Abstract
Successful decentralized and prosumer-based smart grids need to be at least as dependable and secure as the prevailing one-way, generation-transmission-distribution-consumer power grids. With this motivation in mind, we propose a two-phase model-based design methodology for secure architectural design and secure deployment of such a security architecture on a distributed separation kernel. In particular, we are modeling essential parts of a smart micro grid with several interacting prosumers, and demonstrate exemplary security/privacy requirements of this smart grid. The security policy architecture of this smart grid is deployed on a secure distributed platform, relying on a combination of separation kernels and deterministic network, as developed in the Distributed MILS project.
This work has been carried out as part of the D-MILS project (www.d-mils.org) which is funded by the European Commission under the \(7^{ th }\) Framework Programme for Information and Communications Technology. The smart grid case study has been supported by Siemens, the EIT ICT Labs, and the Bavarian Ministry of Economics.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The D-MILS platform consists of a LynxSecure hypervisor provided by LynuxWorks and a TTEthernet solution provided by TTTech.
- 2.
AF3 is an open source tool available at http://af3.fortiss.org.
References
Alves-Foss, J., Harrison, W.S., Oman, P., Taylor, C.: The MILS architecture for high-assurance embedded systems. Int. J. Embed. Syst. 2(3/4), 239–247 (2006)
Balliu, M.: A logic for information flow analysis of distributed programs. In: Riis Nielson, H., Gollmann, D. (eds.) NordSec 2013. LNCS, vol. 8208, pp. 84–99. Springer, Heidelberg (2013)
Boettcher, C., DeLong, R., Rushby, J., Sifre, W.: The MILS component integration approach to secure information sharing. In: IEEE/AIAA 27th Digital Avionics Systems Conference, 2008, DASC 2008, pp. 1.C.2-1–1.C.2-14. IEEE (2008)
Broy, M., Stølen, K.: Specification and Development of Interactive Systems: Focus on Streams, Interfaces, and Refinement. Springer, Secaucus (2001)
Camek, A., Holzl, F., Bytschkow, D.: Providing security to a smart grid prosumer system based on a service oriented architecture in an office environment. In: Proceedings of Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES (2013)
Chong, S., van der Meyden, R.: Using architecture to reason about information security. In: Layered Assurance Workshop (2012)
Clarkson, M.R., Finkbeiner, B., Koleini, M., Micinski, K.K., Rabe, M.N., Sánchez, C.: Temporal logics for hyperproperties. In: Abadi, M., Kremer, S. (eds.) POST 2014 (ETAPS 2014). LNCS, vol. 8414, pp. 265–284. Springer, Heidelberg (2014)
Clarkson, M.R., Schneider, F.B.: Hyperproperties. J. Comput. Secur. 18(6), 1157–1210 (2010)
D-MILS: Distributed MILS for dependable information and communication infrastructures. STREP, FP7. http://www.d-mils.org
D-MILS: Safety and security requirements for the fortiss Smart Micro Grid demonstrator (2013), d-MILS project deliverable
de Moura, L., Bjørner, N.S.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)
ENISA: Appropriate security measures for smart grids - guidelines to assess the sophistication of security measures implementation. Study of the European Network and Information Security Agency (ENISA) (2012)
ENISA: Smart grid security - recommendations for Europe and member states. Study of the European Network and Information Security Agency (ENISA) (2012)
Fagin, R., Halpern, J.Y., Moses, Y., Vardi, M.Y.: Reasoning About Knowledge. MIT Press, Cambridge (1995)
Koss, D., Sellmayr, F., Bauereiß, S., Bytschkow, D., Gupta, P.K., Schätz, B.: Establishing a smart grid node architecture and demonstrator in an office environment using the SOA approach. In: SE4SG, ICSE, pp. 8–14. IEEE (2012)
van der Meyden, R.: What, indeed, is intransitive noninterference? In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 235–250. Springer, Heidelberg (2007)
NIST: NIST IR 7628: guidelines for smart grid cyber security (2011). http://csrc.nist.gov/publications/PubsNISTIRs.html
Quilbeuf, J., Igna, G., Bytschkow, D., Ruess, H.: Security policies for distributed systems. CoRR abs/1310.3723 (2013)
Rushby, J.: Noninterference, transitivity, and channel-control security policies. SRI International, Computer Science Laboratory (1992)
Rushby, J.: Partitioning in avionics architectures: requirements, mechanisms, and assurance. Technical report, DTIC Document (2000)
Vanfleet, W.M., et al.: MILS: architecture for high assurance embedded computing. Cross Talk 18, 12–16 (2005)
Yardley, T., Berthier, R., Nicol, D., Sanders, W.: Smart grid protocol testing through cyber-physical testbeds. In: ISGT, 2013 IEEE PES, pp. 1–6 (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Bytschkow, D., Quilbeuf, J., Igna, G., Ruess, H. (2014). Distributed MILS Architectural Approach for Secure Smart Grids. In: Cuellar, J. (eds) Smart Grid Security. SmartGridSec 2014. Lecture Notes in Computer Science(), vol 8448. Springer, Cham. https://doi.org/10.1007/978-3-319-10329-7_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-10329-7_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10328-0
Online ISBN: 978-3-319-10329-7
eBook Packages: Computer ScienceComputer Science (R0)