartgrid communication system may also be enormous. Those security vulnerabilities need to be properly addressed to ensure that smart grids are not only secure and function correctly, but that they also maximize their adoption and successfully fulfill the promise of smartgrid investment. Although most of the architectures, frameworks, and roadmaps for smart grids have already been defined by the governments, industry, and academia, there are still many important security and privacy issues in smartgrid communications. These issues are now considered by governments and industry to be one of the highest priorities for smartgrid design, and they must be resolved before smart grids can be operationally ready for the market. In this article, we will present the highlevel architecture of a smartgrid metering and control system, and we will describe typical cyberspace attacks on smartgrid communications. We also will summarize the security requirements, review some existing solutions, and highlight several important directions along this emerging research line.

Security Challenges in Smart-Grid Metering and Control Systems _ TIM Review.pdf

Embed Size (px)

Citation preview

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 1/7

    Search

    PleaseLoginorRegister

    HOME TOPICS UPCOMINGTHEMES ISSUEARCHIVE CONTRIBUTE ABOUT CONTACTUS

    InthisissueEditorial:Cybersecurity(July2013)CybersecurityFutures:HowCanWeRegulateEmergentRisks?SecuringCanadasInformationTechnologyInfrastructure:Context,Principles,andFocusAreasofCybersecurityResearchPeertoPeerEnclavesforImprovingNetworkDefenceKeystoneBusinessModelsforNetworkSecurityProcessorsManagingCybersecurityResearchandExperimentalDevelopment:TheREVOApproachSecurityChallengesinSmartGridMeteringandControlSystemsQ&A.ShouldStartupsCareaboutApplicationSecurity?TIMLectureSeriesGreenBusinessModelstoChangetheWorld:HowCanEntrepreneursRidetheSustainabilityWave?

    AboutthisarticleCitation:Fan,X.,&Gong,G.2013.Security Challenges in

    Smart-Grid Metering and Control Systems.TechnologyInnovationManagementReview,3(7):4249.http://timreview.ca/article/702

    Citethisarticle:BibTex RTF Tagged MARC XML RIS

    Authorinformation

    XinxinFanUniversityofWaterlooXinxinFanisaResearchAssociateintheDepartmentofElectricalandComputerEngineeringattheUniversityofWaterloo,Canada.HeholdsaPhDdegreeinElectricalandComputerEngineeringfromtheUniversityofWaterloo,aswellasaBScdegreeinAppliedMathematicsandanMEngdegreeinInformationSystemsandTelecommunicationEngineeringfromXidianUniversity,China.Hisresearchinterestsrangefromfastandsecuresoftwareandhardwareimplementationsofcryptographicalgorithmstothedesignandtheanalysisofsecurityprotocolsforwirelessandwirelinenetworks.

    Morebythisauthor

    GuangGongUniversityofWaterlooGuangGongisaProfessorintheDepartmentofElectricalandComputerEngineeringattheUniversityofWaterloo,Canada,andsheistheManagingDirectoroftheCentreforAppliedCryptographicResearchatUniversityofWaterloo.SheholdsaBScdegreeinMathematics,anMScdegreeinAppliedMathematics,andaPhDdegreeinElectricalEngineeringfromuniversitiesinChina.Dr.GonghasalsoheldafellowshipattheFondazioneUgoBordoni,inRome,Italy,andwasAssociateProfessorattheUniversityofElectricalScienceandTechnologyofChina.Herresearchinterestsareintheareasofsequencedesign,cryptography,andcommunicationsecurity.

    Morebythisauthor

    Login

    Username*

    Password*

    Createnewaccount

    July2013

    SecurityChallengesinSmartGridMeteringandControlSystemsXinxinFan,GuangGong

    DownloadthisarticleasaPDF

    Aswemodernizethenationselectricinfrastructuretomakeitsmarter,moreefficient,andmorecapable,weneedtomakeitmoresecurefromendtoend.

    GaryLockeU.S.AmbassadortoChinaandFormerSecretaryofCommerce

    Abstract

    Thesmartgridisanextgenerationpowersystemthatisincreasinglyattractingtheattentionofgovernment,industry,andacademia.Itisanupgradedelectricitynetworkthatdependsontwowaydigitalcommunicationsbetweensupplierandconsumerthatinturngivesupporttointelligentmeteringandmonitoringsystems.Consideringthatenergyutilitiesplayanincreasinglyimportantroleinourdailylife,smartgridtechnologyintroducesnewsecuritychallengesthatmustbeaddressed.Deployingasmartgridwithoutadequatesecuritymightresultinseriousconsequencessuchasgridinstability,utilityfraud,andlossofuserinformationandenergyconsumptiondata.Duetotheheterogeneouscommunicationarchitectureofsmartgrids,itisquiteachallengetodesignsophisticatedandrobustsecuritymechanismsthatcanbeeasilydeployedtoprotectcommunicationsamongdifferentlayersofthesmartgridinfrastructure.Inthisarticle,wefocusonthecommunicationsecurityaspectofasmartgridmeteringandcontrolsystemfromtheperspectiveofcryptographictechniques,andwediscussdifferentmechanismstoenhancecybersecurityoftheemergingsmartgrid.Weaimtoprovideacomprehensivevulnerabilityanalysisaswellasnovelinsightsonthecybersecurityofasmartgrid.

