Smart Metering Cybersecurity—Requirements, Methodology, and Testing
Abstract
:1. Introduction
1.1. Structure of the Paper
1.2. Related Works
1.3. Motivation and Goals
- introduce security requirements for smart meters and design a methodology to test these requirements;
- provide evaluations and measurements according to the proposed methodology;
- design and verify tools, software, and equipment for evaluation and measurement according to the proposed methodology;
- provide recommendations for smart meter roll-out, based on security requirements considering wireless cellular communication technologies.
2. Background
2.1. Legislation Regarding Smart Grids
2.2. DLMS Basics
2.3. Security in DLMS
2.4. Concerns Regarding Security Suite
- disclosure of used keys, that results in a complete security breach (including past, present, and future communication);
- forgery of compromised keys;
- replay attacks, brute force attacks, and dictionary attacks;
- risks related to the need of securely storing all keys for all meters (in utility systems);
- risks associated with the impossibility of centrally and quickly changing keys;
- risks associated with manual device configuration and the need to pre-load or individualize static keys by staff after deployment of the electricity meter.
3. Design of Security Requirements
4. Testing Smart Meters
4.1. Testing Methodology—Basics
- Documentation: security requirement is verified according to documentation from the manufacturer.
- Functional test: verified with normal operational procedure.
- Security test: verified with security tests (e.g., attack, wiretapping).
4.2. Testing Requirements
4.3. Insights from Testing
- The evaluator shall verify, according to the documentation of the device, these entries:
- the available RAM and flash of the device and compare them to the actual usage while in normal operation, according to the functional specification;
- the available computing power and the required minimal computing power for the normal operation, according to the functional specification.
- The evaluator shall verify, based on the documentation and verification of the actual state, that the device has available computing power, RAM, and flash memory for running all security algorithms (Table 3). The evaluator shall also verify, from the documentation, that the device has the computing power, RAM, and flash memory for the increased demand on resources for the future cryptographic algorithms, by at least 100%. To meet the requirement of accommodating 100% more resources, twice the number of resources utilized during an average month of normal operation at the time of deployment (this condition assumes that the device is utilizing at least DLMS SS1), the device must primarily allocate additional resources on the communication side, where the cryptographic algorithms are implemented.
4.4. Designing Initial Prerequisites for Testing Smart Meters
- Basic DLMS parameters for devices:
- referencing used, LN (logical names) or SN (short names);
- addressing used on every interface (HDLC or wrapper);
- all interfaces on the device, their connection and state (e.g., pinout on RS-485);
- all addresses (DLMS uses client and server addresses);
- access roles and authentication used (passwords and relation to client addresses);
- encryption keys and certificates for every access role (when keys cannot be shared directly, we need information about the mechanism, that we can use to obtain the keys by ourselves).
- Multiple firmware (FW) versions for the testing devices:
- at least one new FW version, that can be used to finish all security tests (version that is above all other supplied FW versions);
- at least two FWs with valid signature and correct incremented versions. These two FWs can be alternately applied to the device. If the device cannot apply an older version of FW, we need at least five valid FWs with valid signatures and with incremented versions.
- Access to the planned central metering point—HES (head end system):
- having sufficient access permissions to perform all security-related operations on the tested devices (changing keys, passwords, certificates, security setup, etc.);
- access for capturing all the communication between meters and the HES (to verify used communication and properly applied encryption on the messages). This can be achieved in multiple ways:
- -
- capturing the communication directly on the device where the HES is;
- -
- inserting a virtual machine into the infrastructure, such that it can see all the communication (that is heading to the HES).
5. Smart Meter Testing—Tools and Procedure
5.1. Testing Procedure
- Research specific smart meter technology: Before selecting tools, it is very important to understand the underlying technology, such as communication protocols (DLMS, ModBus, etc.), types of data (IP, HDLC, etc.), interfaces (P1, optical, serial, etc.), and security mechanisms (SS0, SS1, SS2).
- Identify testing objectives: It is very important to determine what to test. Different manufacturers implement communication, security, or functions in different ways. Therefore, it is necessary to find possible potent threats.
