ebook img

Smart Grid Security: First International Workshop, SmartGridSec 2012, Berlin, Germany, December 3, 2012, Revised Selected Papers PDF

157 Pages·2013·6.375 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Smart Grid Security: First International Workshop, SmartGridSec 2012, Berlin, Germany, December 3, 2012, Revised Selected Papers

Jorge Cuellar (Ed.) 3 2 8 7 S Smart Grid Security C N L First International Workshop, SmartGridSec 2012 Berlin, Germany, December 2012 Revised Selected Papers 123 Lecture Notes in Computer Science 7823 CommencedPublicationin1973 FoundingandFormerSeriesEditors: GerhardGoos,JurisHartmanis,andJanvanLeeuwen EditorialBoard DavidHutchison LancasterUniversity,UK TakeoKanade CarnegieMellonUniversity,Pittsburgh,PA,USA JosefKittler UniversityofSurrey,Guildford,UK JonM.Kleinberg CornellUniversity,Ithaca,NY,USA AlfredKobsa UniversityofCalifornia,Irvine,CA,USA FriedemannMattern ETHZurich,Switzerland JohnC.Mitchell StanfordUniversity,CA,USA MoniNaor WeizmannInstituteofScience,Rehovot,Israel OscarNierstrasz UniversityofBern,Switzerland C.PanduRangan IndianInstituteofTechnology,Madras,India BernhardSteffen TUDortmundUniversity,Germany MadhuSudan MicrosoftResearch,Cambridge,MA,USA DemetriTerzopoulos UniversityofCalifornia,LosAngeles,CA,USA DougTygar UniversityofCalifornia,Berkeley,CA,USA GerhardWeikum MaxPlanckInstituteforInformatics,Saarbruecken,Germany Jorge Cuellar (Ed.) Smart Grid Security First International Workshop, SmartGridSec 2012 Berlin, Germany, December 3, 2012 Revised Selected Papers 1 3 VolumeEditor JorgeCuellar SiemensAG-CorporateTechnology Otto-Hahn-Ring6,81739München,Germany E-mail:[email protected] ISSN0302-9743 e-ISSN1611-3349 ISBN978-3-642-38029-7 e-ISBN978-3-642-38030-3 DOI10.1007/978-3-642-38030-3 SpringerHeidelbergDordrechtLondonNewYork LibraryofCongressControlNumber:2013936006 CRSubjectClassification(1998):K.6.4-5,K.4,C.2.4,D.4.7,H.2.7 LNCSSublibrary:SL4–SecurityandCryptology ©Springer-VerlagBerlinHeidelberg2013 Thisworkissubjecttocopyright.Allrightsarereserved,whetherthewholeorpartofthematerialis concerned,specificallytherightsoftranslation,reprinting,re-useofillustrations,recitation,broadcasting, reproductiononmicrofilmsorinanyotherway,andstorageindatabanks.Duplicationofthispublication orpartsthereofispermittedonlyundertheprovisionsoftheGermanCopyrightLawofSeptember9,1965, initscurrentversion,andpermissionforusemustalwaysbeobtainedfromSpringer.Violationsareliable toprosecutionundertheGermanCopyrightLaw. Theuseofgeneraldescriptivenames,registerednames,trademarks,etc.inthispublicationdoesnotimply, evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevantprotectivelaws andregulationsandthereforefreeforgeneraluse. Typesetting:Camera-readybyauthor,dataconversionbyScientificPublishingServices,Chennai,India Printedonacid-freepaper SpringerispartofSpringerScience+BusinessMedia(www.springer.com) Preface The engineering, deployment, and security of the future Smart Grid will be an enormous project that will require the consensus of many stakeholders with different views on security and privacy requirements, not to mention methods and solutions. Thefragmentationofresearchagendasandproposedapproachesorsolutions forsecuringthefutureSmartGridbecomesapparentwhenobservingtheresults from different projects, standards, committees, etc. in different countries. The different approaches and views of the papers in this collection also reflect this fragmentation. Thus there is a strong need for workshops that bring together researchers from different communities, from academia and industry alike, to discuss open researchtopics in the area of future Smart Grid security. This volume contains the papers presented at SmartGridSec 2012, the First Open EIT ICT Labs Workshop on Smart Grid Security, held on December 3, 2012, in the co-location center of EIT ICT Labs in Berlin. EIT ICT Labs is one of the Knowledge and Innovation Communities (KICs) set up by the European Institute of Innovation and Technology (EIT), as an initiativeoftheEuropeanUnion.EITICTLabsbringstogetherresearchersand practitioners to work across the “knowledge triangle” of education–research– innovation.EITICTLabs’partnersaretop-rankeduniversities,leadingresearch centers, and global companies in the field of ICT. BesidesBerlin,EITICTLabshasco-locationcentersinEindhoven,Helsinki, Paris, Stockholm, and Trento, and associate clusters in Budapest and London. The activities are based on selected innovation areas, called action lines, that address key societal issues in a number of selected areas. One of them, smart energy systems, is the action line that organized this workshop, SmartGridSec 2012,incollaborationwiththefundedresearchprojectNESSoS—theNetworkof