    Introduction

    Theterm"smartgrid"generallyreferstoanextgenerationpowergridinwhichthegeneration,transmission,distribution,andmanagementofelectricityareupgradedandautomatedbyincorporatingadvancedcomputingandcommunicationtechnologiesforimprovingtheefficiency,reliability,economics,andsafetyofthegrid.Looselyspeaking,asmartgridiscomposedofapowergridandatwowaycommunicationnetworkforinformationretrievalandmanagement.Whencomparedtolegacyandclosedpowercontrolsystems,thesmartgridisenvisionedtoestablishascalable,pervasive,andinteractivecommunicationinfrastructurewithnewenergymanagementanddemandresponsecapabilities.Duringthepastfewyears,smartgridmeteringandcontrolsystemshavebeenwidelydeployedthroughouttheworld.AccordingtoanewNavigantResearchreport(2013),theglobalmarketpotentialforsmartgridequipmentmanufacturersandsolutionproviderswillnearlydoubleby2020,reaching$73billioninannualrevenueand$461billionincumulativeprofit.

    Asmartgridbringsgreatperformancebenefittothepowerindustryandenablesenduserstooptimizetheirpowerconsumptionhowever,theheavydependenceoncommunicationnetworkshasmadesmartgridsvulnerabletoawiderangeofcyberspacethreats.Forexample,ithasbeenshownthatsecuritybreachesinsmartgridscanresultinavarietyofseriousconsequences,fromblackoutsandphysicaldamageofinfrastructuretotheleakageofcustomerinformation.Consideringthevastscaleandcomplexarchitectureofasmartgrid,itisnotdifficulttounderstandthatthevulnerabilitiesassociatedwiththesmartgridcommunicationsystemmayalsobeenormous.Thosesecurityvulnerabilitiesneedtobeproperlyaddressedtoensurethatsmartgridsarenotonlysecureandfunctioncorrectly,butthattheyalsomaximizetheiradoptionandsuccessfullyfulfillthepromiseofsmartgridinvestment.

    Althoughmostofthearchitectures,frameworks,androadmapsforsmartgridshavealreadybeendefinedbythegovernments,industry,andacademia,therearestillmanyimportantsecurityandprivacyissuesinsmartgridcommunications.Theseissuesarenowconsideredbygovernmentsandindustrytobeoneofthehighestprioritiesforsmartgriddesign,andtheymustberesolvedbeforesmartgridscanbeoperationallyreadyforthemarket.Inthisarticle,wewillpresentthehighlevelarchitectureofasmartgridmeteringandcontrolsystem,andwewilldescribetypicalcyberspaceattacksonsmartgridcommunications.Wealsowillsummarizethesecurityrequirements,reviewsomeexistingsolutions,andhighlightseveralimportantdirectionsalongthisemergingresearchline.

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 2/7

    Requestnewpassword

    Login

    RelatedarticlesTIMLectureSeriesTheInternetofEverything:Fridgebots,SmartSneakers,andConnectedCarsJ.Greene

    RealTimeMobileCommunicationofPowerRequirementsforElectricVehiclesD.Smith

    Theperiodicpowerrequirementsofanelectricvehiclearedifficulttopredictbecausethevehicle'slocation,theamountofchargeremaininginitsbatteries,andthetimingofitsnextchargearenotknown.Forclustersofelectricvehicles,theproblemismagnified,andthereisariskthatthedemandwillstrainandoverloadapowerutilitysinfrastructure.Operationalmanagersare...

    TIMLectureSeriesEnergyEfficiencyandDataSecurityinModernDataCentresJ.Glowka

    TIMLectureSeries:PrivacyandSecurityinaConnectedWorldD.King

    OnMay7,2008,DouglasG.King,AssistantProfessorofSystemsandComputerEngineeringatCarletonUniversity,deliveredapresentationentitled"PrivacyandSecurityinaConnectedWorld".

    TheTIMLectureSeriesprovidesaforumtopromotethetransferofknowledgefromuniversityresearchtotechnologycompanyexecutivesandentrepreneursaswellasresearchand...

    Theremainderofthisarticleisorganizedasfollows.First,wepresentthefundamentalarchitectureandfunctionalitiesofasmartgridmeteringandcontrolsystem.Next,wefocusonthesecurityrequirementsforsmartgridcommunications,followedbyasurveyofcurrenteffortsmadebytheindustryandacademiatosecurethesmartgridnetworksanddevices.Finally,weproposeseveralresearchareasanddirectionsinsmartgridsecurityanddrawsomeconclusions.