- Research available testing tools: Some tools and methods are the same for most tests (e.g., Wireshark), other tools and methods depend on the specific test. It is necessary to find and use the most appropriate tool to obtain the most accurate results.
- Create a testing plan: Many tests use similar tools and work with the same data. To avoid performing the same steps for multiple tests multiple times, creating a suitable plan can save time and money.
- Conduct the testing: Perform testing based on the plan. It is necessary to note the results of each test in detail, and document any problems.
- Evaluate the results: Analyze data collected during testing to identify any threats or problems. This information is important to make recommendations to improve SM technology or to select additional tools for further testing.
- Repeat the process: As the state of science and knowledge evolves, new testing methods become available. It is highly recommended to perform SM testing on a regular basis (the frequency of security testing can vary depending on various factors such as manufacturer’s recommendations, regulatory requirements, or the internal norms of the company that operates these meters), to ensure that the most effective tools are being used to test the SMs.
5.2. Testing Tools
- Kali Linux is a popular Linux-based operating system designed for digital forensics, penetration testing, and cybersecurity auditing. The tools below this point are a standard part of the distribution.
- -
- arpspoof—an open-source network auditing tool, that allows network traffic to be intercepted and redirected, making it a useful tool for network administrators and security professionals. By spoofing ARP (address resolution protocol) messages, arpspoof can trick devices on a network into sending traffic to a different destination, enabling users to perform man-in-the-middle attacks and capture sensitive information. (In some versions of Kali Linux it might be necessary to install this tool separately.)
- -
- GreenBone—an open-source tool designed for vulnerability assessment of networked devices, and is particularly useful for identifying security vulnerabilities in IT networks, including those in smart grid infrastructure. (In some versions of Kali Linux it might be necessary to install this tool separately.)
- -
- hping3—a versatile open-source command-line utility, that allows users to perform advanced network testing and troubleshooting, and performance analysis, including packet crafting, testing firewall rules, and flood attacks.
- -
- Nmap—a commonly used open-source tool for network mapping, with the ability to detect open ports and vulnerabilities, port scanning, and penetration testing, providing valuable information for securing and managing network infrastructure. In the case of smart meters, it is a useful tool for finding open smart meter ports and estimating the services used on these ports.
- -
- tcpreplay—an open-source software tool designed for replaying network traffic from files, making it an ideal solution for testing and troubleshooting network equipment and applications. The tool allows already captured traffic to be scanned, and can test if the device is resistant to double processing of one message. Furthermore, the tool can be used to send modified traffic back to the network and test protection mechanisms such as checksum, fuzzy data resilience, or proper TCP communication sequence number checking.
- -
- Wireshark—a powerful open-source network protocol analyzer that allows users to capture and inspect network traffic in real-time, making it an essential tool for network troubleshooting and optimization.
- Avalanche is a hardware tester, specially designed for emulating clients and servers. It is designed to act as an end device on both sides of communication for testing devices, firewalls, and rules, and is capable of making up to 20 Gbps traffic throughput.
- DATEL is a custom made DLMS client/server application made specially for DLMS security testing. More about this tool is described in the following paragraph. (DATEL is currently not publicly available. However, its functionalities can be implemented using Gurux [49].)
- Frequency analyzer is needed if there is a reasonable suspicion that the device is transmitting data on frequencies and protocols not described in the documentation. The frequency analyzer makes it possible to detect these communications.
- perform firmware update (M3, M4);
- fuzzy testing (M5);
- check if all unnecessary interfaces are disabled (M8);
- generate messages to fill logs on SM (M11);
- check the log sizes, try to delete them (M11);
- perform a replay attack (M15);
- check if data in messages are encrypted (M16);
- check if data in messages have protected integrity (M16);
- check if cryptographic material can be updated (M17);
- verify log entries (M19);
- check if the SM is measuring values during DoS attack (M22);
- verify that lower roles can access security-related objects (M24);
- verify usage of strong authentication (M25);
- verify whether SM blocks roles after unsuccessful attempts (M26);
- perform security based update (M27, M29).DATEL can also be used for tests that are not directly related to the testing methodology:
- testing new communication technologies related to smart metering (e.g., Section 6);
- measuring data volumes of normal operation (e.g., to develop new reading schemes);
- measuring connection parameters: delays, timers, and speeds;
- can be used on a connection that is being tunneled via TLS or IPsec.
