Abstract: Electricity meters and sensors are often scattered away from the power company's line of sight. This article discusses various techniques for improving the safety of these smart grid endpoints. Both traditional physical and logical attacks are considered, as well as joint attacks that may penetrate the supply chain, which pose a serious threat to the power company's meter deployment. Security technologies to protect against these attacks have been successfully applied in the financial payment industry and can be reliably used for smart grid protection.
As countries around the world compete to deploy intelligent transmission systems, how to ensure the safety of these systems has become an important issue. Although there are few standards specifically for smart grid security protection, power companies have begun to make a big fuss in the early stages of system deployment—equipped with IT systems for data collection and analysis, advanced communication technologies to transmit data, and endpoints (such as smart meters). Raw data is generated with the grid health monitoring system. Although security issues have become a widespread concern in recent years, there is still much work to be done, especially "endpoint" protection, such as the safety of electricity meters and grid sensors. This article provides an overview of the threats these endpoints face and the security technologies that address these threats.
Figure 1. Smart Grid Model - Power companies collect data from endpoints over a communications network
Security threat
There is no doubt that the security grid faces many kinds of security risks, but it can be roughly divided into two categories. The first category is individual attack, which means that the attacker's goal is to use smart grid data to gain their own benefits—for example, stealing electricity bills or concealing the production of illegal drugs. The purpose of an individual attack is not to disrupt grid management, but to gain the benefit of an individual or group.
The second type of attack refers to activities that pose a threat to society, including activities that attempt to disrupt the operation of the grid. This may be an attack on the power grid itself (large area misreporting energy consumption, causing tension in the capital chain of the entire power grid); it may also be an attack on society (for example, terrorist attacks), causing power grids and power outages. In the event of a power outage, production and financial losses will be invaluable, especially in extremely hot, extremely cold climates, and pose a threat to human life.
weakness
Attackers often look at the entire grid and try to determine the best place to implement an attack in order to achieve the desired results with minimal investment and minimum risk. We can simply look at a "power center - endpoint" model and consider how the attacker can achieve the goal in both cases.
Individual threat: For example, a hacker who wants to reduce the electricity bill, the attacker may mix into the power company control room and change his meter record to achieve the purpose; he may also intercept the data, intercept the energy consumption information sent to the power company; or directly tamper with The meter firmware makes it a record of reduced power consumption.
Social threats: For example, terrorists who want to destroy the vast majority of users' power supply chains, attackers may mix into the power control room, remotely disconnect a large number of meters, or shut down power to a substation. The attacker may also inject instructions into the communication bus to perform similar actions; or control the meter to disconnect the relay directly from the far end; it may also control the sensor to feed back error data to the power company, causing misjudgment and erroneous operation of the power control center.
From the simple model, it can be seen that the attack path exists, and most of the entire power grid (power company control room, communication network, and endpoint) can implement the above attack behavior. Improving the overall security of the system provides security for the three links, but in practice it requires us to identify and locate the weakest link. This is exactly what the attacker is doing – finding the easiest point of intrusion (the weak link in the smart grid) to carry out the attack.
Imagine how an attacker might look at the three main links. Successfully invading the power company's control room can maximize control of the grid, but the risk is also the highest. The control room must be tightly guarded, have good access control, and have a secure certification process. In addition, the intruder is also difficult to hide in the control room - even if the security guard does not catch the intruder, the surveillance camera will be recorded. Of course, insiders can most effectively attack the entire grid from the power control center, but because the power sector regulations strictly limit individual permissions, it is impossible for any individual to run operations that threaten the operation of the grid. Such operations usually require multiple people to be present at the same time. This simplifies the risk of internal personnel committing crimes.
In this way, the attacker's second choice must be the communication link. So far, most topics about smart grid security have focused on communication links, and most system deployments have adopted strict encryption technology to protect the smart grid. Data and command transmission between the endpoint and the power center. In order to successfully attack the communication channel, a security key or an authentication key must be obtained. A reliable communication protocol does not share a key, meaning that an attacker can only (1) obtain a key from a power company or endpoint; or (2) brute force on the channel's encryption/authentication mechanism. Note that option 1 is not actually attacking the channel itself, but attacking other parts of the grid. Violent attacks (option 2) are also unlikely to get results. Common encryption algorithms, such as AES-128, are violently attacked, and computational aspects are not feasible. This means that ultra-high-speed computers need to run for several years, even decades, to obtain keys, much longer than the data itself. the term.