    Architecture

    Atypicalsmartgridmeteringandcontrolsystem,asillustratedinFigure1,consistsofacollectionofmeters/sensorsandcontrollers/actuatorsthatcommunicatewithasubstation/dataconcentrator,aconsumerortechnician,andvariousthirdpartyentities.Thecommunicationamongdifferentnetworkentitiesisrealizedbyhighspeedwiredorwirelesslinksoracombinationthereof.Asmartgridmeteringandcontrolsystemhasalayerednetworkstructurethroughwhichitcollectsdataandcontrolsthedeliveryofelectricity.

    Figure1.ArchitectureofatypicalSmartgridmeteringandcontrolsystem

    Themainfunctionalitiesofeachcomponentinasmartgridmeteringandcontrolsystemareasfollows:

    1. Utilitycompany:connectstothesubstationnetworkthroughthewideareanetwork(WAN)interfaceandthecommunicationchannelmightbeWiFi,satellite,4GLTE,WiMax,etc.Theutilitycompanyisresponsibleforprocessingalarmsandalerts,managingthemeterdata,andgeneratingbills.Moreover,itmayalsoprovideawebportalthatallowscustomerstoviewtheirmonthlyenergyconsumptionandbills.

    2. Substation/dataconcentratornetwork:consistsofanumberofsmartmetersinacertainareaaswellasadatacollector.TheconnectionbetweensmartmetersandthedatacollectormightthroughWiFi,ZigBee,powerlinecarrier(PLC),etc.Typically,thesmartmetersformawirelessmeshnetworkandforwardthemeterreadingstothedatacollectorthroughmultihopcommunications.Thedatacollectorthentransmitstheaccumulateddatatotheutilitycompany.

    3. Homeareanetwork(HAN):providestheconsumeraccesspointstocontrolandmonitortherealtimepowerconsumption.TheHANcontainsahomegatewaythatreceivesthepowerconsumptiondatafromthesmartmeteranddisplaysitonhouseholder'sdevices(e.g.,laptop,tablet,smartphone).Furthermore,thehomegatewaymaysendthepowerconsumptiondatatoathirdpartyforothervalueaddedservices(e.g.,efficiencyadvice,supplierselection).TheHANalsoincludesacontrollerthatenableshouseholderstoremotelycontrolthestatusoftheirhomeappliances.

    4. Smartmeter:iscomposedofamicrocontroller,ametrologyboard,andacommunicationboard.Underthecontrolofthemicrocontroller,themetrologyboardmeasurestherealtimepowerconsumption,andthemeterdataistransmittedtoboththesubstationnetworkaswellasthehomeareanetworkthroughthecommunicationboard.TheconnectionbetweenthesmartmeterandhomeappliancesmaybethroughWiFi,ZigBee,Ethernet,HomePlug,WirelessMBus,etc.Thesmartmetermayalsocontainadisconnectionfunctionthat(ifenabled)allowsutilitycompaniesorcustomerstoremotelyconnectordisconnectthehomeappliancesandservices.

    5. Thirdparty:reliesonaccuratemeterreadingstoprovidevalueaddedservicesforhouseholders,includingpowerefficiencyadvice,supplierselection,etc.Thoseserviceswillhelphouseholderstomanagetheirpowerusageinacosteffectiveway.

    Requirements

    Theconventionalpowergridiscomposedofdedicatedpowerdevicesthatformclosednetworkswithreliableandpredicablecommunicationlinks.Incontrast,asmartgridmeteringandcontrolsystemreliesonadvancedwiredandwirelesscommunicationnetworks,therebyinheritingalloftheweaknessesandpotentialcyberspacevulnerabilitiesofgeneralcommunicationnetworks.Thesmartgridmeteringandcontrolsystemisbecominganincreasinglycommontargetforcyberspaceattacks,andstrongandrobustsecuritymechanismsareparamountforthepreventionoffinancialfraud,environmentalaccidents,andahostofotherpotentiallydisastrousincidents.Inthissection,we

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 3/7

    discussthemajorsecurityconcernsandrequirementsforsmartgridmeteringandcontrolsystems.

    Effortsfromstandardsbodiesandorganizations

    Anumberoforganizationshavebeenactivelyworkingonthedevelopmentofsmartgridsecurityrequirements,asillustratedinBox1.Amongexistingsmartgridstandardizationefforts,theNISTFrameworkandRoadmapforSmartGridInteroperabilityStandardsanditsInteragencyReport,GuidelinesforSmartGridCyberSecurity(NISTIR7628),representthemostcomprehensivecoverageofcyberspacesecurityrequirementsinthesmartgrid.

    Box1.Examplesoforganizationsworkingonsmartgridrequirements

    ElectricPowerResearchInstitute(EPRI)InternationalSocietyofAutomation(ISA)IEEE14022000InternationalElectrotechnicalCommission(IEC)NationalEnergyBoard(NEB,Canada)NorthAmericanElectricalReliabilityCorporationCriticalInfrastructureProtection(NERCCIP)NationalInstituteofStandardsandTechnology(NIST)

    Allstandardsbodiesconsistentlyspecifythreehighlevelsmartgridsecurityobjectives:availability,integrity,andconfidentiality.However,eventhoughthestandardsbodiesdefinethesecurityrequirementsbasedonafairlycomprehensivesetofusecasesinthepowerindustry,thereisstillaconsiderablegapbetweenunderstandingthesecurityrequirementsinthestandardsandapplyingthemtodesignasecuresmartgridmeteringandcontrolsystem.Itisextremelyimportantfordesignersandpractitionersofsmartgridstogaindeepunderstandingaboutawiderangeofmaliciousattackstothesmartgrid,asdetailedbelow.

    Availability

    Availabilityreferstoensuringtimelyandreliableaccesstoinformation,whichistheprimarysecuritygoalofasmartgridmeteringandcontrolsystem.Maliciousattackstargetingavailabilitycanbeconsideredasdenialofserviceattacks,whichintendtodelay,block,orevencorruptthecommunicationinthesystem.Inparticular,duetotheextensiveadoptionofwirelesscommunicationtechnologiesinthesmartgrid,ajammingattackthatfillsthewirelessmediumwithnoisesignalshasbecomethemosttypicalformofphysicallayerattack.Thejammingattackisabletodeferthetransmissionofmessagesandtodistortthetransmitteddatasignal.Asaresult,thelegitimatereceivercannotrecovermessagesoutofthedamageddatapackets.Jammingattacksaremorerelevantandseriousinthesmartgridthanotherthanothernetworkingsystems,becausethesmartgridinvolvesessentialresourcesforpeopleseverydaylives.Ontheotherhand,manymaninthemiddleattackscanbelaunchedonlywhenthefullorpartialcommunicationchannelscanbejammed.Examplesincludejammingtheninsertingfalselocationinformationandjammingthendelayingthetransmission.Becausethenetworktrafficinthesmartgridisgenerallytimecritical,itiscrucialtoevaluatetheimpactofdenialofserviceattacksandtodesignefficientandeffectivecountermeasurestosuchattacks.

    Integrity

    Integrityreferstopreventingordetectingthemodificationordestructionofinformationbyunauthorizedpersonsorsystems.Maliciousattackstargetingtheintegrityofasmartgridattempttostealthilymanipulatecriticaldatasuchasmeterreadings,billinginformation,orcontrolcommands.Recentresearch(Liuetal.,2011)hasdemonstratedthatanewclassofattacks,calledfalsedatainjectionattacks,arehighlyviableagainstthestateestimationinelectricalpowergrids.Basedontheassumptionthatanattackerhascompromisedoneorseveralsmartmetersandisabletoaccessthecurrentpowersystemconfigurationinformation,suchattackscansuccessfullyinjectarbitrarybogusdataintothemonitoringcentre,andatthesametime,passthedataintegritycheckingusedincurrentstateestimateprocesses.Integrityprotectioncanbeachievedbyauthentication,certification,andattestation.Morespecifically,thesmartdevicesandsubstationmustauthenticateeachothersidentitytothwartimpersonation.Datacertificationofamessagepreventsmodificationofdataduringtransmission.Dataauthenticationwithnonrepudiationgoesbeyondcertificationbypreventingthesenderfromclaimingthatitdidnotsendthedata.Substationsuseattestationtoconfirmthatthememorycontents(codeanddata)onasmartdevicehavenotbeenmodified.Thesecurityservicesrelatedtointegrityareusuallyimplementedusingpublickeycryptography,whichrequiresatrustedthirdpartythathostsakeymanagementservice.

    Confidentiality

    Confidentialityreferstoprotectingpersonalprivacyandproprietaryinformationfromunauthorizedaccess.Maliciousattackstargetingconfidentialityaimatobtainingdesirableinformation(e.g.,powerusage,customersaccountinformation)througheavesdroppingoncommunicationchannelsina

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 4/7

    smartgridmeteringandcontrolsystem.Althoughsuchattackshavenegligibleeffectsontheoperationofthesystem,thetransmissionoffinegrainedconsumptiondatabysmartmetershasraisedconcernsaboutprivacy.Research(Quinn,2009)hasshownthattheconsumptiondatacollectedbysmartmetersreflectstheuseofallelectricappliancesbyinhabitantsinahouseholdovertime,anditallowscriminalstomakeinferencesaboutthebehaviours,activities,orpreferencesofthoseinhabitants.Thoseprivacyissuesneedtobeaddressedappropriatelytoreducecustomersfearsaboutpotentialleakagesoftheirinformation.Somebestpracticesrelatingtoprivacyhavebeenproposedforthedesignofsmartgrids(Cavoukian,2010).Anemergingtrendisforthesmartmeterstoaggregateusagedataforbillingpurposesandsupportloadbalancingandothermonitoringfunctionsthroughpeertopeerprotocolsthatpreservetheconsumersprivacy.