6. Cybersecurity in the Context of Wireless Cellular Technologies
6.1. Vendor Backdoor
6.2. Network Registration
6.3. Behavior of Smart Meter in the Case of Limited Radio Conditions
7. Discussion
- the definition of tools, procedures, and rules for testing particular security requirements for smart meters;
- design of the initial prerequisites and DLMS protocol parameters for the testing;
- consideration of the testing methodology with respect to the specifics and limitations of wireless mobile communication technologies (point-to-point).
- NCSC: National Cyber Security Centre (United Kingdom)
- -
- defines a comprehensive national certification for smart meter security;
- -
- considers a different system architecture (prepaid tariffs, hubs, and concentrators).
- DLMS: DLMS security suite
- -
- does not define technical requirements, only cryptographic algorithms and keys.
- BSI profile (Germany)
- -
- In Germany, the AMM model is different and they are considering a smart meter gateway, which must meet the most strict requirements of the BSI guidelines. These requirements could be fulfilled only by the security at higher layers using TLS or IPSec, and with sufficient hardware to meet the technical requirements.
8. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Zaraket, C.; Dogas, I.; Kalyvas, D.; Papageorgas, P.; Aillerie, M.; Agavanakis, K. Open Source LoRaWAN Telemetry Test Bench for Smart Grid—A DLMS/COSEM Implementation Case Study. AIP Conf. Proc. 2022, 2437, 020196. [Google Scholar] [CrossRef]
- Electricity metering decree, Act No. 359/2020 Coll. 2020. Available online: https://eur-lex.europa.eu/legal-content/CS/TXT/PDF/?uri=NIM:202100180 (accessed on 20 January 2023).
- European Commission. NIS2 Directive. 2022. Available online: http://data.europa.eu/eli/dir/2022/2555/oj (accessed on 20 January 2023).
- Zákon 181/2014 Sb. o Kybernetické Bezpečnosti a o Změně Souvisejících Zákonů (Zákon o Kybernetické Bezpečnosti). 2014. Available online: https://www.govcert.cz/download/kii-vis/ZKB_uplne_zneni.pdf (accessed on 20 January 2023).
- SM-301-2019: Security Requirements for Procuring Smart Meters and Data Concentrators. Technical Report, ENCS. 2019. Available online: https://encs.eu/resource/sm-301-2019-security-requirements-for-procuring-smart-meters-and-data-concentrators/ (accessed on 30 January 2023).
- Pudi, S.; Lagineni, M.; JaganMohan, K.; Kumar, R.; Bindhumadhava, B. Secure DLMS/COSEM communication for Next Generation Advanced Metering Infrastructure. Asian J. Converg. Technol. 2021, 7, 92–98. [Google Scholar] [CrossRef]
- Abdalzaher, M.S.; Fouda, M.M.; Emran, A.; Fadlullah, Z.M.; Ibrahem, M.I. A Survey on Key Management and Authentication Approaches in Smart Metering Systems. Energies 2023, 16, 2355. [Google Scholar] [CrossRef]
- Luring, N.; Szameitat, D.; Hoffmann, S.; Bumiller, G. Analysis of security features in DLMS/COSEM: Vulnerabilities and countermeasures. In Proceedings of the 2018 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT), Washington, DC, USA, 19–22 February 2018; pp. 1–5. [Google Scholar] [CrossRef]
- Awad, A.I.; Shokry, M.; Khalaf, A.A.M.; Abd-Ellah, M.K. Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach. Comput. Electr. Eng. 2023, 108, 108667. [Google Scholar] [CrossRef]
- Ur-Rehman, O.; Zivic, N.; Ruland, C. Security issues in smart metering systems. In Proceedings of the 2015 IEEE International Conference on Smart Energy Grid Engineering (SEGE), Oshawa, ON, Canada, 17–19 August 2015; pp. 1–7. [Google Scholar] [CrossRef]
- Bačnar, D.; Leytner, L.; Prenc, R.; Jardas, V.; Lerga, J. On Security and Privacy In Smart Metering Systems. In Proceedings of the 2022 7th International Conference on Smart and Sustainable Technologies (SpliTech), Split/Bol, Croatia, 5–8 July 2022; pp. 1–6. [Google Scholar] [CrossRef]
