Hardware Security for Device Authentication in the Smart Grid

  • Andrew J. Paverd
  • Andrew P. Martin
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7823)


Secure communication between devices is a key aspect of smart grid security. In the future smart home environment, various smart devices, appliances and energy management systems will communicate with each other via the home network. In order to achieve mutual authentication, each device will have a private cryptographic key which must be protected against theft or misuse. Current mechanisms for protecting such keys exist but generally require interaction with the user. This makes them unsuitable for the smart grid context due to the high degree of automation involved in the smart grid. To address this challenge, we have designed, implemented and tested a system that provides hardware security for device private keys using Trusted Computing technologies. Using DRTM late-launch functionality, our system ensures that the private key is only available within a protected trusted environment on a specific device. Preliminary implementation and testing has demonstrated that our system can operate successfully in unattended environments such as the smart grid.


Smart Grid Trusted Platform Module Trust Computing Transport Layer Security Trust Computing Group 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    European Commission: Eurostat: Final Energy Consumption, by Sector (2010)Google Scholar
  2. 2.
    National Institute of Standards and Technology (NIST): NIST Special Publication 1108R2: NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0. Technical report (2012)Google Scholar
  3. 3.
    Baumeister, T.: Adapting PKI for the smart grid. In: 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 249–254 (2011)Google Scholar
  4. 4.
    Metke, A.R., Ekl, R.L.: Security Technology for Smart Grid Networks. IEEE Transactions on Smart Grid 1(1), 99–107 (2010)CrossRefGoogle Scholar
  5. 5.
    Nützel, J., Beyer, A.: How to Increase the Security of Digital Rights Management Systems Without Affecting Consumer’s Security. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 368–380. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Trusted Computing Group: TPM Main Specifications Part 1: Design principles, Part 2: TPM structures, Part 3: Commands. Version 1.2, Revision 116 (2011)Google Scholar
  7. 7.
    Kühn, U., Kursawe, K., Lucks, S., Sadeghi, A.-R., Stüble, C.: Secure data management in trusted computing. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 324–338. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Intel: Intel Trusted Execution Technology (Intel TXT): Measured Launch Environment Developer’s Guide. Technical report (2011)Google Scholar
  9. 9.
    McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. In: Eurosys 2008 Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems, vol. 42, pp. 315–328 (April 2008)Google Scholar
  10. 10.
    Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13. USENIX Association (2004)Google Scholar
  11. 11.
    Bugiel, S., Ekberg, J.E.: Implementing an application-specific credential platform using late-launched mobile trusted module. In: Proceedings of the Fifth ACM Workshop on Scalable Trusted Computing, STC 2010, pp. 21–30. ACM Press, New York (2010)CrossRefGoogle Scholar
  12. 12.
    Kinkelin, H., Holz, R., Niedermayer, H., Mittelberger, S., Carle, G.: On Using TPM for Secure Identities in Future Home Networks. In: Security in NGNs and the Future Internet, vol. 3, pp. 1–13 (January 2010)Google Scholar
  13. 13.
    Kuntze, N., Rudolph, C., Bente, I., Vieweg, J., von Helden, J.: Interoperable device identification in Smart-Grid environments. In: 2011 IEEE Power and Energy Society General Meeting, pp. 1–7. IEEE (July 2011)Google Scholar
  14. 14.
    Gajek, S., Löhr, H., Sadeghi, A.R., Winandy, M.: TruWallet: trustworthy and migratable wallet-based web authentication. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, STC 2009, pp. 19–28. ACM (2009)Google Scholar
  15. 15.
    Cesena, E., Ramunno, G., Vernizzi, D.: Secure storage using a sealing proxy. In: Proceedings of the 1st European Workshop on System Security, EUROSEC 2008, pp. 27–34. ACM Press, New York (2008)CrossRefGoogle Scholar
  16. 16.
    Goldman, K., Perez, R., Sailer, R.: Linking remote attestation to secure tunnel endpoints. In: Proceedings of the First ACM Workshop on Scalable Trusted Computing, STC 2006, pp. 21–24. ACM Press, New York (2006)CrossRefGoogle Scholar
  17. 17.
    Gasmi, Y., Sadeghi, A.R., Stewin, P., Unger, M., Asokan, N.: Beyond secure channels. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, STC 2007, pp. 30–40. ACM Press, New York (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Andrew J. Paverd
    • 1
  • Andrew P. Martin
    • 1
  1. 1.Department of Computer ScienceUniversity of OxfordUK

Personalised recommendations