Secure firmware updates for smart grid Devices

With the widespread use of smart metering and industrial control devices, a new challenge has emerged - that of allowing the utility companies and hardware manufactures to develop and deploy devices running operation code (“firmware”) that can be updated remotely, but in a way that does not endanger the electrical grid. While modern cryptography provides tools for addressing this challenge, it may not be enough. We propose here a method for securely updating the software controlling devices connected to an Alternating Current network that offers an added, stronger layer of protection against malicious code updates. This is achieved by allowing only the power generating authority to open a special “window” within which the devices accept such updates.

[1]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[2]  Göran N Ericsson,et al.  Cyber Security and Power System Communication—Essential Parts of a Smart Grid Infrastructure , 2010, IEEE Transactions on Power Delivery.

[3]  F.M. Cleveland,et al.  Cyber security issues for Advanced Metering Infrasttructure (AMI) , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[4]  Jyotsna Bapat,et al.  Data communication over the smart grid , 2009, 2009 IEEE International Symposium on Power Line Communications and Its Applications.

[5]  T. Kropp System threats and vulnerabilities [power system protection] , 2006, IEEE Power and Energy Magazine.

[6]  M. Pipattanasomporn,et al.  Multi-agent systems in a distributed smart grid: Design and implementation , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[7]  David L. Neuhoff,et al.  The validity of the additive noise model for uniform scalar quantizers , 2005, IEEE Transactions on Information Theory.

[8]  G.N. Ericsson Information Security for Electric Power Utilities (EPUs)—CIGRÉ Developments on Frameworks, Risk Assessment, and Technology , 2009, IEEE Transactions on Power Delivery.

[9]  Farrokh Albuyeh,et al.  Grid of the future , 2009, IEEE Power and Energy Magazine.

[10]  G.N. Ericsson Toward a Framework for Managing Information Security for an Electric Power Utility—CIGRÉ Experiences , 2007, IEEE Transactions on Power Delivery.