- Sun, C.C.; Sebastian Cardenas, D.J.; Hahn, A.; Liu, C.C. Intrusion Detection for Cybersecurity of Smart Meters. IEEE Trans. Smart Grid 2021, 12, 612–622. [Google Scholar] [CrossRef]
- Fehér, M.; Yazdani, N.; Aranha, D.F.; Lucani, D.E.; Hansen, M.T.; Vester, F.E. Side Channel Security of Smart Meter Data Compression Techniques. In Proceedings of the 2020 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm), Tempe, AZ, USA, 11–13 November 2020; pp. 1–6. [Google Scholar] [CrossRef]
- Prateek, K.; Maity, S.; Amin, R. An Unconditionally Secured Privacy-Preserving Authentication Scheme for Smart Metering Infrastructure in Smart Grid. IEEE Trans. Netw. Sci. Eng. 2023, 10, 1085–1095. [Google Scholar] [CrossRef]
- Halle, P.D.; Shiyamala, S. Secure advance metering infrastructure protocol for smart grid power system enabled by the Internet of Things. Microprocess. Microsyst. 2022, 95, 104708. [Google Scholar] [CrossRef]
- Ju, S.H.; Seo, H.S. Design key management system for DLMS/COSEM standardbased smart metering. Int. J. Eng. Technol. 2018, 7, 554–557. [Google Scholar]
- Kumar, V.; Hussain, M. Secure communication for advance metering infrastructure in smart grid. In Proceedings of the 2014 Annual IEEE India Conference (INDICON), Pune, India, 11–13 December 2014; pp. 1–6. [Google Scholar] [CrossRef]
- Lieskovan, T.; Hajny, J. Security of Smart Grid Networks in the Cyber Ranges. ARES22. In Proceedings of the 17th International Conference on Availability, Reliability and Security, Vienna, Austria, 23–26 August 2022. [Google Scholar] [CrossRef]
- Xiaobing, L.; Wei, C.; Feng, Z.; Bin, X.; Zhiqiang, S. Design of a security smart meter software testing cloud service system. In Proceedings of the 2016 IEEE Information Technology, Networking, Electronic and Automation Control Conference, Chongqing, China, 20–22 May 2016; pp. 874–878. [Google Scholar] [CrossRef]
- Goyal, H.; Purohit, A. Landis+Gyr. Smart Meter Validation Test Bench. Available online: https://www.ni.com/cs-cz/innovations/case-studies/19/smart-meter-validation-test-bench.html (accessed on 20 January 2023).
- Leping, Z.; Baoshuai, W.; Shanshan, H.; Yi, L.; Yi, P.; Zhanhe, W. Research on Key Test Methods of the Smart Meter Software Based on Failure Modes. J. Phy.: Conf. Ser. 2019, 1325, 012172. [Google Scholar] [CrossRef]
- Janiga, P.; Liska, M.; Volcko, V.; Pilat, B. Testing system for smart meters. In Proceedings of the 2015 16th International Scientific Conference on Electric Power Engineering (EPE), Kouty nad Desnou, Czech Republic, 20–22 May 2015; pp. 519–522. [Google Scholar] [CrossRef]
- Mendes, H.; Medeiros, I.; Neves, N. Validating and Securing DLMS/COSEM Implementations with the ValiDLMS Framework. In Proceedings of the 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W), Luxembourg, 25–28 June 2018; pp. 179–184. [Google Scholar] [CrossRef]
- Marah, R.; Gabassi, I.E.; Larioui, S.; Yatimi, H. Security of Smart Grid Management of Smart Meter Protection. In Proceedings of the 2020 1st International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET), Meknes, Morocco, 16–19 April 2020; pp. 1–5. [Google Scholar] [CrossRef]
- Mlynek, P.; Misurec, J.; Silhavy, P.; Fujdiak, R.; Slacik, J.; Hasirci, Z. Simulation of Achievable Data Rates of Broadband Power Line Communication for Smart Metering. Appl. Sci. 2019, 9, 1527. [Google Scholar] [CrossRef]
- Mikulasek, M.; Dvorak, R.; Stusek, M.; Masek, P.; Mozny, R.; Mlynek, P.; Hosek, J. NB-IoT vs LTE Cat M1: Demystifying Performance Differences under Varying Radio Conditions. In Proceedings of the 2022 14th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), Valencia, Spain, 11–13 October 2022; pp. 133–138. [Google Scholar] [CrossRef]
- European Commission. Mandate M441 for Smart Meters. 2009. Available online: https://energy.ec.europa.eu/mandate-m441-smart-meters-march-2009_en (accessed on 30 January 2023).
