Countries all over the world are continuously investing in the market of smart meters and smart grids. They are looking forward to improving the operation efficiency of power grid systems but neglect the safety of power transmission infrastructure. The current power grid designs are relatively weak in safety and vulnerable to attack. This article describes the concept of security over the life of a device - the ideal smart grid embedded device should ensure its safety throughout its life cycle, even back to the contract manufacturer. We will discuss in this article how to secure the smart grid throughout its life cycle and how to deal with potential threats.
For smart grids, as the grid infrastructure is increasingly under attack, the steady supply of electricity in every country is at risk of being attacked maliciously, making security issues more and more important. IT security is particularly important in this regard; many solutions support end-to-end communication data encryption such as data concentrators, supervisors, and data collector systems (SCADA). The focus on IT encryption is beyond doubt because of the need to ensure the security of "airborne" transmission of data. However, even with strong end-to-end encryption can not secure the entire smart grid: the embedded device itself is vulnerable.
Encryption equals safety?
While cryptographic tools are very effective in certifying commands for privacy protection and data transfer, it must be noted that this is only part of the solution. The purpose of encryption is to prevent the protected data from being decrypted or faked during transmission or storage. Some people think that complex RF or power line carrier communication can completely guarantee data security by relying on frequency modulation. In fact, such protection can be easily broken. Assuming that an attacker can arbitrarily control the remote meter pull-in relay , the utility company will need to invest a lot of resources to deal with the failure. Not only do power companies suffer economic losses, but they also cause considerable inconvenience and threat to the places where air conditioners must be used.
So, how to avoid such accidents? If both sides of the communication through the key to encrypt, decrypt, sign or verify the data on the communication line from the embedded sensor to the control system of data encryption is critical for encryption Key protection is even more important. Once the key is stolen, the entire network is no longer safe. The embedded terminal of smart grid needs a more complete security solution. It can draw on the security technology of financial terminals, focusing on key protection, using chip-level hardware and multiple protection measures against attacks.
The protection of power supply should not focus on valid data and command verification of the smart grid only. Worm-virus makers understand the effective means of attacking embedded infrastructures, which are not easily detected and cause serious damage to the system. The famous "zero-day attacks" use the system to eliminate or modify the way, the damage caused to the system is very subtle. Therefore, we must not only pay attention to the installation of the equipment, but also pay attention to any one vulnerable to the programming part of the process (such as the production process).
Any loopholes?
Achieving a secure and reliable design is not easy and takes a lot of time and insight into security technologies. So, are these inputs worthwhile? Let's start by analyzing a grid-connected smart meter, such as an unprotected electric meter installed in our own home, making it easy for outsiders to open such meters. If the meter uses a general-purpose MCU to handle communications and application functions, then it is likely that there is a programming port on which an attacker can reprogram or read internal information. With enough resources and time, some people can write a program with similar capabilities, but have the program embed viruses that get the key data or tamper with the bill.
Even if the network meter are equipped with some protection measures, to a certain extent, to prevent tampering. We are still able to spot some vulnerable areas - production, so-called "social engineering" that gives attackers an opportunity to invade IP and production processes. Spent thousands of dollars, the attacker may have access to the program, through the reverse engineering changes, the "new program" into the product. In addition, attackers can also sell your program to competitors, causing huge losses.
How to ensure the safety of the equipment life cycle?
Strict product production processes should consider the safety of every aspect from design to production, as well as strategies to deal with tampering. To ensure the safety of your lifecycle, consider the following points:
â’ˆ make sure to get the chip from the original factory, through formal channels to reduce the risk of procurement, of course, we must also consider encryption technology. Maxim sells security processors and smart grid products that can incorporate user keys or certificates to prevent others from unlocking and programming the IC.
â’‰ protect your IP. Signed in the factory production processes, program encryption, coordination from the system processor, safe loading, to the chip software decryption and authorization of each link. This type of encryption prevents the program from being cloned or cracked.
â’Š Only run the program you specified. Secure program loading uses a digital signature to verify the validity of the code and prevent it from loading or running unauthorized code.
â’‹ reliable communication. The new configuration, firmware updates and instructions are encrypted and signed to verify the reliability of the data source.
⒌ Site protection key. Do not store the key in it, such as external EEPROM. If your system uses a separate secure processor and application processor, keep the key in the secure processor and not send it out. This will prevent attackers from stealing keys from the communication data on the board.
â’ Internal key protection. Engineers can use the development key to develop the product's security features, while product-level keys go through multi-person signatures. You can usually use a higher level security module to complete the authorization.
â’Ž not miss every tiny hole. If a system attackers steal important information from only one meter and devote considerable time and money to researching that information, it is hoped that the entire system will be attacked accordingly. Experienced attackers may open the IC package and look for important information in the memory of the MCU. Therefore, the use of a unique key or asymmetric encryption (such as: elliptic curve digital signature) is necessary.
The current security measures for the grid leave a lot of room for the attacker. To keep embedded devices secure throughout their lifecycle, we also need to enhance the security design of the entire smart grid and keep the attackers away.
Long Fins For Adult,Practice Fins For Adult,Adult Swim Training Fins,Swimming Training Fins For Adult
RKD Outdoor & Water Products Co., Ltd , https://www.rkdsports.com