    CurrentApproaches

    BasedonthesecurityguidelinesspecifiedbytheNISTandotherstandardsbodies,bothindustryandacademiahavemadeeffortstoaddressthechallengingsecurityissuesinsmartgridmeteringandcontrolsystemsbyemployingvariouscryptographictechniques.Here,wegiveanoverviewofseveralexistingcybersecuritysolutionsproposedbyindustryandacademiaforsmartgridcommunications.

    Cybersecuritysolutionsfromindustry

    In2007alargestakeholdercommunitywasassembledbytheZigBeeAlliancetoaddressthesecurityissuesinthesmartgridthiscommunitydevelopedwhatisknownastheZigBeeSmartEnergyProfile(SEP).TheZigBeeSEPhasbeenwidelyadoptedasthecommunicationinfrastructureinhomeareanetworks.Regardingtothesecurity,theZigBeeSEPspecifiesthateachsmartmetershouldbeequippedwithanEllipticCurveQuVanstone(ECQV)implicitcertificatebeforedeployment.TheECQVcertificateismuchsmallerthanatraditionalX.509certificate,anditbindsametersMACaddressandmanufactureidentifiertoanECCkeypair.AlthoughtheECQVcertificateissuancehasbeenaddressed(Certicom),thecertificaterenewalandrevocationprocessesarenotdefinedintheZigBeeSEP.

    Forsupervisorycontrolanddataacquisition(SCADA)systems,NIST(2010)suggestsAES,SHA1,andRSA,andIEC62351specifiesRSA1024.However,itisnowknownthatRSAisapoorchoiceforSCADAnetworksbecauseofthehighcomputationcostofRSAencryptionandthelimitedcomputingpowerofSCADAdevices.TheStandardsCouncilofCanadaandtheEuropeanUnionalsodefinecybersecurityrequirementsforsmartgrids,butdonotspecifyasuiteofcryptographicalgorithmstomeettherequirements,exceptthattheStandardsCouncilofCanadaspecifiesthatSHAbeusedasthesecurehashfunction.Itremainsanopenresearchproblemtofindasetofcryptographicalgorithmsthatprovidetherightcombinationofsecurityandimplementabilityforthesmartgridmeteringandcontrolsystem.

    Besidesindustryalliancesandstandardsbodies,thereareanumberofmanufacturersofsmartdevicesforSCADAnetworksandmetersforsmartgrids.Implementationdetailsforthesedevicesaregenerallyconsideredproprietaryinformation,butafewgeneralizationscanbemade.Thecryptographicalgorithmsareimplementedinsoftwareonalowpower16bitmicroprocessor.RSA1024orECC256/384isusedforpublickeyservices.SymmetrickeyservicesuseAES128orAES256.Somedevicesusespreadspectrummodulation.Mostsmartdevicemanufacturersimplementthesecurityservicesthemselves.Afewcompanieshaveahardwaresecuritymodule(HSM)orsimilarproductthatisindependentofaspecificsmartdevice.SafeNetsPKIHSMprovidespublickeycryptographywithRSA1024andECC256/384,andsymmetrickeycryptographywithAES256toperformattestation,keymanagement,encryption/decryption,andbilling.GEDigitalEnergymakesafamilyofwirelessrouterswithAES128designedtoconnecttosmartmetersandcontrollers.WithinCanada,TofinoSecuritysIndustrialSecuritySolutionisaserversidesoftwareprogramcombinedwithsecuritydevicesthatactaswiredaccesspointswithencryptionformetersandactuators.BentekSystemsSCADALinkSMX900isamodularwirelessremoteterminalunit/modemthatsupportsspreadspectrumcommunication,butdoesnotappeartohaveanyfacilitiesforencryption,authentication,etc.

    Cybersecuritysolutionsfromacademia

    Acriticalcomponentofsmartgridsecurityiskeymanagement,whichwillensuretheconfidentiality,authenticity,andintegrityofdevicesandcommunicationswithinthegrid.Mostpreviousresearchfocusedondesigningcryptographicprotocolstoprovidecertainsecurityfunctionalities.

    Efficientimplementationsofencryptionschemesareessentialforprovidingconfidentialityinasmartgrid.Anexperimentalstudyabouttheperformanceofasymmetrickeycipher(i.e.,DESCBC)andapublickeycipher(i.e.,RSA)onanintelligentelectronicdevice(IED)calledTS7250hasbeenconducted(WangandLu,2013),wheretheIEDisusedforsendingthetransformerstatusandreceivingcommandsfromthecontrolcentre.TheseexperimentalresultsshowthatthecomputationalabilityofanIEDbecomesabottleneckforthedelayperformancewhenperformingasymmetrickeycryptography.TheseauthorsalsosuggestedthatasymmetrickeyapproachismoresuitableforrealtimeIEDcommunicationsinpowerdistributionandtransmissionsystems.