- Smart Meters Coordination Group. SM-CG: Smart Grids and Meters. Technical Report, CEN, CENELEC, ETSI. 2016. Available online: https://www.cencenelec.eu/areas-of-work/cen-cenelec-topics/smart-grids-and-meters/smart-meters/ (accessed on 30 January 2023).
- Smart Meters Coordination Group. Protection Profile for Smart Meter Minimum Security Requirements. Technical Report, CEN, CENELEC, ETSI. 2019. Available online: https://www.esmig.eu/wp-content/uploads/2022/01/Protection-Profile-for-Smart-Meters.pdf (accessed on 30 January 2023).
- Smart Meters Coordination Group. Minimum Security Requirements for AMI Components. Technical Report, CEN, CENELEC, ETSI. 2016. Available online: https://www.cencenelec.eu/media/CEN-CENELEC/AreasOfWork/CEN-CENELEC_Topics/SmartGridsandMeters/SmartMeters/smcg_sec0109.pdf (accessed on 30 January 2023).
- ETSI TR 103 118: Machine-to-Machine Communications (M2M); Smart Energy Infrastructures Security; Review of Existing Security Measures and Convergence Investigations. Technical Report, ETSI. 2015. Available online: https://www.etsi.org/deliver/etsi_tr/103100_103199/103118/01.01.01_60/tr_103118v010101p.pdf (accessed on 30 January 2023).
- ETSI TR 103 644: Observations from the SUCCESS Project Regarding Smart Meter Security. Technical Report, ETSI. 2020. Available online: https://www.etsi.org/deliver/etsi_tr/103600_103699/103644/01.02.01_60/tr_103644v010201p.pdf (accessed on 30 January 2023).
- Leszczyna, R. Cybersecurity in the Electricity Sector: Managing Critical Infrastructure; Springer: Cham, Switzerland, 2019. [Google Scholar] [CrossRef]
- Cervingi, G.; Larouche, P. Regulating smart metering in Europe: Technological, Economic and Legal Challenges. Technical Report, CERRE. 2014. Available online: https://cerre.eu/publications/regulating-smart-metering-europe-technological-economic-and-legal-challenges/ (accessed on 30 January 2023).
- European Commission. Critical Infrastructure and Cybersecurity. 2020. Available online: https://energy.ec.europa.eu/topics/energy-security/critical-infrastructure-and-cybersecurity_en (accessed on 30 January 2023).
- Green Book: DLMS/COSEM Architecture and Protocols, 10-v1.0 ed.; DLMS User Association: Zug, Switzerland, 2020.
- Blue Book: COSEM Interface Classes and OBIS Object Identification System, 14-v1.0 ed.; DLMS User Association: Zug, Switzerland, 2020.
- Lieskovan, T.; Hajny, J.; Cika, P. Smart Grid Security: Survey and Challenges. In Proceedings of the 11th International Congress on Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), Dublin, Ireland, 28–30 October 2019. [Google Scholar] [CrossRef]
- Barker, E.; Chen, L.; Keller, S.; Roginsky, A.; Vassilev, A.; Davis, R. Recommendation for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography; Technical Report; National Institute of Standards and Technology (NIST): Gaithersburg, MD, USA, 2018. [Google Scholar] [CrossRef]
- Barker, E. Recommendation for Key Management: Part 1—General; Technical Report; National Institute of Standards and Technology (NIST): Gaithersburg, MD, USA, 2020. [Google Scholar] [CrossRef]
- ECRYPT–CSA. Algorithms, Key Size and Protocols Report; IACR Cryptology ePrint Archive: Bristol, UK, 2018; Available online: https://www.ecrypt.eu.org/csa/documents/D5.4-FinalAlgKeySizeProt.pdf (accessed on 20 January 2023).