ExcellenceonEngineeringSecureFutureInternetSoftwareServicesandSystems. NESSoS aims to establish Europe as the scientific leader in engineering se- curesoftwarebyaddressingthecurrentfragmentationofactivitiesacrossEurope through the establishment of the European joint virtual research lab on Engi- neering Secure Software Services, thus integrating the research, dissemination, and technology transfer activities of the leading researchers and practitioners in the area. The main motto behind NESSoS is the one of security-by-design, namely, that “prevention is better than cure.” Thus, in order to build secure systems,itisnecessarytouse,fromtheverybeginning,soundsecurityengineer- ingprocesses.TheNESSoSconsortiumisledbyCNR(ItalianNationalResearch Council)andconsistsof12partnersamongthekeyresearchandindustryplayers in Europe. VI Preface SmartGridSec2012includedinvitedpresentationsandpapersfromthesmart energy action line and from NESSoS, but it was also an open workshop to re- searchers from other communities. All papers were carefully peer-reviewed and the versions published here were corrected and extended for the purposes of these proceedings. The next SmartGridSec is planned as a co-loated workshop with ESSoS, at the Technical University of Munich, during the last week of February 2014,and will be co-organizedby EIT ICT Labs and NESSoS. WearegladtoacknowledgetheexcellentsupportfromEasyChairbothduring the review process as well as for preparing the proceedings. February 2013 Jorge Cuellar Table of Contents Invited Papers IT Security Architecture Approaches for Smart Metering and Smart Grid ........................................................... 1 David von Oheimb Smart Grid Information Exchange – Securing the Smart Grid from the Ground......................................................... 26 Steffen Fries, Rainer Falk, and Ariane Sutor A Tool Set for the Evaluation of Security and Reliability in Smart Grids........................................................... 45 Jo¨el Chinnow, Jakob Tonn, Karsten Bsufka, Thomas Konnerth, and Sahin Albayrak Regular Papers A Holistic View of Security and Privacy Issues in Smart Grids......... 58 Muhammad Rizwan Asghar and Daniele Miorandi Hardware Security for Device Authentication in the Smart Grid ....... 72 Andrew J. Paverd and Andrew P. Martin Maintaining Privacy in Data Rich Demand Response Applications ..... 85 Markus Karwe and Jens Stru¨ker Data Protection in a Cloud-Enabled Smart Grid ..................... 96 Alexander Fromm, Florian Kelbert, and Alexander Pretschner Formal Analysis of a Privacy-PreservingBilling Protocol.............. 108 Alessandro Armando, Roberto Carbone, and Alessio Merlo Privacy in Smart Metering Ecosystems ............................. 120 Peter Ebinger, Jos´e Luis Herna´ndez Ramos, Panayotis Kikiras, Mario Lischka, and Alexander Wiesmaier Energy@home Leveraging ZigBee to Enable Smart Grid in Residential Environment .................................................... 132 Andrea Ranalli and Claudio Borean Author Index.................................................. 151 IT Security Architecture Approaches for Smart Metering and Smart Grid David von Oheimb Siemens Corporate Technology, Munich,Germany [email protected] Abstract. The power grid is currently undergoing changes towards highlyvolatileandlocalizedenergyproductionandstorage,supportedby ITandcommunication components.SmartMetering isgoing toprovide fine-grainedmeasurementandautomaticremotereadingofconsumption and production amounts. It enables flexible tariffing and dynamic load optimization,ultimatelyaimingatcostandconsumptionreduction.The related securityrequirementsaremainly authenticity,integrity,andpri- vacyofmeteringdata.Evenmorechallengingisgrid automation,which iscriticalforthesafetyandavailabilityofthegrid.Theoverallsituation calls for an integrated security architecture that not only addresses all relevantsecuritythreatsbutalsosatisfiesfunctional,safety,performance, process integration, and economic side conditions. Inthisarticle,wesummarizeandevaluatetheITsecurityarchitecture andsecurityrequirementsprescribed bytheGerman BSIintheirSmart Meter Gateway Protection Profile and related documents. For instance, there are problems regarding the integration of the required security module and multicast communication. We contrast their requirements with alternatives offering better protection against sophisticated local attacks and with a much simpler approach to communication security, whichfocusesonthecoresecurityneedsofsmartmeteringandissuitable forgridautomationindistributionnetworksaswell.Weprovideaformal model and analysis of thelatter solution w.r.t. communication security. 