research-article

Designing and operating through compromise: architectural analysis of CKMS for the advanced metering infrastructure

Authors:

Michael Duren,

Hal Aldridge,

Robert K. Abercrombie,

Frederick T. SheldonAuthors Info & Claims

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

Article No.: 48, Pages 1 - 3

https://doi.org/10.1145/2459976.2460031

Published: 08 January 2013 Publication History

Get Access

Abstract

Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principles and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution and management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack.

We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.

References

[1]

F. T. Sheldon, R. K. Abercrombie, and A. Mili, "Methodology for Evaluating Security Controls Based on Key Performance indicators and Stakeholder Mission," IEEE HICSS, Jan. '09

Google Scholar

[2]

A. Ben Aissa, R. K. Abercrombie, F. T. Sheldon, and A. Mili, "Quantifying Security Threats and Their Potential Impacts: A Case Study," Innovations in Systems and Software Engineering, Volume 6, Number 4, pp. 269--281, Springer London: December 2010 (DOI 10.1007/s11334-010-0123-2)

Digital Library

Google Scholar

[3]

"RSA to replace millions of SecurID tokens -- IT should take notice", http://www.thetechherald.com/article.php/201123/7248/RSA-to-replace-millions-of-SecurID-tokens-IT-should-take-notice, Jun 2007

Google Scholar

[4]

"EMC Unit RSA to Replace Security Tokens After Data Breach", http://www.businessweek.com/news/2011-06-07/emc-unit-rsa-to-replace-security-tokens-after-data-breach.html

Google Scholar

[5]

"Comodo Hacker Claims Credit for DigiNotar Attack", http://www.pcworld.com/businesscenter/article/239534/comodo_hacker_claims_credit_for_diginotar_attack.html

Google Scholar

[6]

"Google tells Iranians: Change your Gmail password", http://www.theregister.co.uk/2011/09/09/gmail_diginotar_se curity_alert/

Google Scholar

[7]

"Google, Skype, Yahoo Targeted by Rogue Comodo SSL Certificates",http://www.pcworld.com/businesscenter/article/223147/google_skype_yahoo_targeted_by_rogue_comodo_s sl_certificates.html, Mar 2011

Google Scholar

Cited By

View all

Abraham DToftegaard ØGebremedhin AYayilgan S(2023)Consequence Verification During Risk Assessments of Smart GridsCritical Infrastructure Protection XVII10.1007/978-3-031-49585-4_3(40-61)Online publication date: 29-Dec-2023
https://doi.org/10.1007/978-3-031-49585-4_3
Hachem JChiprianov VBabar MKhalil TAniorte P(2020)Modeling, analyzing and predicting security cascading attacks in smart buildings systems-of-systemsJournal of Systems and Software10.1016/j.jss.2019.110484162:COnline publication date: 1-Apr-2020
https://dl.acm.org/doi/10.1016/j.jss.2019.110484
Hachem JPang ZChiprianov VBabar AAniorte P(2016)Model Driven Software Security Architecture of Systems-of-Systems2016 23rd Asia-Pacific Software Engineering Conference (APSEC)10.1109/APSEC.2016.023(89-96)Online publication date: 2016
https://doi.org/10.1109/APSEC.2016.023
Show More Cited By

Index Terms

Designing and operating through compromise: architectural analysis of CKMS for the advanced metering infrastructure
1. Social and professional topics
  1. Professional topics
    1. Management of computing and information systems
      1. Software management

Recommendations

Prevention of DoS Attacks Based on Light Weight Dynamic Key Mechanism in Hierarchical Wireless Sensor Networks
FGCN '08: Proceedings of the 2008 Second International Conference on Future Generation Communication and Networking - Volume 01

Denial of service (DoS) attack is an impelling inside attack in the form of interference or collision at the receiver side, which can causes serious damage to the functions of wireless sensor networks (WSNs). In this paper, we propose a solution using ...
A framework for intrusion detection system in advanced metering infrastructure

Advanced metering infrastructure AMI is one of the key elements in smart grid, which facilitates the communication of metering data to a substation in one direction and control messages in the reverse direction. Using wireless technologies and ...
Cascading attacks against smart grid using control command disaggregation and services
SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

In this paper, we propose new types of cascading attacks against smart grid that use control command disaggregation and core smart grid services. Although there have been tremendous research efforts in injection attacks against the smart grid, to our ...

Comments

Information & Contributors

Information

Published In

CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop

January 2013

282 pages

ISBN:9781450316873

DOI:10.1145/2459976

Editors:
Frederick Sheldon
Oak Ridge National Laboratory
,
Annarita Giani
Los Alamos National Laboratory
,
Axel Krings
University of Idaho
,
Robert Abercrombie
Oak Ridge National Laboratory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 January 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CSIIRW '13

Sponsor:

Los Alamos National Labs
Sandia National Labs
DOE
Lawrence Livermore National Lab.
BERKELEYLAB
Argonne Natl Lab
Idaho National Lab.
Nevada National Security Site

CSIIRW '13: Cyber Security and Information Intelligence

January 8 - 10, 2013

Tennessee, Oak Ridge, USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
194
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Abraham DToftegaard ØGebremedhin AYayilgan S(2023)Consequence Verification During Risk Assessments of Smart GridsCritical Infrastructure Protection XVII10.1007/978-3-031-49585-4_3(40-61)Online publication date: 29-Dec-2023
https://doi.org/10.1007/978-3-031-49585-4_3
Hachem JChiprianov VBabar MKhalil TAniorte P(2020)Modeling, analyzing and predicting security cascading attacks in smart buildings systems-of-systemsJournal of Systems and Software10.1016/j.jss.2019.110484162:COnline publication date: 1-Apr-2020
https://dl.acm.org/doi/10.1016/j.jss.2019.110484
Hachem JPang ZChiprianov VBabar AAniorte P(2016)Model Driven Software Security Architecture of Systems-of-Systems2016 23rd Asia-Pacific Software Engineering Conference (APSEC)10.1109/APSEC.2016.023(89-96)Online publication date: 2016
https://doi.org/10.1109/APSEC.2016.023
El Hachem JBertolino ACanfora GElbaum S(2015)Towards model driven architecture and analysis of system of systems access controlProceedings of the 37th International Conference on Software Engineering - Volume 210.5555/2819009.2819201(867-870)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2819009.2819201
El Hachem J(2015)Towards Model Driven Architecture and Analysis of System of Systems Access Control2015 IEEE/ACM 37th IEEE International Conference on Software Engineering10.1109/ICSE.2015.280(867-870)Online publication date: May-2015
https://doi.org/10.1109/ICSE.2015.280

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Prevention of DoS Attacks Based on Light Weight Dynamic Key Mechanism in Hierarchical Wireless Sensor Networks

A framework for intrusion detection system in advanced metering infrastructure

Cascading attacks against smart grid using control command disaggregation and services

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations