Current Position: Home > News > Industry News

Contact Us

National service hotline:4000039166
Telephone:86-27 - 84649366 84649390 84649336
Fax:86-27 - 82967521
Address :No. 270, Huangjinkou 3rd Village, Hanyang District, Wuhan City, Hubei Province, China.

How to keep your smart meters safe from attack (and not just cyber-attacks)

日期:2015-10-20 10:09:13 点击:

 

Combating threats to the smart meter life cycle
So far we have outlined security threats to the smart meter and to its security software. While the above examples cannot be considered exhaustive, these threats are real indeed. They prove that anyone or any agency deploying an embedded smart grid device must analyze and anticipate any potential threats to the grid itself. Therefore, it is important for us to consider the technology available to combat these identified threats. 
We must be certain that silicon delivered to a manufacturing plant is legitimate, unaltered, and not substituted with fake materials. Procedural controls are our first line of defense. We must enforce legitimate supply chains. Only purchase components directly from the original supplier or from authorized supply chains. The risk here is procuring materials from third parties or brokers who are not subject to rigorous tracking procedures that verify legitimate, untampered material. 
While these procedural controls can be effective, they will not stop a truly determined attacker with the considerable resources to replace legitimate material with convincing fakes. In this case, a secure bootloader can deter the attack. A secure bootloader, loaded into the appropriate silicon during manufacturing, can be locked through advanced encryption techniques like a shared AES key or with the private key of the silicon manufacturer. When the meter manufacturer receives the silicon, they can then use those same advanced cryptographic tools to ensure that the silicon was securely locked by the silicon manufacturer.

Safeguard software to prevent cloning meters
Using this same secure bootloader, the manufacturing site only needs to store an encrypted version of the application software. Now any attacker who steals the encrypted software cannot reverse engineer it. Meanwhile, the secret key programmed into the secure bootloader is specific to meters produced by each authorized end-meter manufacturer. Consequently, encrypted software has little value to an attacker attempting to clone meters. To clone a meter, an attacker would need to steal ICs destined for a particular end customer, since no other silicon would be preprogrammed with the appropriate secret key.

Validate legitimate meters and prevent fakes
Recall the attack that tried to create a convincing fake meter to be programmed with bad software designed to disrupt the smart grid. Again a secure bootloader will assure the end customer (i.e., the utility) that the meter is loaded with the correct, validated firmware. In addition, the bootloader can “lock” the meter, disabling its ability to function until received by the intended utility.  

 

 

Products Online QQ Contact