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 5/7

    Authenticationiscrucialtoprotecttheintegrityofdataanddevicesinthesmartgrid.Duetothelimitedcomputationalcapabilitiesofdevices,stringenttimingrequirements,andhighdatasamplingratesinthesmartgrid,traditionalauthenticationschemesmightnotbeapplicable.Moreover,besidessupportingbasicdataanddeviceauthentication,multicastauthenticationisanotherdesirablefeatureduetothemulticastnatureofthesmartgridcommunication.Anumberofauthenticationschemeshavebeenproposedintheliteratureforsmartgrids.SzilagyiandKoopman(2009and2010)proposedflexibleandlowcostmulticastauthenticationschemesforembeddedcontrolsystems.Thebasicideaistoverifytruncatedmessageauthenticationcodes(MACs)acrossmultiplepackets,therebyachievingagoodtradeoffamongauthenticationcost,delayperformance,andtolerancetoattacks.Wangandcolleagues(2009)proposedafastmulticastauthenticationschemefortimecriticalmessagesinthesmartgrid.Theirschemeisbasedonanefficientvariantofaonetimesignature(OTS)scheme.Althoughtheproposedschemeisefficientintermsofcomputation,thepublickeysizeinanOTSbasedschemeisquitelarge(i.e.,ontheorderof10KB).Hence,bothcommunicationandstorageoverheadaresignificantinthiscase.Luandcolleagues(2012)conductedanempiricalstudyforafewdataoriginauthenticationschemesinsubstationautomationsystems(SAS).TheseauthorscomparedtheperformanceofRSA,MAC,andOTSonasmallscaleSASprototypeandconcludedthattheexistingauthenticationschemescannotbeapplieddirectlyintotheSASduetoinsufficientperformanceconsiderationsinresponsetoapplicationconstraints.

    Theheterogeneouscommunicationarchitectureofthesmartgridhasmadethekeymanagementparticularlychallenging,anditisnotpracticaltodesignauniversalkeymanagementschemefortheentiresmartgrid.Thesimplestwayistouseasinglekeysharedbyallthemetersinthesmartgrid.However,thissolutionwillcausethesinglepointoffailureduetothelackofatamperproofmoduleinsmartmeters.Beaverandcolleagues(2002)proposedanelementarykeyestablishmentschemecalledSKEforSCADAsystems.Whereasthemasterslavecommunicationsaresecuredbysymmetrickeyschemes,thepeertopeercommunicationsareprotectedbypublickeyschemes.However,theschemeproposedbytheseauthorsdoesnotsupportefficientmulticastandbroadcastauthenticationinthesmartgrid.Dawsonandcolleagues(2006)proposedSKMA,akeymanagementschemeforSCADAsystems.Theseauthorsintroducedakeydistributioncentre(KDC)andeachnodemaintainstwotypesoflongtermkeys:nodetoKDCandnodetonode.AsessionkeyinSKMAisgeneratedusingthenodetonodekey.Unfortunately,SKMAdoesnotconsiderissuesofmulticast,

    keyupdate,andrevocation.ChoiandcolleaguesdescribedASKMA(2009)andASKMA+(2010)forkeymanagementinSCADAsystems,respectively.Bothschemesaredesignedbasedontheusageofalogicalkeyhierarchy(LKH),whichisabletoachieveefficientkeymanagementamongallnodes.Inparticular,ASKMAsupportsbothmulticastandbroadcastauthenticationandtheperformancehas

    beenfurtherimprovedinASKMA+.

    Althoughmanyencryption,authentication,andkeymanagementschemeshavebeenproposed,theirperformancedoesnotseemtofulfillthestringenttimingrequirementsofthesmartgrid.Therefore,finegrainedandadvancedsecurityprotocolsstillneedtobedevelopedforprotectingdifferentcommunicationnetworksinsmartgrids.

    Inasmartgrid,theutilitycompanyneedstherealtimepowerconsumptiondataforplanningpurposesaswellasforprovidingaccurateandauthenticbilling.Fortheutilitycompany,thecorrectnessofthecalculatedbillsisthemostimportantissue.However,fromthecustomersperspective,privacyisthemainconcern.Researchershavedesignedprivacypreservingbillingprotocolsusingadvancedcryptographictechniquessuchaszeroknowledgeproofandhomomorphicencryption.Bohilandcolleagues(2010)proposedaprivacymodelforsmartmetering,inwhichatrustedthirdpartyproxyisintroducedtocollectmeterreadingsfromindividualcustomersandaggregatedatabeforeforwardingittotheutilitycompany.Lateron,GarciaandJacobs(2012)proposedtheuseofhomomorphicencryptiontopreventtheutilitycompanyfromaccessingthepowerconsumptiondataofindividualhouseholds.Usingthoseadvancedcryptographictechniques,utilitycompaniesonlyreceivethecommitmentsoftherealtimepowerconsumptioninsteadoftherawdatafromsmartmeters,andcustomerscanprovetotheutilitycompanythatautilitybillhasbeencorrectlygenerated.

