The Smart Grid is becoming more prevalent all over the world as communities look for more efficient ways to manage the production, transmission, distribution, and most importantly, consumption of electric power. As an automated, widely distributed energy delivery network, the Smart Grid applies two-way digital communication to a power grid, allowing for the dynamic flow of information between networks and end nodes, such as electric, gas, or water meters.
However, while utility companies replace traditional meters with smart ones, the vulnerability to cyber attacks increases. Hackers have three ways of harming utilities via smart meter attacks:
-
They can use a remote termination feature to disable electric power in a single or a number of homes. The apparent danger is that attackers can leverage this ability to turn off entire neighborhoods or regions to extract extortion payments from utilities.
-
Hackers can potentially overheat components such as relays inside smart meters to literally start fires. Such a fire would quickly consume the meter itself and potentially even the entire home or business to which it's attached.
-
They can break into a smart meter and tunnel into the utility's back-end system. Once there, hackers have access to all of the data, including consumer and system information.
None of these security issues were considered at the time when the initial Smart Grid deployments were deployed. It's easy to see why better security is necessary.
It takes a lot to truly secure the Smart Grid. Where Revere Security impacts the equation is to secure the end nodes in the Smart Grid and their wireless communication to backend systems. Secondly, the Smart Grid relies on a tremendous amount of critical infrastructure in the generation, transmission, and distribution of power. For this, Revere Security has developed an
industrial control system solution.
Here's a video of Revere Security's Chief Cryptographer Dr. Whitfield Diffie who addresses some of the challenges in the current Smart Grid security environment at the 2011 Smart Grid Security West Conference in San Diego, CA.
Securing smart meters as well as gas and water meters is a tough problem. Most of these meters use small, resource-constrained microprocessors such as 8- or 16-bit chips. Neither are powerful enough to run traditional IT security. The image below illustrates this point very well. On the very popular TI MSP430 microchip AES-128 and AES-256 do not fare as well as the Hummingbird HB-2 cipher specifically designed for small, resource-constrained devices.
Revere Security has developed four products for the Smart Grid:
-
The Hummingbird HB-2 cipher encrypts and decrypts data that is sent to and from the smart meter. It will be impossible for an attacker to see when a command such as the remote termination feature is sent, thus not allowing them to emulate it.
-
The Hummingbird HB-2 mutual authentication protocol ensures that only known systems communicate with the smart meter. This is particularly helpful when an attacker tries to communicate with the smart meter directly. Once Hummingbird has been implemented, the smart meter will only respond to known communication partners who authenticate themselves properly.
-
The Hummingbird key management system allows for the efficient use of a symmetric device keys as well as temporary session keys. Both are critical to establish secure communications and protect power, water, and gas meters from unauthorized access.
-
The Hummingbird fast key lookup engine allows users to quickly find and authenticate keys that enable communication between end nodes and information systems.
Like us on Facebook
Follow us on Twitter
Find us onLinkedIn
