1,829 research outputs found
Chameleon: a Blind Double Trapdoor Hash Function for Securing AMI Data Aggregation
Data aggregation is an integral part of Advanced Metering Infrastructure (AMI) deployment that is implemented by the concentrator. Data aggregation reduces the number of transmissions, thereby reducing communication costs and increasing the bandwidth utilization of AMI. However, the concentrator poses a great risk of being tampered with, leading to erroneous bills and possible consumer disputes. In this paper, we propose an end-to-end integrity protocol using elliptic curve based chameleon hashing to provide data integrity and authenticity. The concentrator generates and sends a chameleon hash value of the aggregated readings to the Meter Data Management System (MDMS) for verification, while the smart meter with the trapdoor key computes and sends a commitment value to the MDMS so that the resulting chameleon hash value calculated by the MDMS is equivalent to the previous hash value sent by the concentrator. By comparing the two hash values, the MDMS can validate the integrity and authenticity of the data sent by the concentrator. Compared with the discrete logarithm implementation, the ECC implementation reduces the computational cost of MDMS, concentrator and smart meter by approximately 36.8%, 80%, and 99% respectively. We also demonstrate the security soundness of our protocol through informal security analysis
A Practical Searchable Symmetric Encryption Scheme for Smart Grid Data
Outsourcing data storage to the remote cloud can be an economical solution to
enhance data management in the smart grid ecosystem. To protect the privacy of
data, the utility company may choose to encrypt the data before uploading them
to the cloud. However, while encryption provides confidentiality to data, it
also sacrifices the data owners' ability to query a special segment in their
data. Searchable symmetric encryption is a technology that enables users to
store documents in ciphertext form while keeping the functionality to search
keywords in the documents. However, most state-of-the-art SSE algorithms are
only focusing on general document storage, which may become unsuitable for
smart grid applications. In this paper, we propose a simple, practical SSE
scheme that aims to protect the privacy of data generated in the smart grid.
Our scheme achieves high space complexity with small information disclosure
that was acceptable for practical smart grid application. We also implement a
prototype over the statistical data of advanced meter infrastructure to show
the effectiveness of our approach
Gelişmiş Ölçüm Altyapısı İçin Güvenlik Uygulamaları
Elektrik tüketimi ölçüm araçları, manuel olarak ölçüm
yapılan analog sayaçlardan, elektrik tüketimi ile ilgili
bilgileri toplayan ve elektrik dağıtım firmalarına ileten yeni
akıllı sayaçlara doğru evrilmektedir. Sayaç verisinin
okunmasını sağlayan tek yönlü otomatik sayaç okuma
sistemlerinin (AMR) çıkışıyla sayaçlar akıllı şebeke
yatırımlarının önemli bir kısmını oluşturmuştur. Otomatik
sayaç okuma sistemleri ilk uygulamalar için cazip olmasına
rağmen, çözülmesi gereken önemli bir husus olan talep tarafı
yönetiminin AMR ile sağlanamadığı fark edilmiştir.
AMR teknolojisinin kabiliyetlerinin tek yönlü sayaç verisi
okuma ile sınırlı olması nedeniyle, sayaçlardan toplanan
veriler üzerinden düzeltici önlemler alınmasına ve tüketicinin
enerjiyi daha verimli akıllı kullanmasına yönelik özeliklere
izin vermemektedir. Gelişmiş Ölçüm Altyapısı (AMI) ise akıllı
sayaçlar ve dağıtım şirketleri arasında çift yönlü iletişim
kurarak dağıtım şirketlerine sayaçlar üzerindeki
parametreleri dinamik olarak değiştirme imkanı tanır. Bu
nedenle, bu çalışmada AMI güvenliği üzerine
odaklanılacaktır.
Akıllı sayaç sistemlerinin yaygınlaşması ile birlikte, güvenlik
bu sistemlerin gerekli ve kaçınılmaz bir ihtiyacı haline
gelmektedir. Diğer taraftan, AMI sadece akıllı sayaçların
fiziksel olarak dağıtımı manasına gelmemekte, ayrıca sayaç
verilerinin yönetimi için gerekli olan karmaşık bir iletişim ağı
ve bilgi teknolojileri altyapısını da içermektedir. Dolayısıyla
güvenlik çözümlerini ele alırken geniş bir perspektifle
yaklaşmak gerekmektedir. Bu nedenle de, sistemin kritik
varlıkları belirlenmeli, tehditler iyi analiz edilmeli ve daha
sonra güvenlik gereksinimleri iyi tanımlanmış olmalıdır.
Bu çalışma AMI sisteminin temel güvenlik gereksinimleri,
tehditlere karşı sistem kısıtlarını düşünerek olası çözümleri
üzerine, şu anki güvenlik çözümlerini de resmederek, genel
bir bakış sunmaktadır. Bu çalışmada, AMI sisteminin
güvenlik gereksinimleri analiz edilecek, kısıtlar belirlenecek
ve olası güvenlik tehditlerine karşı olası karşı önlemler
belirlenecektir.
Metering utilities have been replacing from analog meters
that are read manually with new, smart meters that gather
information about electricity consumption and transmit it
back to electric companies. The metering has been the
important part of the Smart Grid investments so far, with the
initial introduction of one-way automated meter reading
(AMR) systems to read meter data. Even though AMR
technology proved to be initially enticing, utility companies
have realized that AMR does not address demand-side
management which is the major issue they need to solve.
Since AMR’s capability is restricted to reading meter data
due to its one-way communication system, it does not let
utilities take corrective action based on the information
gathered from the meters and does not assist customers in
using energy intelligently. Advanced Metering Infrastructure
(AMI) creates a two-way communication network between
smart meters and utility systems and provides utilities the
ability to modify service-level parameters dynamically.
Therefore in this work we will also focus on AMI security
practices.
While smart metering systems are become widespread
security is going to be the one of its essential and inevitable
needs. On the other hand, AMI does not only mean the
physical deployment of smart meters, but it also includes
meter data management system which is a complicated
communication network and IT infrastructure. Hence a broad
perspective has to be adopted when security solutions are
considered. Therefore, assets of the system must be identified,
threats must be well analyzed and then security requirements
must be well defined.
This paper presents an overview on the main security
requirements of the AMI, on the threats possible solutions
considering the system constraints by picturing the current
security solutions. In this work, the security requirements for
AMI systems will be analyzed, constraints will be determined
and possible countermeasures against security threats will be
given
Security Challenges in Smart-Grid Metering and Control Systems
The smart grid is a next-generation power system that is increasingly attracting the attention of government, industry, and academia. It is an upgraded electricity network that depends on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems. Considering that energy utilities play an increasingly important role in our daily life, smart-grid technology introduces new security challenges that must be addressed. Deploying a smart grid without adequate security might result in serious consequences such as grid instability, utility fraud, and loss of user information and energy-consumption data. Due to the heterogeneous communication architecture of smart grids, it is quite a challenge to design sophisticated and robust security mechanisms that can be easily deployed to protect communications among different layers of the smart grid-infrastructure. In this article, we focus on the communication-security aspect of a smart-grid metering and control system from the perspective of cryptographic techniques, and we discuss different mechanisms to enhance cybersecurity of the emerging smart grid. We aim to provide a comprehensive vulnerability analysis as well as novel insights on the cybersecurity of a smart grid
- …