Hardware Security for Device Authentication in the Smart Grid
Secure communication between devices is a key aspect of smart grid security. In the future smart home environment, various smart devices, appliances and energy management systems will communicate with each other via the home network. In order to achieve mutual authentication, each device will have a private cryptographic key which must be protected against theft or misuse. Current mechanisms for protecting such keys exist but generally require interaction with the user. This makes them unsuitable for the smart grid context due to the high degree of automation involved in the smart grid. To address this challenge, we have designed, implemented and tested a system that provides hardware security for device private keys using Trusted Computing technologies. Using DRTM late-launch functionality, our system ensures that the private key is only available within a protected trusted environment on a specific device. Preliminary implementation and testing has demonstrated that our system can operate successfully in unattended environments such as the smart grid.
KeywordsSmart Grid Trusted Platform Module Trust Computing Transport Layer Security Trust Computing Group
Unable to display preview. Download preview PDF.
- 1.European Commission: Eurostat: Final Energy Consumption, by Sector (2010)Google Scholar
- 2.National Institute of Standards and Technology (NIST): NIST Special Publication 1108R2: NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0. Technical report (2012)Google Scholar
- 3.Baumeister, T.: Adapting PKI for the smart grid. In: 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 249–254 (2011)Google Scholar
- 6.Trusted Computing Group: TPM Main Specifications Part 1: Design principles, Part 2: TPM structures, Part 3: Commands. Version 1.2, Revision 116 (2011)Google Scholar
- 8.Intel: Intel Trusted Execution Technology (Intel TXT): Measured Launch Environment Developer’s Guide. Technical report (2011)Google Scholar
- 9.McCune, J.M., Parno, B.J., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for TCB minimization. In: Eurosys 2008 Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems, vol. 42, pp. 315–328 (April 2008)Google Scholar
- 10.Sailer, R., Zhang, X., Jaeger, T., van Doorn, L.: Design and implementation of a TCG-based integrity measurement architecture. In: Proceedings of the 13th Conference on USENIX Security Symposium, vol. 13. USENIX Association (2004)Google Scholar
- 12.Kinkelin, H., Holz, R., Niedermayer, H., Mittelberger, S., Carle, G.: On Using TPM for Secure Identities in Future Home Networks. In: Security in NGNs and the Future Internet, vol. 3, pp. 1–13 (January 2010)Google Scholar
- 13.Kuntze, N., Rudolph, C., Bente, I., Vieweg, J., von Helden, J.: Interoperable device identification in Smart-Grid environments. In: 2011 IEEE Power and Energy Society General Meeting, pp. 1–7. IEEE (July 2011)Google Scholar
- 14.Gajek, S., Löhr, H., Sadeghi, A.R., Winandy, M.: TruWallet: trustworthy and migratable wallet-based web authentication. In: Proceedings of the 2009 ACM Workshop on Scalable Trusted Computing, STC 2009, pp. 19–28. ACM (2009)Google Scholar