The attacker will then turn to the smart grid endpoint itself: devices such as smart meters or grid health monitoring sensors. Such devices are more attractive because the endpoint protection measures are relatively weak, widely dispersed outdoors, or mounted on long-distance transmission lines. We can take into account devices such as data concentrators, as such devices often have no protection. These weak points provide an opportunity for attackers to analyze and try different attack methods. Indeed, these terminals are electrically charged and difficult to reach (for example on towering transmission lines) and are potentially dangerous. But the attacker can take advantage of some protective measures to avoid personal injury. On the surface, endpoints like electricity meters are the easiest to attack. But how do opponents implement attacks?
Attack an installed meter
The following discussion applies to any endpoint with communication capabilities on the smart grid, but for the sake of discussion, let's take a smart meter as an example.
For individual attacks, the attacker will be able to attack the meter. The goal may be to change the current sensing device to detect less power consumption, or to reverse engineer the meter software to report less power.
Social attacks may start in a similar way: the attacker studies the meter and tries to understand how it works. The goal is to extract the key, reverse engineer the software protocol, and reset the meter. Once successful, an attacker can reconfigure a large number of meters, reducing the actual power consumption, or disconnecting at the same date and time.
In the face of such threats, how to ensure the security of smart grid endpoints? Embedded security technologies available on the market (for example, security processors that are widely used in financial transactions and government agencies) are well protected against individual metering attacks. This type of security technology integrates physical attack (forcible control) detection or methods of embedded systems, logical attacks (analysis of embedded system memory, applications or protocols).
An embedded system with a physical attack detection mechanism can detect system hazards. These products use physical sensors, such as switches that detect open device housings, motion sensors, and environmental sensors. Once an attack is detected, the meter can take action, such as trying to contact the power center or even deleting the security key (deleting the key is better than leaking it to the attacker).
Some logic detection techniques can also be used to defend against power meter attacks, locking or encrypting secure memory, making it difficult for an attacker to read software or reverse engineer it. The secure loader locks the device during production, ensuring that an attacker cannot load unauthorized software on the meter.
Safely deploying electricity meters can also prevent social attacks to a certain extent. The meter uses a unique key, and even if the attacker obtains the key of an electric meter, it will not affect the safety of other meters. If it is very difficult to steal a single key (using the above physical and logical protection measures), it increases the difficulty of social threats attacking a large number of installed meters.
Attack supply chain
Some existing embedded security technologies can reduce the risk of social attacks on electricity meters and smart grids. However, we must consider other means of attack and ensure that the equipment is safe throughout its life.
Whether it's outsourcing or in-house manufacturing, the production process is very prone to plagiarism (even on-site!) and is the easiest part of stealing intellectual property. In this environment, development IP may be stolen for reverse engineering analysis, even installing new dangerous IPs in the product.
Some stubborn attackers can reverse engineer the meter software, install the virus, remotely disconnect, turn off meter communication, and erase internal memory on a set date and time. An attacker can change the IP during the manufacturing process. The consequences will be catastrophic – causing millions of meters in a single deployment to be powered down at a given time. It can take weeks or months to repair or replace the meter, which is costly.
Embedded security products take advantage of features such as secure boot loader, secure storage, and lifecycle management to reduce risk. The secure boot loader can load encrypted meter software, and the meter designer or software designer sends the encryption program to the production line, and the secure boot loader in the system microcontroller can decrypt and store the application. Secure memory (internal or external) can also store encrypted application code, making application content unreadable or reverse engineering or copyable. The lifecycle management feature can be used to verify the actual supply chain. Silicon manufacturers can lock devices and allow only one customer to unlock and install code; meter OEMs can lock their meters and only the designated power company unlocks and installs. As supply chain security measures increase, opportunities to achieve social attacks through electricity meters are suppressed.
solution?
It is difficult to find a perfect smart grid security solution, because the time and cost of such a solution is unlimited. However, the use of security technologies that are already commonly used in financial transactions and government agencies can provide a higher level of physical and logical protection for embedded endpoints in smart grids.
The attacks and countermeasures described here are not limited to the security vulnerabilities of smart grids. When considering the threats faced by smart grids, it is necessary to pay close attention to embedded endpoints such as electricity meters. Once the meter and other endpoints get multiple layers of security, the attacker will have to find another way out.
European Socket Connector,30 Position European Socket Connector,Right Angle Male European Socket Connector,Male European Socket Connector
Dongguan Yangyue Metal Technology Co., Ltd , https://www.yyconnector.com