FAQ

“Smart Grid” generally refers to the modernization of the current electric utility, transmission, and distribution system. Title XIII of The Energy Independence and Security Act of 2007 describes the Smart Grid as a distribution system that allows for flow of information from a customer’s meter in two directions: both inside the house to thermostats, appliances, and other devices, and from the house back to the utility”

The Smart Grid is a catalyst for a wide variety of new and evolving technologies including smart meters, load shed devices, and smart appliances. These capabilities are also driving upgrades, to networks that manage and secure communications within the smart grid.

Security is evolving from little or no security, to a mandatory requirement for a metering deployment. The actual cryptographic means of a metering deployment is generally defined (usually in terms of cryptographic goals), however security is becoming a major differentiator in how utility proposals are responded to and won.

Transformational elements of the Smart Grid include a wide variety of technologies that control and manage the generation, transmission, and distribution of electricity. Some of the elements that are redefining the electric grid have to do with the following:

• Generation of cleaner or “greener” electricity – wind farms, solar energy, nuclear…
• The efficient transmission of energy - more efficient conductors.
• Meter Data Management systems.
• Advanced Metering and demand response capabilities
• Security
• Home area networking
• Energy Storage.
• Advanced monitoring and response applications.

With the build out of two way communication between the meter, and the utility, utility companies recognized the need for stronger security for utility to meter communications. Public-key algorithms create a mechanism for sharing keys among large numbers of meters or endpoints in a complex meter data management system.

Public Key cryptography allows utilities to securely control, and manage individual meters. One of the major benefits of a PKI in metering is that if a meter key gets compromised, only that individual meter is compromised. PKI brings other major benefits such as:

• Strong Mutual Authentication
• Non-repudiation
• Key agreement for session confidentiality

Communication systems that rely on a single network key for encryption and decryption (symmetric key cryptography) run the risk of compromising the entire network if a key is lost or stolen. The risk associated with managing this type of network becomes unacceptable as the number of endpoints increase.

Symmetric key cryptography involves a class of algorithms that use the same key (or related key) to both encrypt and decrypt information. Examples are the advanced encryption standard (AES) or Triple Des.

Symmetric key algorithms are generally very efficient, however have risks associated with key compromise.

Elliptic curve cryptography (ECC) was discovered in 1985 by Victor Miller (IBM) and Neil Koblitz (University of Washington) as an alternative mechanism for implementing public-key cryptography. Public-key algorithms create a mechanism for sharing keys among large numbers of participants or entities in a complex information system. Unlike other popular algorithms such as RSA, ECC is based on discrete logarithms that much more difficult to challenge at equivalent key lengths.

Metering deployments can have stringent bandwidth requirements, and at the same time, require a high level of security. The overhead associated with adding security to command and control packets sent to a meter can be prohibitive, and severely degrade network performance. These deployments can also be fielded for up to 20 years.

ECC offers strong security, efficiency and scalability over conventional public-key cryptography algorithms making it well suited in bandwidth constrained applications. Likewise, ECC is the encryption standard chosen by the National Security Agency for use over the next several decades.

NIST is currently working on an interim roadmap for security standards for the Smart Grid. The roadmap is scheduled to be delivered to the Federal Energy Regulation Commission by the end of 2009 for review and approval.

Public Key cryptography standards will play a major roll for security in large metering deployments.

Several security threats to the Smart Grid have been noted, and documented. The threats have manifested themselves as malicious software programs, mechanical attacks on meters, and unauthorized remote access. The use of IP enabled technologies makes the smart grid more vulnerable to a cyberattack.

In a replay attack, an adversary records a communication session and replays the entire session or a portion of the session at some later point in time. For example, an adversary may want to record a low electric usage response to replay upon further queries when usage is actually much higher.

Non-repudiation is a service which prevents an entity from denying previous commitments or actions. For example if a home owner electronically opts in to a load shed schedule, and later disputes the action, an electronic record can resolve the dispute. In cryptography, non-repudiation is resolved with the digital signature.

Very little information should be transmitted completely in the clear wrt AMI. There are obvious consumer privacy issues that must be kept confidential.

Meter commands must be authenticated as coming from a reliable source.

Certain consumer informational broadcast information can arguably be sent in the clear.