0
Securing the Smart Grid at the
                              Edge
                                                    Hann...
The Robespierre Leadership Model




                                              “I must see which way the
             ...
Do We Need to Secure the Edge?




                                                                On January 25, 2003 hac...
Is Technology Available to Secure the Edge?

                                                                   Complex Sm...
Old Security Doesn’t Always Solve NEW Problems


                       Phones                       Traditional Security ...
Requirements for Security at the Edge


                          Little Code Space Required – Fits on a 16-bit Chip

    ...
Security Along the Power Supply

   Security at the EDGE of the Smart Grid necessitates handling
   of many small, resourc...
Security for Smart Metering

   Protecting Smart                                                          5
   Meters will...
Smart Meter Security Example

                                                    Sensus iCon Smart Meter




            ...
Implementing Security - Key Management

                                                               •   Highly complex
...
Implementing Security – Other Challenges

                                                    •   Authentication is vital ...
Implementing Security – Other Challenges



           “The key to
           winning is getting
           to where the p...
Questions?


Chris Hanebeck
(214) 415-2648
chris.hanebeck@reveresecurity.com
Securing the Smart Grid at the
                              Edge
                                                    Hann...
Upcoming SlideShare
Loading in...5
×

Smart Grid Cyber Security Summit Revere

1,392

Published on

This presentation addresses the unique challenges of securing Smart Meters and SCADA devices within the power grid. The Revere Security Hummingbird cipher is introduced as a solution to the problem of securing microprocessors below 32-bit.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,392
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
70
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Smart Grid Cyber Security Summit Revere"

  1. 1. Securing the Smart Grid at the Edge Hanns-Christian L. Hanebeck August 10, 2010 © 2009-2010 Revere Security. All rights reserved. www.reveresecurity.com 1
  2. 2. The Robespierre Leadership Model “I must see which way the crowd is headed ... for I am their leader!" © 2009-2010 Revere Security. All rights reserved. 2
  3. 3. Do We Need to Secure the Edge? On January 25, 2003 hackers infected the Davis- Besse nuclear power plant in Ohio with a worm. The virus entered through a “secure” T1 line for an external consulting firm. While the infection did not harm the plant, which had been off-line during the worm attack, it caused the Safety Parameter Display System to be down for five hours and the plant process computer for six. Four years later, IBM researcher Scott Lunsford hacked into a nuclear power plant and claimed that entering through the SCADA network “… turned out to be one of the easiest penetration tests I'd ever done …” Source: Forbes, America’s Hackable Backbone, Oct. 2007 © 2009-2010 Revere Security. All rights reserved. Image Sources: nbc.com and smartgridsecurity.blogspot.com 3
  4. 4. Is Technology Available to Secure the Edge? Complex Smart Devices • 32-bit or higher microprocessor • AES /ECC Encryption very well suited • Revere Hummingbird very well suited today Simple Smart Devices • 16-bit or lower microprocessor • AES /ECC Encryption too large, too expensive • Revere Hummingbird perfectly suited © 2009-2010 Revere Security. All rights reserved. 4
  5. 5. Old Security Doesn’t Always Solve NEW Problems Phones Traditional Security Framework ? Physical Infrastructure Mobile Devices ? Networks and Servers Very few Sensors ? experts worldwide & SCADA Very long Endpoints: Laptops, PCs time to market Processes and Applications Little customer & ? ? consumer People and Identities pull RFID Tags Smart Meters Data, Information, Knowledge © 2009-2010 Revere Security. All rights reserved. 5
  6. 6. Requirements for Security at the Edge Little Code Space Required – Fits on a 16-bit Chip Short Messages e.g. 16-bit Cipher Built-in MAC Easy to Integrate Anonymous Communications Lower Power Requirement Mutual Authentication Protocol Simple, Scalable Key Management System © 2009-2010 Revere Security. All rights reserved. 6
  7. 7. Security Along the Power Supply Security at the EDGE of the Smart Grid necessitates handling of many small, resource constrained devices Utility SCADA Smart Meter Consumption Generation Storage Substation © 2009-2010 Revere Security. All rights reserved. 7
  8. 8. Security for Smart Metering Protecting Smart 5 Meters will require industrial- 6 strength security 3 on a very small footprint. 3 4 1 Consumer uses energy 2 1 2 Smart Meter records and transmits consumption data 3 Wireless networks (Wi-Max, cell, BPL, etc.) transmit information to the utility 4 Utility aggregates usage data, prepares pricing and makes information available to the consumer 5 Consumer accesses the information online 6 Consumer makes choices that will affect energy consumption © 2009-2010 Revere Security. All rights reserved. 8
  9. 9. Smart Meter Security Example Sensus iCon Smart Meter TI MSP430 Hummingbird is up to 416% faster and consumes 76% less power than AES (EAX’). © 2009-2010 Revere Security. All rights reserved. Image Sources: ukfrrnell.com and joysco.com 9
  10. 10. Implementing Security - Key Management • Highly complex Key • Need to manage keys on the smart meter (HAN) Management • Requires very high level of systemic security Challenges • Keys might need to be assigned on a temporary basis • Handhelds and laptops for key commissioning may be lost Solution • Distributed hierarchical system architecture • Scalable to well more than 100 million keys • Authentication of field devices by installed smart meters • Anonymous identification and key management to protect privacy • Secure assignment of temporary session keys © 2009-2010 Revere Security. All rights reserved. 10
  11. 11. Implementing Security – Other Challenges • Authentication is vital to prevent unwanted access Built-in • It ensures that commands and data are authorized Authentication • In cases where encryption and authentication are required, a one-pass approach is superior • Consumers will likely want ownership of and control Consumer over their own consumption data Privacy • The integration of multiple devices into one standards- based home area network will be difficult at best • Consumers will likely use third-party devices to control their energy consumption and data • Smart Grid security necessitates the ability to react to Event events in near real-time Management • This requires a highly mature event management infrastructure (bus) and a lot of knowledge about business rules • It is unclear who owns and manages these systems © 2009-2010 Revere Security. All rights reserved. 11
  12. 12. Implementing Security – Other Challenges “The key to winning is getting to where the puck is going to be next.” “The Great One” © 2009-2010 Revere Security. All rights reserved. 12
  13. 13. Questions? Chris Hanebeck (214) 415-2648 chris.hanebeck@reveresecurity.com
  14. 14. Securing the Smart Grid at the Edge Hanns-Christian L. Hanebeck August 10, 2010 © 2009-2010 Revere Security. All rights reserved. www.reveresecurity.com 14
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×