- European Union Agency for Cybersecurity; Smart, N. Algorithms, Key Size and Parameters: Report—2014; ENISA: Heraklion, Greece, 2014. [Google Scholar] [CrossRef]
- NÚKIB. Minimální Požadavky na Kryptografické Algoritmy. 2022. Available online: https://www.nukib.cz/download/publikace/podpurne_materialy/Kryptograficke_prostredky_doporuceni_v2.0.pdf (accessed on 21 January 2023).
- Barker, E.; Roginsky, A.; Davis, R. Recommendation for Cryptographic Key Generation; Technical Report; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2017. [Google Scholar] [CrossRef]
- NAP SG–Safety Requirements for Smart Meters and Related Infrastructure. 2020. Available online: https://www.mpo.cz/assets/cz/energetika/strategicke-a-koncepcni-dokumenty/narodni-akcni-plan-pro-chytre-site/2020/5/Vytah-studie-NAP-SG-kyberneticka-bezpecnost.pdf (accessed on 20 February 2023).
- Kohout, D.; Lieskovan, T.; Masek, P.; Slacik, J.; Mlynek, P. Project-Testing the Cyber Security of Smart Electricity Meters 1. 2022. Available online: https://www.vut.cz/en/rad/projects/detail/34928 (accessed on 19 January 2023).
- Kohout, D.; Lieskovan, T.; Masek, P.; Slacik, J.; Mlynek, P. Project-Testing the Cyber Security of Smart Electricity Meters 2. 2022. Available online: https://www.vut.cz/en/rad/projects/detail/34927 (accessed on 20 January 2023).
- National Action Plan for Smart Grids (NAP SG). 2016. Available online: https://www.mpo.cz/en/energy/electricity/national-action-plan-for-smart-grids-nap-sg--221572/ (accessed on 14 January 2023).
- Gurux DLMS Library. Available online: https://www.gurux.fi/ (accessed on 10 January 2023).
- Kohout, D.; Mlýnek, P. Testing Smart Meters with Custom Application. In Proceedings of the 2022 IEEE International Carnahan Conference on Security Technology (ICCST), Valeč, Czech Republic, 7–9 September 2022; pp. 1–6. [Google Scholar] [CrossRef]
- Mlýnek, P.; Mašek, P.; Fujdiak, R.; Sláčik, J. Roll-out chytrých elektroměru s NB-IoT/LTE Cat M–reálné zkušenosti. In Proceedings of the Sborník konference ČK CIRED 2022, České Budějovice, Czech Republic, 8–9 November 2022. [Google Scholar]
No. | Authors | Year | DLMS | Method | Purpose |
---|---|---|---|---|---|
[5] | ENCS | 2019 | ✗ | C /L /E | Security requirements and methodology |
[6] | Shanmukesh Pudi et al. | 2021 | ✓ | A /L /E | Practical attacks on SMs, modification of messages |
[7] | M. S. Abdalzaher et al. | 2023 | ✗ | A | Key management analysis for SMs |
[8] | Norman Luring et al. | 2018 | ✓ | A | Analysis of weaknesses of the security layer in DLMS |
[9] | Ali Ismail Awad et al. | 2023 | ✗ | A | Assessment of potential security risks in SMs |
[10] | Obaid Ur-Rehman et al. | 2015 | ✗ | C /A | Analysis of security issues in SMs and introduction to possible solutions |
[11] | David Bačnar et al. | 2022 | ✗ | A | Security and privacy analysis with intrusion detection system for SMs |
[12] | Chih-Che Sum et al. | 2021 | ✗ | C | Intrusion detection system for SMs |
[13] | Marcell Fehér et al. | 2020 | ✓ | M /L | Correlation between the length of messages and consumption |
[14] | Kumar Prateek et al. | 2023 | ✗ | C /M /A | New authentication scheme for SMs |
[15] | Priyanka D. Halle et al. | 2022 | ✗ | M /A | New protocol for creating secure path through sensors |
[16] | Seung-Hwan Ju et al. | 2018 | ✓ | C | Secure key transfer from manufacturer to operator |
[17] | Vijay Kumar et al. | 2014 | ✗ | C | Design of security protocol to secure AMI systems |
[18] | Tomas Lieskovan et al. | 2022 | ✓ | S | Open-source cyber range for DLMS, training purpose |
[19] | Liang Xiaobing et al. | 2016 | ✗ | E /F | Cloud based software for testing SMs |
[20] | Himanshu Goyal et al. | 2021 | ✓ | W /L | Validation test bench to test reliability of SMs |
