Securing the Smart Grid with SafeNet HSMs


Published on

1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Securing the Smart Grid with SafeNet HSMs

  1. 1. Securing the Smart Grid withSafeNet HSMsSafeNetWHWHITEPAPERWHITEPAPEROverviewThe smart grid is the first major effort to modernize an energy infrastructure that hasremained largely unchanged over the past several decades. The smart grid creates a networkof links between customers and utility companies that provides increased insight into andmanagement of energy consumption, cost, and workload across the entire energy grid. At atime when energy utilities play an increasingly important part of our everyday lives, smartgrid technologies introduce new security challenges that must be addressed. Implementing asmart grid without proper security could result in grid instability, loss of private information,utility fraud, and unauthorized access to energy consumption data.Building a trusted smart grid will require robust security solutions, and interoperability frommultiple vendors, that can be easily deployed at the communication and application layers ofthe smart grid infrastructure. In the first phase of smart grid deployments, traditional meterswill be replaced with meters that can be read remotely, called smart meters. The AdvanceMetering Infrastructure (AMI) is the second phase of the smart grid and uses smart metersto enable a two-way channel of communication between meters and the utility company.Securing this two-way line of communication is imperative, and will require a solution forHead End Trusted Identity authentication and Smart Meter device attestation to ensure theintegrity of the grid. Leveraging this integrity will allow utilities to both; issue trusted firmwareupgrades on deployed smart meters, and verify data from smart meters coming back to thedeployed Head End Systems. This system integrity will maintain security, and minimize costfootprint of upgrades to the deployed smart meters.A critical component of smart grid security is cryptography and key management, which willensure confidentiality, authenticity, and integrity of devices and communications within thegrid. Every cryptographic system needs strong protections for the top-level cryptographicmaterial used to provide the systems trust anchor. Typically, compromise of these top-levelkeys results in complete or at least very broad system-wide compromise. This is wherehardware security modules offer significant trust value.Securing the Smart Grid with SafeNet HSMs Whitepaper 1
  2. 2. HSMs Role in the Smart GridSmart grid security solutions must be able to deploy on a large scale, with minimal effecton applications. Securing the smart grid at the communication layer will require a systemto identify connected meters, to verify that these meters are configured correctly, and tovalidate these meters for network access. The recommended solution for this authenticationprocess is an identity based model, often a Public Key Infrastructure (PKI). PKIs are ideal forlarge-scale security deployments that require a high level of security with minimal impacton performance. In a PKI environment, it is essential that private keys and certificates areguarded with a reliable key management solution that protects against ever-evolving datathreats, such as hardware security modules (HSMs).HSMs require secure interoperability with deployed Smart Grid infrastructures. For years,various industries have relied on HSMs for securing the most sensitive PKI environments.In fact, SFNT HSMs have a long standing history with large scale deployments in thefinancial industry, working to define and implement industry standard based deployments,and deployed to protect more financial transactions than any other HSM (more than atrillion Dollars day) applications. SafeNet HSMs offer a cost-effective PKI solution foreasy deployment in smart grid infrastructures. With the SafeNet PKI Bundle, product andmaintenance costs are dramatically reduced by combining HSM functionality that usuallyrequires two or more HSMs into a single HSM “bundle” of modular functions. For CAs withcertificates and root keys, for example, rather than requiring separate HSMs for key generationand key export for offline and online root CAs, the requirements can be fulfilled by one SafeNetHSM that stores keys in hardware to achieve FIPS 140-2 L3 security. In addition, with high-performance RSA, ECC, and AES cryptographic services, SafeNet HSMs are the only HSM inthe industry that can keep up with the performance requirements of even the most complexadvanced smart grid deployments. Generation High Value Endpoints Suppliers Device ID DR PKI PKI Provisioning Head-End PKI Messaging Production Code Signing HAN Utility Engineering Development Code Signing Utility Operations PEVEnd to End SecurityHSMs Uses Related to Smart Grid FunctionsDevice Identities. A SafeNet HSM performs many vital security functions during themanufacturing of smart grid devices. While issuing device identity certificates at the factory,the SafeNet HSM can protect both a sub-ordinate CA and registration authority (RA) keypairs, and secure signing key for any firmware or code loaded at manufacturing time. Hostinga sub-ordinate CA at the each manufacturing site isolates the site both operationally andcryptographically. HSM-supported RA functionality at the manufacturing site is importantas the HSM provides high entropy RNG seed material and FIPS 140-2 Level 3-certified keygeneration for each device. The resource-constrained nature of smart grid devices makesSecuring the Smart Grid with SafeNet HSMs Whitepaper 2