1 Introduction 1.1 The Concept of Smart Grid The networks for supplying electricity and other commodities like gas and wa- ter are getting more and more dynamic, due to localized and volatile produc- tion (e.g., using solar power), possibly storage (e.g., in batteries of e-cars), and market-driven consumption. To cope with this situation, the so-called “smart grid” is being developed and deployed. This is a commodity network that dy- namically integrates the behavior and actions of all connected entities — both energy suppliers and consumers — in a non-trivial way. To this end, secure use of information and communication technology (ICT) components is crucial. A smart grid has two main functional aspects. J.Cuellar(Ed.):SmartGridSec2012,LNCS7823,pp.1–25,2013. (cid:2)c Springer-VerlagBerlinHeidelberg2013 2 D. von Oheimb Gridautomation is required to maintain the safety, availability, and perfor- mance of the grid. Already from the electrical engineering perspective, con- trolling and constantly stabilizing a large grid of many more and more dy- namic and non-linear components under strong real-time requirements is a hugeproblem.Ontheotherhand,majorcostreductionscanbeexpectedbe- cause in this way dynamic load peaks may be avoidedthat would otherwise requireverycostlyreinforcementsofexistingstaticallydimensioneddistribu- tionnetworks. Smartmetering isthe fine-grainedandflexiblereadingandautomaticreport- ing of consumption or production. Its main aim is to save energy and costs ininterplaywithmarketmechanismslikecommoditybrokerage,whileitcan alsobeusedtooptimizetheoverallloaddistributionandstabilityofthegrid. Yetsofaritisunclearwhethersmartmeteringwillactuallyleadtoanoverall costandconsumptionreductionandwhetheritwillbeaccepted(unlessunder legislativecoercion)bymorethanaminorityofprivateconsumers.[12] Smart metering and gridautomation may share partof the equipment installed at the sites of consumers and/or producers (referred to below as prosumers). For instance, metering gateways in households may in addition forward grid automation commands of the network operator, used for load switching and controllinglocal electricity production. Yet there are also advantagesof keeping the two grid aspects independent. Smart metering requires communication links between a vast number of dis- tributed prosumers within an area like a city or nation and one or more meter datamanagement (MDM)andbillingservices.Theentitiesinvolvedincludecen- tralheadendsystems(HES)collectingmeteringdatafromterminalnodes(TNs) locatedinpremisesofthe prosumers.Terminalnodes include smartmeters,and optionally also gateways and remotely controllable devices. So-called data con- centrators (DC) may be used to gather and forward information sent between the HES and the TNs. Communication may take place over all kinds of media, Fig.1. Smart Metering system overview ITSecurity ArchitectureApproaches for Smart Metering and Smart Grid 3 including low-bandwidth networks like power line communication (PLC), radio signal (GSM), or DSL. Figure 1 depicts the overall scenario. 1.2 Smart Grid Security Like in any other ICT system, smart metering and grid automation poses func- tionality,security,andreal-timerequirementsthatneedtobefulfilledholistically and in a technically and economically adequate way. Security threats include tampering of meter data in order to manipulate the outcome of billing, leakage of private information, in particular related to the lifestyle and monetary situ- ation of consumers, and the manipulation of grid control commands, which can threatenthewholegrid.Seeforinstance[11]foramoredetailedderivationofse- curityrequirements.Figure 2showsthelocalmetrological1network(LMN),home area network (HAN), and an optional gateway connecting them with the wide area network (WAN).Potentialattackpointscanbegroupedintolocal/physical access and remote access (i.e., over the Internet). Fig.2. Local networks including gateway with attack points Countermeasuresmustprotectthe overallflowofcommandsanddataamong the parties involved. Their effectiveness should be verified by certification, for instance according to the Common Criteria (CC) [7]. Particularchallenges arise due the scale of a smart gridand because its com- ponents are widely distributed in the field (and thus expensive to maintain by physicalaccess).Forthis andotherreasonsthe componentsneedtobeverysta- ble and long-lived, which increases the spatial and temporal exposure to poten- tialattackers.Moreover,fortheconventionalgrid(likeformanyotherindustrial systems) it has been sufficient to counter security threats by physical means (in 1 This technical term has been derived from theGreek word for ‘measurement’.

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.