[21] | Zhang Leping et al. | 2019 | ✗ | L | Testing the reliability of SMs’ software implementation |
[22] | Peter Janiga et al. | 2015 | ✗ | L /E | Testing system for SMs directed on reliability |
[23] | Henrique Mendes et al. | 2018 | ✓ | L | Tool for testing security during power line communication |
[24] | Rim Marah et al. | 2020 | ✗ | C | Threats for smart meters and proposed system for fire safety of SMs |
Attribute | Name | Value | Note |
---|---|---|---|
1 | Logical Name | 1.0.32.7.0.255 | Ch. 0 L1 voltage inst. value |
2 | Value | 2453 | Value needs to be combined with scaler |
3 | Scaler and Unit | S: –1, U: 35 | Voltage (35) |
Suite ID | Authenticated Encryption | Digital Signature | Key Agreement | Hash | Key Transport | Compression |
---|---|---|---|---|---|---|
0 | AES- GCM-128 | - | - | - | AES-128 key wrap | - |
1 | AES- GCM-128 | ECDSA P-256 | ECDH P-256 | SHA- 256 | AES-128 key wrap | V.44 |
2 | AES- GCM-256 | ECDSA P-384 | ECDH P-384 | SHA- 384 | AES-256 key wrap | V.44 |
3–15 | Reserved for future updates |
Cryptographic Requirements | By 2030 | 2030–2036 | Past 2036 |
---|---|---|---|
Ensuring confidentiality | |||
Use of block cipher AES-256 | ✓ | ✓ | ✓ |
Use of block cipher AES-128, AES-192 | ✓ | ✗ | ✗ |
Ensuring confidentiality and integrity | |||
Use of block cipher mode GCM, CCM | ✓ | ✓ | ✓ |
Use of block cipher mode CTR, OFB, CBC, CFB in combination with secure MAC in mode EncryptThenMAC with approved ciphers | ✓ | ✗ | ✗ |
Ensuring integrity | |||
Digital signature DSA 15360 and more, EC-DSA-512 and more, RSA 15360 and more | ✓ | ✓ | ✓ |
Digital signature DSA 3072, EC-DSA-256, RSA 3072 | ✓ | ✓ | ✗ |
Hash SHA2-512, SHA3-512 | ✓ | ✓ | ✓ |
Hash SHA2-256, SHA2-384, SHA3-256, SHA3-384 | ✓ | ✓ | ✗ |
Mode for integrity protection HMAC, CMAC | ✓ | ✓ | ✓ |
Ensuring key management | |||
DH-15360, ECDH-512 | ✓ | ✓ | ✓ |
DH-3072, ECDH-256 | ✓ | ✓ | ✗ |
Random bit generator | |||
HMAC_DRBG, Hash_DRBG both for SHA-1, SHA-224, SHA-512/224, SHA-256, SHA-512/256, SHA-384, SHA-512, SHA3-512 | ✓ | ✓ | ✓ |
No. | Description |
---|---|
1 | Safe recovery after an error, outage, or failure |
2 | Reliable time synchronization |
3 | Instructions for safe installation, initialization, and operation supplied together with the device |
4 | Data validation before its use: protection of inputs |
5 | Flood protection (DoS) using traffic filtering or network segmentation, resource management |
6 | Interface minimization: deactivation of all unnecessary services, protocols, and physical interfaces |
7 | Security events must be recorded and reported, the log must be protected against modification and deletion, min. size for 1000 security records |
8 | Every device must be uniquely identifiable |
9 | Data in messages must be encrypted |
10 | Messages must have integrity protection |
11 | Execution of commands must be confirmed |
12 | Access to the elements processing sensitive data requires breaking through a security perimeter with a seal |
13 | Cryptographic credentials must be unique and securely stored for the smart meter, they must not reduce the security of another smart meter after being stolen |
14 | Separation of measurement and communication functionality |
15 | Remote update of security features and cryptographic primitives |
16 | Remote update of cryptographic credentials |
Result | Description |
---|---|
PASS | This test was successful. The security requirements are fulfilled. |
FAIL | This test was unsuccessful. The security requirements are not fulfilled. |
PASS* | This test was successful. The security requirements are fulfilled, but there is some space for improvement. This is not related to the test outcome, but it could have an impact on the functional or security side of the whole solution. |