  3. 3. it critical to ensure devices are provisioned with FIPS Validated high entropy seed material.Therefore, it is important to offer support for both CA and RA capabilities in the same HSMBundle—SafeNet HSMs support this through the PKI Bundle feature without compromisingsecurity. Once manufactured with a trusted identity, a deployed device is expected to remain inthe field for a long period, during that period the HSM is used to securely sign all firmware orDevice ID updates in the field Root CA Vendor DR CA Site Contract Manufacturers …… UtilitiesEquipment vendors certifying device IDs at manufacturingDevice Provisioning. The same SafeNet HSM features and capabilities that support deviceissuance, as described above, can also be used by utility companies to provision deviceswithin their infrastructures. In this case, deploying subordinate CAs at distribution centers,where meters and other devices are accepted into the utility’s control. Of course, this maybe at a central office when provisioning is done during final installation at the site. Here, theutility either re-certifies the key pair created by the device manufacturer or generates theirown completely new key pair and certificate. Device identities (certificates) are one part ofthe provisioning, HSMs are also leveraged for firmware updates and code signing -an equallyimportant part of a secure end-to-end system. At this staging point, it is also critical to importinto each device a trust root database, informing the devices which head-end systems to trust.Such device provisioning is required to maintain security, and minimize operational costs, inthe long life expectancy of smart meters once deployed.Securing the Smart Grid with SafeNet HSMs Whitepaper 3
  4. 4. Key Manager Head PKI Utility End HSMs in High Availability Device HSMs in Vendor High Availability Device Manifests Device S/N Customer ID Create/Certify ID Issue Device ID Pre - provisioned Issue Utility keys Seed Device End Point InstallerFrom factory to deploymentDevice Re-Certification. It would certainly be tempting to issue device certificates withvery long lifecycles to avoid re-certification challenges altogether. However, this is notpractical given the realities of the infrastructure. Devices fail and are replaced, devicesrequire upgraded certificates, and the device firmware could get compromised—all leadingto potential point of weakness. Because of this, device certificates and firmware need tohave reasonable lifecycles and, therefore, utilities need the ability to re-certify the devices.The same set of SafeNet HSMs used for device provisioning can support re-certification. Ofcourse, this is standard CA functionality but highlights another reason why utilities need theirown PKI.Secure Message Processing. In smart grid infrastructures, the confidentiality, integrity, andauthenticity of messages are critical. Meters need to accept commands only from authentichead-end systems, and the integrity and confidentiality of meter data must be assured. HSMsare critical in protecting the high assurance trusted head-end system Identities. Endpointdevices can use their certificates to sign and encrypt messages destined for the head-end system. At the head-end messaging side, keys used to sign commands and messagesdirected to the endpoint are obviously high-value keys. A compromise of these keys could alsocompromise a substantial portion of the infrastructure. SafeNet HSM’s provide the security,performance, and reliability, and cross vendor interoperability required to support thisfunction. SafeNet HSMs provide 5 9’s availability and high-performance RSA, ECC, and AEScryptographic services capable of supporting a wide range of secure messaging architectures.SafeNet HSMs are also capable of protecting very large quantities of keys, so it’s easy toensure keys are used for only one purpose and to devise schemes that cryptographicallysegment a network into a large number of keys to provide further isolation within theinfrastructure.Securing the Smart Grid with SafeNet HSMs Whitepaper 4
  5. 5. Distribution Automation Meter Data Mgmt System Head End HSMs in Meter Reading High Availability Residential Generation Meter Management Demand Management Pluggable Electric VehicleDigital envelope messagingDevice Authentication. Given the massive scale associated with many smart griddeployments, utilities need to carefully manage their certificate policies. Without propersegmentation and lifetimes, revocation schemes will quickly become overwhelmed.Segmenting a utility’s equipment cryptographically as discussed above is one componentof the strategy. Another strategy is the use of On-Line Certificate Status responders.Traditionally, a head-end system would check an OCSP responder directly while validatinga device’s certificate. However, a recommended approach has the end devices periodicallycollecting their own certificate status. The devices cache the responses, and then supply it tothe head end with each message. This approach has the advantage of making the grid morerobust to equipment failures, but has the disadvantage of broadening the attack footprint.A compromise of the OCSP responder key pair could then be used to supply fraudulentcertificate status. SafeNet HSMs provide the performance and FIPS 140-2 Level 3 protections-protection of the OCSP responder private keys, offsetting the risk associated with cachingcertificate statuses. The HSM partitioning capability means the utility does not need adedicated HSM to support the OCSP responder.Securing the Smart Grid with SafeNet HSMs Whitepaper 5
  6. 6. DR PKI Device Vendor Utility Utility Root Federated Neighbors …… Device ID HSMs in High Availability Regional Sub Roots West Central EastSecuring utilities segmented by domainInfrastructure Trust Anchors. As utilities and smart grid vendors deploy PKIs within theirsolutions, they often choose to set up their own private PKI, as opposed to basing it on a publicCA, however both are viable options. SafeNet HSMs are the market leader in both EnterprisePKI, and hosted PKI Services options. An Enterprise PKI provides the policy controls andassurance necessary that are not always available in a public CA. When deploying root CAs,it is common to keep the root offline and use it under very strict controls on a rare basis. TheSafeNet HSM family includes small form factor, high security HSMs ideal for a root CA. Thesedevices are small enough to be stored in a safe, provide all the security demanded by root keyprotection and, of course, interoperate with the rest of SafeNet’s HSM family.Securing the Smart Grid with SafeNet HSMs Whitepaper 6
  7. 7. Smart Grid Distributed Generation and Storage Utility Infrastructure Consumer Encrypted Information PKI and Key Management HSMs for Root of TrustHSMs are the secure root of trust for protecting the smart gridSecure Management of Meters. Securely update the metering settings, configuration, securitycredentials, and firmware of all devices in the smart grid system. Signing and encryptionof messages was discussed previously under the Secure Message Processing use case. Inaddition, SafeNet HSMs can be used to protect code signing keys. These high-value keys areused to sign firmware update images destined for endpoint devices. Compromise of these keyscan lead to fraudulent software loads on devices, so an HSM is a natural place to host thesekeys. Utility Engineering Secure over the air Utility Operations firmware updateDevelopmentCode Signing Production Code Signing HSMs in HAN High Availability Suppliers HSMs in High Availability Initial Production Firmware Provisioning InstallerSecure firmware managementSecuring the Smart Grid with SafeNet HSMs Whitepaper 7
  8. 8. HSMs Features Supporting Smart Grid UsesCompliance and Certifications: SafeNet HSMs have been validated to FIPS 140-2 Level 3 andCommon Criteria EAL4+. They also facilitate compliance with PII, NIST, and NERC audits.HSM Partitioning. A key challenge in a smart grid is the overall scale of the deployments. It isnot uncommon for a utility to have millions of endpoints. This leads to all sorts of challengesin the cryptographic management system, including the impact of a key compromiseand management of the CRLs. One recommended strategy to address these issues is tocryptographically segment the utility into regions or groups. Establishing subordinatecertificate authorities for each region or group limits the impact of any compromise. Thissegmenting scheme also helps manage the size of CRLs since they will be issued on a per-segment basis. SafeNet HSMs support this approach through a secure flexible partitioningcapability. A single physical HSM can be segmented into up to twenty logically separateHSMs, referred to as partitions. This can be field upgradable to up to 100 partitions per HSM.Keys stored within each partition are not just separated by thin access control lists, butare fully cryptographically isolated from every other partition. Partitions can be mapped toindependent applications, assigned object limits per partition and, perhaps most importantly,can be controlled by a separate group of users. This feature is not only useful to utilities,but is also instrumental for device manufacturers. It provides the capability to run separatesubordinate CAs at the factory for each end customer, tailoring the manufacturing of devicesto specific customers. Through HSM partitioning, a device manufacturer can cryptographicallyisolate its customers so that a compromise of one customer does not impact other customers.It also enables the use of low-cost contract manufacturers without putting at risk security-sensitive customers who may not be able to accept devices manufactured in certain countries. Meter Data Head End Code Signing PKI Root Key ManagerMgmt System Messaging High Availability HSM and Root of Trust Load Balancing Automatic Key DR site Replication for HSMsHSM partitioning for support of multiple applications in the smart gridHSM Key Usage Controls. Smart grid devices can be manufactured all over the world and,given the cost sensitivities; they are often manufactured in locations that have limited trust.SafeNet HSMs provide key usage controls that allow a remote authority to manage how oftena particular key is used. With this capability, an organization can tightly control how manydevices each contract manufacturer produces—preventing the production of fraudulentdevices by manufacturing vendors.Securing the Smart Grid with SafeNet HSMs Whitepaper 8
  9. 9. Remote Activation. It is important to ensure the right people are in control of key material.HSMs are not typically located in the same site as the highly trusted individuals responsiblefor protecting an organization’s integrity. SafeNet’s Remote PED capability allows these highlytrusted individuals to control HSMs from anywhere in the world—saving the significant costsof sending trust holders to multiple remote locations. SafeNet’s M of N capability ensures thatno single individual can compromise the keys within the HSM.PKI Bundle. SafeNet’s PKI bundling allows a single set of HSMs to protect root andintermediate CA keys with a pure keys-in-hardware approach, and provides secure key pairgeneration and private key loading capability for smart meters, communication hubs, andother grid devices. The PKI Bundle offering works with existing HSM infrastructure, offering aflexible and cost effective option, configurable depending on the required deployment model.ECC Integrated Encryption Standard. It’s becoming common to base smart grid securemessaging systems on the ECC integrated encryption standard. Deploying ECIES with SuiteB curves provides high-assurance cryptography with minimal impact to the resourceswithin the constrained devices typical of the Smart Grid. ECC is being used as the securecryptographic messaging system between HSMs and other device end points in the Smart Gridinfrastructure. SafeNet’s HSMs provide high-performance ECDSA and ECDH cryptographicservices that enable solutions built around ECIES. Of course, SafeNet HSMs also offer high-performance RSA and AES services – providing support for any cryptographic system.Secure Shipping. While distributing HSMs to manufacturing or distribution sites, bestpractices dictate the need to mitigate possible compromises during shipping. Working withMultiple sites and potentially multiple operational owners of secure infrastructure devicescan be very operationally expensive – Secure Shipping allows units to be commissioned in asecure central location, trusted during shipment, and trusted once deployed at distributedtarget location, with secure features that can offer central control and trust while minimizingoperational costs. SafeNet HSMs provide a secure shipping capability that places the devicein a cryptographic locked down state. When a device arrives at its destination, the device’ssecurity authority is restored to an operational state and receives a cryptographic verificationof the device’s internal integrity.True Keys In Hardware Management. SafeNet HSMs use a key management approach thatensures keys are never stored anywhere except inside your HSMs. This is the only way you cankeep track, and audit of all copies of your keys. With SafeNet, every copy of a key always mapsto a physical entity—one of your HSMs. SafeNet HSMs ensure your High Assurance endpointswithin the Smart Grid infrastructure will be protected by an auditable trust anchor. And youwon’t be limited by the hardware—a single SafeNet HSM can hold up to more than a 100,000ECC keys.Availability, Reliability, and Scalability. The smart grid demands reliability and availability,and SafeNet HSMs deliver. The devices are built with high quality components, including theability to replace failed power supplies and fans while in service. Furthermore, the HSMscan be grouped into high availability N+1 clusters that provide linear performance scaling.The clustering technology provides automatic key synchronization and allows for the re-introduction of failed or new units without service interruption. SafeNet HSMs have beenevaluated by a 3rd party to offer 5 9’s availability uptime.Contact Us: For all office locations and contact information, please visit www.safenet-inc.comFollow Us:©2011 SafeNet, Inc. All rights reserved. SafeNet and SafeNet logo are registered trademarks of SafeNet.All other product names are trademarks of their respective owners. WP (EN)-03.11.11Securing the Smart Grid with SafeNet HSMs Whitepaper 9