A model for security analysis of smart meters

Smart grids are replacing traditional power grids and smart meters are one of the key components of smart grids. Rapid deployment of smart grids has resulted in development of advanced metering infrastructures (AMI) without adequate security planning. In this paper we propose a systematic method for modeling functionalities of smart meters and deriving attacks that can be mounted on them. We apply our method to a real open source meter, implement two of the derived attacks, and measure their performance/memory overheads.

[1]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[2]  Sanjam Garg,et al.  Unified Architecture for Large-Scale Attested Metering , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[3]  Saman A. Zonouz,et al.  A Fuzzy Markov Model for scalable reliability analysis of Advanced Metering Infrastructure , 2012, 2012 IEEE PES Innovative Smart Grid Technologies (ISGT).

[4]  Salvatore J. Stolfo,et al.  Modeling system calls for intrusion detection with dynamic window sizes , 2001, Proceedings DARPA Information Survivability Conference and Exposition II. DISCEX'01.

[5]  Bart Preneel,et al.  Remote attestation on legacy operating systems with trusted platform modules , 2008, Sci. Comput. Program..

[6]  S. Mauw,et al.  Specification-based intrusion detection for advanced metering infrastructures , 2022 .

[7]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[8]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[9]  Geoffrey Smith,et al.  Anatomy of a Real-Time Intrusion Prevention System , 2008, 2008 International Conference on Autonomic Computing.

[10]  William H. Sanders,et al.  Intrusion Detection for Advanced Metering Infrastructures: Requirements and Architectural Directions , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[11]  Dmitry Podkuiko,et al.  Multi-vendor penetration testing in the advanced metering infrastructure , 2010, ACSAC '10.

[12]  Hovav Shacham,et al.  Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[13]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[14]  Miguel Correia,et al.  CRUTIAL: The Blueprint of a Reference Critical Information Infrastructure Architecture , 2006, CRITIS.