ID | Description | Tools for Testing |
---|---|---|
General Requirements | ||
M1 | Safe recovery after failure | K |
M2 | Instructions for safe installation, initialization, and operation | - |
Firmware Protection | ||
M3 | Install new firmware only after successful check of digital signature | D/K |
M4 | Firmware integrity check before startup | D |
Interfaces Protection | ||
M5 | Data validation before use (input protection, fuzzy testing) | D/K |
M6 | Flood protection (DoS) using traffic filtering or network segmentation | A/D/K |
M7 | Interface minimization—deactivation of all unnecessary services and protocols | D/K |
M8 | Deactivation of all physical and logical interfaces (that are not expected for functional requirements) | D/F |
M9 | Settings protection—configuration changes can only be made in authorized mode | D |
Logging | ||
M10 | The meter must report security events | D/K |
M11 | Security events must be recorded, this log must be protected against modification and deletion, with minimal size of 1000 security entries | D |
Message Protection | ||
M12 | The security level of the random number generators must be defined (at least 128 bits) | - |
M13 | The PRNG (pseudo-random number generator) must conform to NIST standards | - |
M14 | Randomization of required initialization values of cryptographic algorithms | - |
M15 | Protection against double processing of the same message (replay of messages) | D/K |
M16 | The data in messages must be encrypted | D/K |
M17 | Messages must have protected integrity | D/K |
M18 | It is possible to update cryptographic material | D |
Physical Protection | ||
M19 | When an intrusion is attempted, a log entry is created and a warning message is sent | D/K |
M20 | Sensitive data processing components are covered by a security perimeter | - |
M21 | The device perimeter must be sealed | - |
Resistance | ||
M22 | Separation of measurement and communication functionalities (device must measure all values, even under DoS attack) | A/D/K |
M23 | Maintaining security during/after a failure (device cannot reveal any keys or stop securing messages/enforcing access levels) | D |
Access Control | ||
M24 | Separating roles, assigning permissions to roles, assigning roles to interfaces | D |
M25 | User authentication must use strong authentication methods (strong keys and passwords) | D |
M26 | Device blocks roles/users after unsuccessful authentication attempts | D |
Future Update | ||
M27 | Remote update of security functionalities and cryptographic primitives | D |
M28 | Sufficient future resources (RAM, flash, and computational power) to update security and cryptographic functionality. Securing device throughout the life cycle of the meter | - |
M29 | Remote update of cryptographic credentials | D |
M30 | Compliance of used algorithms with cryptographic requirements | - |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Kohout, D.; Lieskovan, T.; Mlynek, P. Smart Metering Cybersecurity—Requirements, Methodology, and Testing. Sensors 2023, 23, 4043. https://doi.org/10.3390/s23084043
Kohout D, Lieskovan T, Mlynek P. Smart Metering Cybersecurity—Requirements, Methodology, and Testing. Sensors. 2023; 23(8):4043. https://doi.org/10.3390/s23084043
Chicago/Turabian StyleKohout, David, Tomas Lieskovan, and Petr Mlynek. 2023. "Smart Metering Cybersecurity—Requirements, Methodology, and Testing" Sensors 23, no. 8: 4043. https://doi.org/10.3390/s23084043
APA StyleKohout, D., Lieskovan, T., & Mlynek, P. (2023). Smart Metering Cybersecurity—Requirements, Methodology, and Testing. Sensors, 23(8), 4043. https://doi.org/10.3390/s23084043