论文信息 - Secure deployment of SmartGrid equipment

Secure deployment of SmartGrid equipment

Introducing the SmartGrid goes in hand with the deployment of a large number of devices and with the establishment of a rather complex communication infrastructure. SmartGrid equipment like SmartMeters, other remote sensors, control equipment, or additional sub-stations, all have different security requirements. Common to all of them is that each device needs to be securely identified in the infrastructure and that proper security management needs to be in place. To allow for remote management, security functionality has to be incorporated in the design of a device. Furthermore, unique identities and establishment of cryptographic keys for secure communication requires an individual initial configuration of each device. Currently, this initial configuration is a manual operation executed during deployment, often by copying configuration data from memory devices such as USB tokens or SD cards. This paper introduces a novel and secure approach to support efficient roll-out processes in the domain of SmartGrid equipment providing for a faster and cost efficient scheme using already available and standardized security technologies. The main goal is to totally remove any direct physical interaction with the device during deployment and without any client-specific preconfiguration.

Carsten Rudolph | Nicolai Kuntze

[1] Gérald Maunier,et al. Combining User and Platform Trust Properties to Enhance VPN Client Authentication , 2005, Security and Management.

[2] M. Newborough,et al. Impact of micro-CHP systems on domestic sector CO2 emissions , 2005 .

[3] Konstantin Shemyak. Secure Distribution of the Device Identity in Mobile Access Network , 2010, MobiSec.

[4] Steve Hanna. Configuring Security Parameters in Small Devices , 2002 .

[5] Nicolai Kuntze,et al. On the Deployment of Mobile Trusted Modules , 2007, 2008 IEEE Wireless Communications and Networking Conference.

[6] Trent Jaeger,et al. Design and Implementation of a TCG-based Integrity Measurement Architecture , 2004, USENIX Security Symposium.

[7] Donald E. Eastlake,et al. US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[8] Stephen Farrell,et al. Towards security auto-configuration for smart appliances , 2003 .

[9] Yan Yan. Recognition and decoding of QR code , 2005 .

[10] Srinivas Devadas,et al. The Trusted Execution Module: Commodity General-Purpose Trusted Computing , 2008, CARDIS.

[11] Ralph C. Merkle,et al. A Certified Digital Signature , 1989, CRYPTO.

[12] Ernest F. Brickell,et al. Direct anonymous attestation , 2004, CCS '04.