Advertisement

A Trusted Computing Architecture for Secure Substation Automation

  • David Guidry
  • Mike Burmester
  • Xiuwen Liu
  • Jonathan Jenkins
  • Sean Easton
  • Xin Yuan
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7722)

Abstract

Most critical infrastructure systems can be modeled as cyber-physical systems whose cyber components control underlying physical processes so as to optimize specified system objectives based on physical properties, physical constraints, and the current and estimated state of the system. Such systems usually require support for security and performance guarantees: wrongly received or missed commands can render the entire system unstable. Yet, securing cyber-physical systems with heterogeneous components is still an open and challenging problem. In this paper, we propose techniques for resilient substation automation of power utility systems with security based on the trusted computing paradigm. By using trusted platform module (TPM)-enabled components and a novel access control structure that enforces need-to-get-now (availability) policies, we show how to develop IEC/TR 61850-90-5 compliant substation automation systems that are resilient. We demonstrate the feasibility of our approach by analyzing and experimenting with an open source IEC/TR 61850-90-5 implementation.

Keywords

Cyber-physical systems critical infrastructures electricity grid IEC/TR 61850-90-5 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bell, D.E., LaPadula, L.J.: Secure Computer Systems: Mathematical Foundations. MITRE Corporation (1973), http://www.albany.edu/acc/courses/ia/classics/belllapadula1.pdf
  2. 2.
    Biba, K.J.: Integrity Considerations for Secure Computer Systems. MITRE Corporation, Technical Report, ESD-TR-76-372, MTR-3135 (April 1977)Google Scholar
  3. 3.
    Blake, S., Clark, D., Carlson, M., Davies, E., Wang, Z., Weiss, W.: An Architecture for Differentiated Services. RFC 2475 (December 1998)Google Scholar
  4. 4.
    Braden, R., Clark, D., Shenker, S.: Integrated Services in the Internet Architecture: an Overview. RFC 1633 (June 1994)Google Scholar
  5. 5.
    Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)MathSciNetCrossRefGoogle Scholar
  6. 6.
    International Electrotechnical Commission. IEC/TR 61850-90-5, Edition 1.0 2012-05, Technical Report, Power systems management and associated information exchange – Data and communications security (May 2012), http://webstore.iec.ch/preview/info_iec61850-90-5%7Bed1.0%7Den.pdf
  7. 7.
    International Electrotechnical Commission. IEC/TS 62351-1, First edition 2007-05, Technical Specifications (May 2012), http://webstore.iec.ch/preview/info_iec61850-90-5%7Bed1.0%7Den.pdf
  8. 8.
    Reed, I.S., Solomon, G.: Polynomial Codes Over Certain Finite Fields. SIAM Journal of Applied Math. 8, 300–304 (1960)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-based access control models. IEEE Computer 29(2) (1996)CrossRefGoogle Scholar
  10. 10.
    SISCO. Cisco and SISCO Collaborate on Open Source Synchrophasor Framework, Press Release (2011), http://www.sisconet.com/downloads/90-5_Cisco_SISCO.pdf
  11. 11.
    Trusted Computing Group (TCG), http://www.trustedcomputinggroup.org/
  12. 12.
    Trusted Network Connect Architecture for Interoperability (TNC), Specification 1.3. Revision 6 (April 2008)Google Scholar
  13. 13.
    Trusted Platform Module (TPM) Structures, Level 2, Version 1.2. Revision 116, Communication Networks and Systems for Power Utility Automation (March 2011), http://www.trustedcomputinggroup.org/resources/tpm_main_specification

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • David Guidry
    • 1
  • Mike Burmester
    • 1
  • Xiuwen Liu
    • 1
  • Jonathan Jenkins
    • 1
  • Sean Easton
    • 1
  • Xin Yuan
    • 1
  1. 1.Florida State UniversityTallahasseeUSA

Personalised recommendations