    Besidesresearchintoaddressinggeneralprivacyconcernsforthesmartgrid,anumberofresearchershavebeenfocusingondesigningandimplementingprivacypreservingbillingprotocols.Rialandcolleagues(2011)proposedaprivacypreservingbillingprotocolinwhichthepowerconsumptiondataissenttotheuseralongwithotherinformationfromthesmartmeter,andtheusercomputesthebillbasedonthepricingpolicyduringeachbillingperiod.Afterthat,theusersendstheproofofcorrectcomputationtotheutilitycompany,whereahomomorphiccommitmentschemehasbeenusedtoconstructtheproof.Kursaweandcolleagues(2011)presentedasetofprotocolsthatcanbeusedtoprivatelycomputeaggregatemetermeasurementsoverdefinedsetsofmeterswithoutrevealinganyadditionalinformationabouttheindividualmeterreadings.Moreover,theirprotocolsalsoallowfordetectionoffraudandleakageaswellasnetworkmanagementandstatisticalprocessingofmetermeasurements.MolinaMarkhamandcolleagues(2012)implementedtheprivacypreservingbillingprotocolproposedbyRialonaMSP430basedmicrocontrollerandverifiedthefeasibilityofdesigningprivacypreservingsmartmetersusinglowcostmicrocontrollers.

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 6/7

    FutureOutlook

    Thesmartgridmeteringandcontrolsystemconsistsofheterogeneouswiredandwirelessnetworksanddevicesfromvariousdomains.Eachsubsysteminthesmartgridcurrentlyfollowsthedifferentstandardsandregulationsandhasdistinctsecurityrequirements.Inparticular,thesmartgridfacesuniquechallengesstemmingfromthecombinationofstringentsecurityrequirements,limitedcomputationalresources,timecriticalmessagedeliveryandresponses,andtheuseofheterogeneousnetworkswithmultipleauthenticationandprotectionmechanisms.Althoughalotofeffortshavebeenmadebyindustryandacademiatoaddressawiderangeofsecurityissuesinthesmartgrid,therearestillmanychallengesthatneedtobetackledbeforesmartgridscanbewidelydeployed.Fromtheviewpointofcryptographictechnique,wehighlightseveralresearchareasanddirectionsthatneedtobefurtherinvestigated.

    Alightweightciphersuiteforsmartgriddevices

    Thetightcostandresourceconstraintsinherentinmassdeploymentsofsmartgriddevicesbringforwardimpendingrequirementsforimplementingalightweightciphersuitethatcanperformstrongauthenticationandencryption,andprovideothersecurityfunctionalities.Previousresearchhasshownthatusingclassicalcryptographicalgorithmsthataredesignedforfullfledgedcomputershasbecomethebottleneckinmanysmartgridapplications.Inordertomeetthestringenttimerequirementsinasmartgrid,itishighlydesirabletostandardizeasetoflightweightsymmetrickeyandasymmetrickeyciphersforsecuringsmartgridapplications.

    Advancedkeymanagementforsmartgridnetworks

    Encryptionandauthenticationarecrucialcryptographicprocessesinasmartgrid,becausetheyprotectdataintegrityandconfidentiality,andanefficientkeymanagementschemeisthefoundationthatensuresthesecureoperationofasmartgrid.Becauseasmartgridiscomposedofheterogeneouscommunicationnetworksandinvolvessymmetrickeyandasymmetrickeycryptosystems,alargesetofcryptographickeysneedtobemanagedinanefficientmanner.Asophisticatedkeymanagementframeworkneedstobedesignedtodealwithsecurityservicesaswellastheseamlesshandoverofthoseservicesacrossdifferentsubsystemsinthesmartgrid.

    Privacypreservingoperationsinsmartgridnetworks

    Smartgridcommunicationshaveraisedseriousconcernsaboutuserprivacyduetothepossibilityofinferringcustomersbehaviourandhabitsfromthedetailedenergyusageinformation,whichcanleadtopotentialrisksthatconsumerswouldbevulnerabletocriminalactivitiesandpersonalinformationleakage.Advancedprivacypreservingsecurityschemesneedtobedevelopedandintegratedintosmartgridnetworkstoenableutilitycompaniestoperformtheregularbusinessoperationssuchascustomerbillingonlyusingaggregatedpowerconsumptioninformation.Therealtimepowerconsumptiondatashouldonlybeaccessiblebyindividualcustomers.

    Conclusion

    Smartgridmeteringandcontrolsystemsholdenormouspromiseforimprovingefficiency,convenience,andsustainability.However,thecomplicatedandheterogeneoussystemarchitecturehasmadesecuringthesmartgridparticularlychallenging.Cybersecurityinthesmartgridmeteringandcontrolsystemisanimportantandrapidlyevolvingareathathasattractedattentionfromgovernment,industry,andacademia.Inthisarticle,weintroducedthehighlevelarchitectureofasmartgridmeteringandcontrolsystem,detailedthesystem'ssecurityrequirements,summarizedtherecenteffortsfromindustryandacademia,andhighlightedseveralareasanddirectionsforfurtherresearch.Ourobjectiveistoshedsomelightoncybersecurityinthesmartgridandtotriggertheclosecollaborationsamonggovernment,industry,andacademia.

