Key management for substations: Symmetric keys, public keys or no keys?

In this paper, we discuss symmetric-key and public-key protocols for key management in electricity transmission and distribution substations — both for communication within substations, and between substations and the network control center. Key management in the electricity network is widely regarded as a challenging problem, not only because of the scale, but also due to the fact that any mechanism must be implemented in resource-constrained environments. NISTIR 7628, the foundation document for the architecture of the US Smart Grid, mentions key management as one of the most important research areas, and the IEC 62351 standards committee has already initiated a new specification dedicated to key management. In this document, we describe different variants of symmetric-key and public-key protocols. Our design is motivated by the need to keep the mechanism simple, robust, usable and still cost effective. It is important to take into account the complexity and the costs involved not just in the initial bootstrapping of trust but also in subsequent key management operations like key update and revocation. It is vital to determine the complexity and the cost of recovery mechanisms — recovery not only from malicious, targeted attacks but also from unintentional failures. We present a detailed threat model, analysing a range of scenarios from physical intrusion through disloyal maintenance personnel to supply-chain attacks, network intrusions and attacks on central systems. We conclude that while using cryptography to secure wide area communication between the substation and the network control center brings noticeable benefits, the benefits of using cryptography within the substation bay are much less obvious; we expect that any such use will be essentially for compliance. The protocols presented in this paper are informed by this threat model and are optimised for robustness, including simplicity, usability and cost.