Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Challenges for Customer Domain in the Smart Grid

Published byAlfred Barton Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Challenges for Customer Domain in the Smart Grid"— Presentation transcript:

1 Security Challenges for Customer Domain in the Smart Grid
Oct 17, 2011 Myongji University Sugwon Hong APAP 2011, Special Session: Smart Grid, Beijing

2 Question As AMI is getting interest, security for AMI also have been studied, especially by the UCA AMI-SEC task force. I am not going to put a list of security threats and requirements here. I want to try to find answers to the following question: “while many network services have confronted similar security challenges and overcome most of them, are there any new security challenges in the AMI service? If any, what will they be?”

3 It’s a typical network of networks
utility operation center AMI network AMI headend data concentrator NAN LAN WAN/MAN NAN servers NAN data concentrator HAN home gateway

4 How about HAN? Utility-controllable or EMS-controllable
Self-controllable logical entity managing all devices Registered devices Non-registered devices home gateway EMS IHD EVSE PEV AMI meter Which network technology will be used? Smart meter EUMD DER

5 Information flows, looks familiar
Over this network, there will be two-way information flows for operation, management, and business. Some typical ones are: Registration/authentication information Demand/response information Energy usage information Load control information Outage information etc. New information flows may be added depending on applications (services).

6 Example: load control information flow
HAN gateway non-reg HAN device registered HAN device AMI headend EMS LMS load control command ACK load control ACK report load control command report

7 Security Requirements and measures
confidentiality Only authorized users should read data and commands integrity Data and commands should be unchanged and replayed authentication Users or devices should verify who they are availability Data should be accessed when they are needed authorization Users/devices should have authority to access data/command Non-repudiation Users can not deny their actions later Many defensive tools and strategies are available. The question is: Are they effective enough? Smart grid is entering the roads that other predecessor paved already. We can learn a lot of lessons from the financial services in the banking system.

8 One “worry” Can any intruder who is riding on the customer’s network penetrate the power distribution system? Can the intruder cause widespread damage to power distribution? There are two contact points between two planes: information flow plane and power distribution plane. Can we design the system so that any abnormal impact is limited to a single household, or a small group of households.

9 Two overlay planes Keep the distribution system isolated as possible as you can Don’t be distracted by any fancy buzzword. Identify all access points where possible problems happen. Design to minimize impact caused by unwanted activities. control center c D/R info flow plane c substation power distribution plane Two contact points: - AMI headend - HAN gateway (smart meter)

10 A real “headache” Some HAN devices may be located at unmanned, unprotected, insecure places. Not to mention physical theft and damage, attackers can access firmware data and read stored data, especially recover crypto keys. With the keys they may understand control messages to devices. At worst they can impersonate authorized users to penetrate the grid. So, the minimum requirement is any physical intrusion to devices should be detectable at least, dispatching warning signals to control nodes.

11 Smart devices Devices should be smart enough
tamper proof, secure firmware storage, keys, firmware upgrading, intelligent to have monitoring and detection capabilities, security functions: encrypt/decrypt, authentication, authorization, accounting secure communication on top of the basic power-related functions And devices may have limited computing power. And devices should be cost effective. All these requirements come down to the more important task: how to implement.

12 Privacy, does it really matter?
The concern is that energy usage pattern is revealed and may be used in unauthorized ways. But face up to the world we live where we are willing to agree to reveal much more precious private information to the other party we trust. Here is how the private data is used: the data is used for the sole purpose of delivering energy to households, billing, and servicing of that kind. Other than this purpose, the data should not be allowed to use without any consent of users concerned.

13 Summary “while many network services have confronted similar security challenges and overcome most of them, are there any new security challenges in this service. If any, what will they be?” Not really. All hands on deck. Many defensive tools and strategies. We can learn lessons from other network services where security is so concerned.

14 Don’t make a big deal out of privacy issue.
We worry about any chance of penetrating the power transmission/distribution system due to the deployment of customer service networks. Identify access points. Preparing for the worst case, we design the system to mitigate impact. We need to pay attention to the fact that some devices may be located at unmanned, unprotected places. In reality, the more important task is not what to protect and how to protect, but how to implement. Don’t make a big deal out of privacy issue.

Download ppt "Security Challenges for Customer Domain in the Smart Grid"

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
NAESB Smart Grid Task Force PAP 03 Update Robert B. Burke – NAESB Task Force Co-Chair Jim Northey.

NAESB Smart Grid Task Force PAP 03 Update Robert B. Burke – NAESB Task Force Co-Chair Jim Northey.
World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI 2010. All rights reserved ETSI Smart Grid workshop, June 14th 2010.

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI All rights reserved ETSI Smart Grid workshop, June 14th 2010.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
UCAIug HAN SRS v2.0 Summary August 12, 2010. 2 Scope of HAN SRS in the NIST conceptual model.

UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.
David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.
1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.

1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.
Home Area Networks …Expect More Mohan Wanchoo Jasmine Systems, Inc.

Home Area Networks …Expect More Mohan Wanchoo Jasmine Systems, Inc.
Vendor Briefing May 26, 2006 AMI Overview & Communications TCM.

Vendor Briefing May 26, 2006 AMI Overview & Communications TCM.
ANALYTICS: BRINGING VALUE TO THE UTILITIES IN MITIGATING ENERGY LOSSES José-Manuel LOPEZ Istanbul, May 9, 2014.

ANALYTICS: BRINGING VALUE TO THE UTILITIES IN MITIGATING ENERGY LOSSES José-Manuel LOPEZ Istanbul, May 9, 2014.
Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland

Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.

Copyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin CHAPTER FOUR ETHICS AND INFORMATION SECURITY: MIS BUSINESS CONCERNS.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.

Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Security Policy Implementation Strategies for Common Carrier Monitoring Service Providers Short Position Paper for IEEE POLICY 2009 Carl A. Gunter University.

Security Policy Implementation Strategies for Common Carrier Monitoring Service Providers Short Position Paper for IEEE POLICY 2009 Carl A. Gunter University.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Smart Grid Mark Dudzinski August 25, 2009. What it is Why $15MM/yr** 58K tons of CO2 reduction Res consumer savings up to 10% Utility Value Example* *Utility.

Smart Grid Mark Dudzinski August 25, What it is Why $15MM/yr** 58K tons of CO2 reduction Res consumer savings up to 10% Utility Value Example* *Utility.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

Similar presentations

Ads by Google