A Survey on Cryptography Key Management Schemes for Smart Grid

A Smart grid is a modern electricity delivery system. It is an integration of energy systems and other necessary elements including traditional upgrades and new grid technologies with renewable generation and increased consumer storage. It uses information and communication technology (ICT) to operate, monitor and control data between the generation source and the end user. Smart grids have duplex power flow and communication to achieve high efficiency, reliability, environmental, economics, security and safety standards. However, along with unique facilities, smart grids face security challenges such as access control, connectivity, fault tolerance, privacy, and other security issues. Cyber-attacks, in the recent past, on critical infrastructure including smart grids have highlighted security as a major requirement for smart grids. Therefore, cryptography and key management are necessary for smart grids to become secure and realizable. Key management schemes are processes of key organizational frameworks, distribution, generation, refresh and key storage policies. Currently, several secure schemes, related to key management for smart grid have been proposed to achieve end-to-end secure communication. This paper presents a comprehensive survey and discussion on the current state of the key management of smart grids

Implementation of Secure DNP3 Architecture of SCADA System for Smart Grids

With the recent advances in the power grid system connecting to the internet, data sharing, and networking enables space for hackers to maliciously attack them based on their vulnerabilities. Vital stations in the smart grid are the generation, transmission, distribution, and customer substations are connected and controlled remotely by the network. Every substation is controlled by a Supervisory Control and Data Acquisition (SCADA) system which communicates on DNP3 protocol on Internet/IP which has many security vulnerabilities. This research will focus on Distributed Network Protocol (DNP3) communication which is used in the smart grid to communicate between the controller devices. We present the DNP3 SAv5 and design a secure architecture with Public Key Infrastructure (PKI) on Asymmetric key encryption using a Certificate Authority (CA). The testbed provides a design architecture between customer and distribution substation and illustrates the verification of the public certificate. We have added a layer of security by giving a password to a private key file to avoid physical tampering of the devices at the customer substations. The simulation results show that the secure communication on the TLS layer provides confidentiality, integrity, and availability

Zero-configuration identity-based signcryption scheme for Smart Grid

The success of future intelligent power deliver and transmission systems across the globe relies critically on the availability of a fast, scalable, and most importantly secure communication infrastructure between the energy producers and consumers. One major obstacle to ensure secure communication among various parties in a smart grid network hinges on the technical and implementation difficulties associated with key distribution in such large-scale network with often-time disinterested consumers. This paper proposes the use of an identity-based signcryption (IBS) system to provide a zero-configuration encryption and authentication solution for end-to-end secure communications. The suitability of employing such identity-based cryptosystems in the context of smart grids is studied from the perspective of security requirements, implementation overhead and ease of management. Using the design and implementation experience of our proposed system as an example, we illustrate that IBS is a viable solution to providing a secure and easy-to-deploy solution with close to zero user setup required.published_or_final_versionThe 1st IEEE International Conference on Smart Grid Communications (SmartGridComm 2010), Gaithersburg, MD., 4-6 October 2010. In Proceedings of the 1st SmartGridComm, 2010, p. 321-32

Two-Dimensional Key Table-Based Group Key Distribution in Advanced Metering Infrastructure

A smart grid provides two-way communication by using the information and communication technology. In order to establish two-way communication, the advanced metering infrastructure (AMI) is used in the smart grid as the core infrastructure. This infrastructure consists of smart meters, data collection units, maintenance data management systems, and so on. However, potential security problems of the AMI increase owing to the application of the public network. This is because the transmitted information is electricity consumption data for charging. Thus, in order to establish a secure connection to transmit electricity consumption data, encryption is necessary, for which key distribution is required. Further, a group key is more efficient than a pairwise key in the hierarchical structure of the AMI. Therefore, we propose a group key distribution scheme using a two-dimensional key table through the analysis result of the sensor network group key distribution scheme. The proposed scheme has three phases: group key predistribution, selection of group key generation element, and generation of group key

Key Management Systems for Smart Grid Advanced Metering Infrastructure: A Survey

Smart Grids are evolving as the next generation power systems that involve changes in the traditional ways of generation, transmission and distribution of power. Advanced Metering Infrastructure (AMI) is one of the key components in smart grids. An AMI comprises of systems and networks, that collects and analyzes data received from smart meters. In addition, AMI also provides intelligent management of various power-related applications and services based on the data collected from smart meters. Thus, AMI plays a significant role in the smooth functioning of smart grids. AMI is a privileged target for security attacks as it is made up of systems that are highly vulnerable to such attacks. Providing security to AMI is necessary as adversaries can cause potential damage against infrastructures and privacy in smart grid. One of the most effective and challenging topic's identified, is the Key Management System (KMS), for sustaining the security concerns in AMI. Therefore, KMS seeks to be a promising research area for future development of AMI. This survey work highlights the key security issues of advanced metering infrastructures and focuses on how key management techniques can be utilized for safeguarding AMI. First of all, we explore the main features of advanced metering infrastructures and identify the relationship between smart grid and AMI. Then, we introduce the security issues and challenges of AMI. We also provide a classification of the existing works in literature that deal with secure key management system in AMI. Finally, we identify possible future research directions of KMS in AMI