    Basedonourdiscussioninthisarticle,itisclearthatimplementinganintegratedandfinegrainedsecuritysolutionthatisabletoaddresspotentialsecurityandprivacyissuesineachsubsystemofasmartgridiscriticaltoguaranteeitssuccessfuldeployment.Moreover,thedesignofsecuritysolutionsshouldtakeintoaccountthesalientfeaturesofthesmartgridaswellastheunderlyingpowersystem.Lookingtothefuture,thejointeffortsfromindustryandacademiawillmaketheeraofsmartenergybecomerealityatastaggeringspeed.

    Sharethisarticle:

    Citethisarticle:BibTex RTF Tagged MARC XML RIS

    RateThisContent:

    Novoteshavebeencastyet.Haveyoursay!

    0 1 0googleplus 3 1

  • 6/22/2015 SecurityChallengesinSmartGridMeteringandControlSystems|TIMReview

    http://timreview.ca/article/702 7/7

    CopyrightTalentFirstNetwork20072015ISSN:19270321FormerlytheOpenSourceBusinessResourceTheTechnologyInnovationManagementReviewispublishedunderaCreativeCommonsAttribution3.0UnportedLicense.Authorsretainfullcopyrighttotheirindividualworks.

    Topic:ManagingInnovation TechnologyEntrepreneurship

    Moreinformationabouttextformats

    Keywords:authentication,cybersecurity,encryption,privacy,smartgrid

    AddnewcommentYourname

    Subject

    Comment*

    NoHTMLtagsallowed.Webpageaddressesandemailaddressesturnintolinksautomatically.Linesandparagraphsbreakautomatically.

    Save Preview


Probability Review.pdf

Probability Review.pdf

Documents
slb review.pdf

slb review.pdf

Documents
H3550_files/Emotions Review.pdf

H3550_files/Emotions Review.pdf

Documents
Prepayment Metering in Bangladesh - Global … · 2016-10-05 · Prepayment Metering in Bangladesh How to Improve Electricity ... CONTACTS CASE AUTHOR: Tim-Patrick Meyer ... considerably

Prepayment Metering in Bangladesh - Global … · 2016-10-05 · Prepayment Metering in Bangladesh How to Improve Electricity ... CONTACTS CASE AUTHOR: Tim-Patrick Meyer ... considerably

Documents
LDL Annual Review.pdf

LDL Annual Review.pdf

Documents
11_literature review.pdf

11_literature review.pdf

Documents
Intel I5_760 review.pdf

Intel I5_760 review.pdf

Documents
Book Review.pdf

Book Review.pdf

Documents
Exam 2 Review.pdf

Exam 2 Review.pdf

Documents
CICLI INVERSI REVIEW.pdf

CICLI INVERSI REVIEW.pdf

Documents
Atlas Review.pdf

Atlas Review.pdf

Documents
Advance Algebra Review.pdf

Advance Algebra Review.pdf

Documents
Virtual Flow Metering principle Metering Maintenance and ...€¦ · 2 Virtual flow metering vs «physical metering» Single phase flow metering Multiphase flow metering DP 0.4 m

Virtual Flow Metering principle Metering Maintenance and ...€¦ · 2 Virtual flow metering vs «physical metering» Single phase flow metering Multiphase flow metering DP 0.4 m

Documents
Unit 0 Review.pdf

Unit 0 Review.pdf

Documents
2015bec review.pdf

2015bec review.pdf

Documents
pigmented lesions review.pdf

pigmented lesions review.pdf

Documents
Litreture Review.pdf

Litreture Review.pdf

Documents
Physics GRE review.pdf

Physics GRE review.pdf

Documents
nbde pathology review.pdf

nbde pathology review.pdf

Documents
Karamoja A literature review.pdf

Karamoja A literature review.pdf

Documents
Interconnection of Distributed Generation and Net-Metering in MA Tim Roughan National Grid

Interconnection of Distributed Generation and Net-Metering in MA Tim Roughan National Grid

Documents
Nanoparticles Review.pdf

Nanoparticles Review.pdf

Documents
Series 56 Review.pdf

Series 56 Review.pdf

Documents
Abhimanyu Full Paper review.pdf

Abhimanyu Full Paper review.pdf

Documents
temporal bone fracture review.pdf

temporal bone fracture review.pdf

Documents
Gemini review.pdf

Gemini review.pdf

Documents
Constitutional Law Review.pdf

Constitutional Law Review.pdf

Documents
mpds review.pdf

mpds review.pdf

Documents
CICLESONIDE REVIEW.pdf

CICLESONIDE REVIEW.pdf

Documents
Metering pumps, components and metering systems 2016share.prominent.com/Product-Catalogues/Product-Catalogues/Metering... · Metering Pumps, Components and Metering Systems ... Suction

Metering pumps, components and metering systems 2016share.prominent.com/Product-Catalogues/Product-Catalogues/Metering... · Metering Pumps, Components and Metering Systems ... Suction

Documents