18 research outputs found
Key Management Systems for Smart Grid Advanced Metering Infrastructure: A Survey
Smart Grids are evolving as the next generation power systems that involve
changes in the traditional ways of generation, transmission and distribution of
power. Advanced Metering Infrastructure (AMI) is one of the key components in
smart grids. An AMI comprises of systems and networks, that collects and
analyzes data received from smart meters. In addition, AMI also provides
intelligent management of various power-related applications and services based
on the data collected from smart meters. Thus, AMI plays a significant role in
the smooth functioning of smart grids.
AMI is a privileged target for security attacks as it is made up of systems
that are highly vulnerable to such attacks. Providing security to AMI is
necessary as adversaries can cause potential damage against infrastructures and
privacy in smart grid. One of the most effective and challenging topic's
identified, is the Key Management System (KMS), for sustaining the security
concerns in AMI. Therefore, KMS seeks to be a promising research area for
future development of AMI. This survey work highlights the key security issues
of advanced metering infrastructures and focuses on how key management
techniques can be utilized for safeguarding AMI. First of all, we explore the
main features of advanced metering infrastructures and identify the
relationship between smart grid and AMI. Then, we introduce the security issues
and challenges of AMI. We also provide a classification of the existing works
in literature that deal with secure key management system in AMI. Finally, we
identify possible future research directions of KMS in AMI
Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues
Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks
Proposal and evaluation of authentication protocols for Smart Grid networks
Dissertação (mestrado)—Universidade de Brasília, Faculdade de Tecnologia, Departamento de Engenharia Elétrica, 2018.Uma rede Smart Grid (ou rede elétrica inteligente) representa a evolução das redes elétricas tradicionais, tornada possível graças à integração das tecnologias da informação e das comunicações com a infraestrutura elétrica. Esta integração propicia o surgimento de novos serviços, tornando a rede elétrica mais eficiente, gerando também novos desafios a serem atendidos, dentre eles a segurança do sistema. A rede SG deve garantir a confiabilidade, a integridade e a privacidade dos dados armazenados ou em transito pelo sistema, o que leva à necessidade de autenticação e controle de acesso, obrigando a todo usuário ou dispositivo a se autenticar e a realizar somente operações autorizadas. A autenticação de usuários e dispositivos é um processo muito importante para a rede SG, e os protocolos usados para esse fim devem ser capazes de proteção contra possiveis ataques (por exemplo, Man-in-the-Middle - MITM, repetição, Denegação de Serviço - DoS). Por outro lado, a autorização é tratada em conjunto com a autenticação e relacionada com as politicas de controle de acesso do sistema. Uma parte essencial para criar os protocolos de autenticação seguros envolve os esquemas de ciframento. O uso de um ou a combinação de vários esquemas afeta diretamente o desempenho do protocolo. Cada dia novos esquemas são propostos, e seu emprego nos protocolos de autenticação melhora o desempenho do sistema em comparação aos protocolos já propostos no mesmo cenário. Neste trabalho são propostos 3 (três) protocolos de autenticação seguros e de custo adequado para os cenários descritos a seguir: - Autenticação dos empregados das empresas de fornecimento de energia que procuram acesso ao sistema de forma remota; - Autenticação de Smart Meters numa Infraestrutura de medição avançada (AMI, do inglês Advanced Metering Infrastructure) baseada em nuvem computacional; e - Autenticação de veículos elétricos em uma rede V2G (do inglês, Vehicle-to-Grid). Cada um dos cenários tem caraterísticas particulares que são refletidas no projeto dos protocolos propostos. Além disso, todos os protocolos propostos neste trabalho garantem a autenticação mutua entre todas as entidades e a proteção da privacidade, confidencialidade e integridade dos dados do sistema. Uma comparação dos custos de comunicação e computação é apresentada entre os protocolos propostos neste trabalho e protocolos desenvolvidos por outros autores para cada um dos cenários. Os resultados das comparações mostram que os protocolos propostos neste trabalho têm, na maioria dos casos, o melhor desempenho computacional e de comunicações, sendo assim uma ótima escolha para a sua implementação nas redes SG. A validação formal dos protocolos propostos por meio da ferramenta AVISPA é realizada, permitindo verificar o atendimento a requisitos de segurança.Coordenação de Aperfeiçoamento de Pessoal de Nível Superior (CAPES).A Smart Grid network (or inteligent electrical network) represents the evolution of
traditional electrical networks, made possible due to the integration of information and
communication technologies with the electrical power grid. This integration generates new
services and improves the efficiency of the electrical power grid, while new challenges appear
and must be solved, including the security of the system.
The SG network must assure reliability, integrity and privacy of the data stored or in trnsit in the
system, leading to the need for authentication and access control, thus all users and devices
must authenticate and accomplish only authorized operations.
The authentication of users and devices is a very important process for the SG network, and the
protocols used for this task must be able to protect against possible attacks (for example, Man-
in-the-Middle - MITM, repetição, Denegação de Serviço – DoS). On the other hand,
authorization is treated jointly with authentication and related to policies of access control to the
system.
An essential part of creating secure authentication protocols involves encryption schemes. The
use of one or the combination of several schemes directly affects protocol performance. Each
day new schemas are proposed, and their utilization in the authentication protocols improves
the performance of the system compared to the protocols already proposed in the same
scenario.
In this work 3 (three) secure and cost-effective authentication protocols are proposed, for the
following scenarios:
- Authentication of employees of energy suply enterprises, looking for remote or local access to
the system;
- Authentication of Smart Meters in an Advanced Metering Infrastructure based on cloud
computing; and
- Authentication of electrical vehicles in a V2G (“Vehicle-to-Grid”) network.
Each scenario has specific characteristics, that are reflected on the design of the proposed
protocols. Moreover, such protocols assure mutual authentication among entities as well as the
protection of privacy, confidentiality and integrity of system data.
A comparison considering communication and computing costs is presented, involving
proposed protocols and other previously published protocols, for each scenario. The results
show that the proposed protocols have, in most cases, the best performance, thus constituting
good choices for future implementation in SG networks.
The formal validation of the proposed protocols by the use of AVISPA tool is realized, allowing
to verify the compliance with security requirements
A Survey on Modality Characteristics, Performance Evaluation Metrics, and Security for Traditional and Wearable Biometric Systems
Biometric research is directed increasingly towards Wearable Biometric Systems (WBS) for user authentication and identification. However, prior to engaging in WBS research, how their operational dynamics and design considerations differ from those of Traditional Biometric Systems (TBS) must be understood. While the current literature is cognizant of those differences, there is no effective work that summarizes the factors where TBS and WBS differ, namely, their modality characteristics, performance, security and privacy. To bridge the gap, this paper accordingly reviews and compares the key characteristics of modalities, contrasts the metrics used to evaluate system performance, and highlights the divergence in critical vulnerabilities, attacks and defenses for TBS and WBS. It further discusses how these factors affect the design considerations for WBS, the open challenges and future directions of research in these areas. In doing so, the paper provides a big-picture overview of the important avenues of challenges and potential solutions that researchers entering the field should be aware of. Hence, this survey aims to be a starting point for researchers in comprehending the fundamental differences between TBS and WBS before understanding the core challenges associated with WBS and its design