Cryptographic key management for Smart Power Grids - Embedded.com

Cryptographic key management for Smart Power Grids

The smart power grid promises to improve efficiency and reliability of power delivery. This report introduces the logical components, associated technologies, security protocols, and network designs that make up a typical smart grid system.

The descriptions of current key management techniques are delineated, highlighting their weaknesses. Finally some initial research directions are outlined.

Undermining the potential benefits are security threats, and those threats related to cyber security are described in this report. Concentrating on the design of the smart meter and its communication links, this report describes the ZigBee technology and implementation, and the communication between the smart meter and the collector node, with emphasis on security attributes.

It was observed that many of the secure features are based on keys that must be maintained; therefore, secure key management techniques become the basis to securing the entire grid.

In this report, we present an overview of approaches for managing encryption keys in the Advanced Metering Infrastructure (AMI) and main security issues. In what follows, we first present a high-level description of the organization of the AMI as this is crucial in order to understand the main requirements for key management.

We then present an overview of communication protocols and standards adopted or proposed for AMIs, followed by a discussion about security of smart meters and networks, including ZigBee.

We also discuss security threats and finally outline some initial research ideas. This analysis shows that a reoccurring and prominent source of the problems is key management, i.e., protecting and controlling access to the keys that underpin the encryption process.

The conventional approach to authenticate a device is to place a secret key in non-volatile memory inside the device and use cryptographic primitives such as digital signature. Unfortunately, such an approach suffers from a few drawbacks. An adversary may physically extract secret keys from non-volatile memory. Further, these cryptographic operations are too costly for resource constrained devices like smart meters. Therefore, AMI networks require a different approach to authenticate smart meters.

We propose to integrate a PUF (Physically Unclonable Function) device with each smart meter in order to implement a hardware-based, low cost and secure authentication mechanism. PUF devices derive secrets from complex characteristics of integrated circuits instead of storing the secrets in volatile memory.

As PUF relies on the random variation during the integrated circuit fabrication process, even two PUFs with the same layout result in two different secrets. Since PUF produces volatile secrets, it is extremely difficult to carry out invasive attacks such as extracting the key.

Further, different PUF devices produce unique secrets, it is very difficult to clone a PUF and launch spoofing attacks. PUF can be considered as a function that maps a set of challenges to a set of responses based on an intractably complex physical system.

To read this external content in full, download the technical paper from the author article archives at Purdue University

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.