The power grid is aging and congested and faces new challenges and stresses that put at risk its ability to reliably deliver power to an economy that is increasingly dependent on electricity. i.e. The security of the United States and the way of life of its citizens is dependent on the availability of the North American power grid. Much of the technology currently in use by the grid is outdated and in many cases unreliable. The reliance on old technology leads to inefficient systems, costing the utilities and taxpayers unnecessary sums. There is virtually universal agreement that it is imperative to upgrade the electric grid to increase overall system efficiently and reliability.
A growing recognition of the need to modernize the grid to meet tomorrows challenges has found articulation in the vision of a Smart Grid. The essence of this vision is a fully-automated power delivery network that can ensure a two-way flow of electricity and information between the power plants and appliances and all points in between. To upgrade the grid, and to operate an improved grid, will require significant dependence on distributed intelligence and broadband communication capabilities. The access and communications capabilities require the latest in proven security technology for extremely large, wide-area communications networks. This paper discusses key security technologies for a smart grid system, including public key infrastructures and trusted computing.
Public key infrastructure:
It is one of the security technologies for a smart grid system. Based on the security requirements for smart grid, as well as the scale of the system and availability required, public key infrastructure (PKI) technologies along with trusted computing elements, supported by other architectural components, is the best overall solution for smart grid. A public-key infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates.
A PKI binds public keys with user identities through use of digital certicates. The binding is established through a registration process, where after a registration authority (RA) assures the correctness of the binding, the certicate authority (CA) issues the certicate to the user. Users or devices can authenticate each other via the digital certicates, establish symmetric session keys, and subsequently encrypt and decrypt messages between each other. PKI allows for a chain of trust, where a rst CAs extends trust to a second CAs by simply issuing a CA-certicate to the second CAs. This enables RPs that trusts the rst CA to also trust subjects with certicates issued by the second CA. When two CAs issue each other certicates it is referred to as cross signing. In this way, CAs from one organization can extend trust to the CAs from other organizations, thus enabling secure interoperability across domains.
In very large systems PKI could be signicantly more efficient than shared keys in terms of setting up and maintaining operational credential. This is due to the fact that each entity needs to be congured with its own certicate. This is as compared to symmetric key provisioning where each device may need to be congured with a unique key pair for every secure link. While PKI is known for being complex, many of the items responsible for the complexity can be signicantly reduced by including the following four main technical elements:
PKI standards: Standards are used to establish requirements on the security operations of energy service providers as well as smart grid device manufacturers. Automated trust anchor security: Trust anchor security is the basis for all subsequent trust Relationships. Certicate attributes: Certicate attributes provide an important component to achieving the high availability needed for the power grid. Smart grid PKI tools: PKI tools are needed to ease the process of managing the PKI components used to support the smart grid application.
2.Trusted computing :
Considering the incredible size of the threat and wide-ranging potential consequences from cyber attacks, the smart grid cyber-security protection requirements must be extreme. The grid will require a comprehensive security plan that encompasses virtually all aspects of grid operations. One component of such a plan includes trusted computing platforms. Such platforms and associated mechanisms are used to ensure that malware is not introduced into software processing devices There are two categories of devices for which the malware protection problems should be considered: embedded computer systems and general purpose computer systems.
Embedded systems are computer systems that are designed to perform a specific task or set of tasks. They are intended to run only software that is supplied by the manufacture. And general purpose systems are intended to support third party software purchased by the specific consumer who purchased the system. A PC is an excellent example of a general purpose system. A microwave oven, or cable television set-top box, are examples of embedded systems.