Information Theoretically Secure Enhanced Johnson Noise Based Key Distribution over the Smart Grid

The imperative need for unconditionally secure key exchange is caused by the increasing connectivity of networks and by the increasing number and level of sophistication of cyberattacks. Two concepts that are information theoretically secured are quantum key distribution (QKD) and Kirchhoff-Law-Johnson-Noise (KLJN). However, these concepts require a dedicated connection between hosts in peer-to-peer (P2P) networks which can be impractical and/or cost prohibitive. A practical and cost effective method is to have each host share their respective cable(s) with other hosts such that two remote hosts can realize a secure key exchange without the need of an additional cable or key exchanger. We introduce a protocol for linear chain networks with a reconfigurable filter system to create non-overlapping single loops in the smart power grid for the realization of the Kirchhoff-Law-Johnson-(like)-Noise secure key distribution system. The protocol is valid for one-dimensional daisy chain networks (chain-like power line) which are typical of the electric distribution network between the utility and the customer. The speed of the protocol (the number of steps needed) versus grid size is analyzed. When properly generalized, such a system has the potential to achieve unconditionally secure key distribution over the smart power grid of arbitrary geometrical dimensions. In this work we also analyze the cost complexities of cable, key exchangers, and time required in the star network. We mention the reliability of the star network and compare it with other network geometries. We also conceived a protocol and equation for the number of secure bit exchange periods needed in a star network. We then outline other network geometries and trade-off possibilities that seem interesting to explore. We also propose a new key exchange trust evaluation for peer-to-peer sensor networks, where part of the network has unconditionally secure key exchange. As the utilization of sensor networks continues to increase, the importance of security becomes more profound. Many industries depend on sensor networks for critical tasks, and a malicious entity can potentially cause catastrophic damage. For a given sensor, the higher the portion of channels with unconditionally secure key exchange, the higher the trust value. We give a brief introduction to unconditionally secured key exchange concepts and mention current trust measures in sensor networks. We demonstrate the new key exchange trust measure on a hypothetical sensor network using both wired and wireless communication channels

Design and Implementation of Distributed Identity and Access Management Framework for Internet of Things (IoT) Enabled Distribution Automation

The smart grid and Internet of Things (IoT) technologies play vital roles in improving the quality of services offered in traditional electrical grid. They open a room for the introduction of new services like distribution automation (DA) that has a significant advantage to both utility companies and final consumers. DA integrates sensors, actuators, intelligent electrical devices (IED) and information and communication technologies to monitor and control electrical grid. However, the integration of these technologies poses security threats to the electrical grid like Denial of Service (DoS) attacks, false data injection attacks, and masquerading attacks like system node impersonation that can transmit wrong readings, resulting in false alarm reports and hence leading to incorrect node actuation. To overcome these challenges, researchers have proposed a centralized public key infrastructure (PKI) with bridged certificate authority (CA) which is prone to DoS attacks. Moreover, the proposed blockchain based distributed identity and access management (DIAM) in IoT domain at the global scale is adding communicational and computational overheads. Also. It is imposing new security threats to the DA system by integrating it with online services like IoTEX and IoTA. For those reasons, this study proposes a DIAM security scheme to secure IoT-enabled distribution automation. The scheme divides areas into clusters and each cluster has a device registry and a registry controller. The registry controller is a command line tool to access and manage a device registry. The results show that the scheme can prevent impersonated and non-legitimate system nodes and users from accessing the system by imposing role-based access control (RBAC) at the cluster level. Keywords: Distributed Identity and Access Management; Electrical Secondary Distribution Network; Internet of Things; IoT Enabled Distribution Automation; Smart Grid Securit

A survey on cyber security for smart grid communications

A smart grid is a new form of electricity network with high fidelity power-flow control, self-healing, and energy reliability and energy security using digital communications and control technology. To upgrade an existing power grid into a smart grid, it requires significant dependence on intelligent and secure communication infrastructures. It requires security frameworks for distributed communications, pervasive computing and sensing technologies in smart grid. However, as many of the communication technologies currently recommended to use by a smart grid is vulnerable in cyber security, it could lead to unreliable system operations, causing unnecessary expenditure, even consequential disaster to both utilities and consumers. In this paper, we summarize the cyber security requirements and the possible vulnerabilities in smart grid communications and survey the current solutions on cyber security for smart grid communications. © 2012 IEEE