Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

Size: px

Start display at page:

Download "Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability"

Julianna Montgomery
5 years ago
Views:

1 Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability Communications and Embedded Systems Department Southwest Research Institute Gary Ragsdale, Ph.D., P.E. August 24 25, 2010

2 Southwest Research Institute years, founded employees R&D projects/yr. $500M revenue 1200 acres 170 buildings 2.1 million square feet 2009 J. Dan Bates

3 Presentation Objectives Report on the security posture of Smart Grid devices Describe progress made in Smart Grid security Propose a more robust approach to SG security Describe needs for further research and development

5 What is Smart Grid Infrastructure Assessment? Security analysis of smart grid systems & communications Reverse engineering Penetration testing Threat and risk assessment Advanced security methods Power analysis for key discovery Hardware attacks such as decapping chips Developing vulnerability exploits

Hacking Proprietary Smart Meters Recovery of crypto keys, security tokens, & passwords via physical attacks on hardware Firmware extraction through debug interfaces and monitoring of system state

6 Hacking Proprietary Smart Meters Recovery of crypto keys, security tokens, & passwords via physical attacks on hardware Firmware extraction through debug interfaces and monitoring of system state with In-Circuit Emulators (ICE) Firmware Analysis, Reverse Engineering, and Modification Physical Bus Snooping and Traffic Injection Traffic capture, spoofing, and denial of service attacks on radios

7 Proprietary SG Built with Off-the-Shelf Technology Off-the-shelf microcontrollers Reference electronics design kits Chip specifications and application notes Software development and debug tools Programming and maintenance tools Off-the-shelf communications technology Radio electronics & protocol kits & documentation Software-defined radio development tools Communication protocols simulators

8 Implementing TCG Standards Within Systems Trusted Platform Module (TPM) Provides root of trust Secure storage Signing & hashing functions Tamper detection Accelerates cryptography TPM software stack Implements TCG stack Manages TPM chip

9 Typical Trusted Computing Platform Trust Hierarchy Device Root of Trust (trusted platform electronics) Secure secret storage TPM chip root trust secret Owner root trust secret Memory hash signature Standard encryption algorithm Standard hashing algorithm Tamper detection indicators Data Exchange Session Control (public-private key) Boot Loader Integrity (memory hash) Key Rotation Session Control (public-private key) Software Update Session Control (public-private key) Data Exchange Session Security (symmetric key) Code and Data Integrity (memory hash) Software Update Session Security (symmetric key)

10 Prototypical SG Trusted Computing Platform Phytec with Expansion Board Opal Kelly FPGA with Expansion Board Atmel TPM chip mounted on prototyping board

11 Building an Trusted, Open Smart Grid Device Applications Device Application Software Crypto Service Provider (CSP) MatrixSSL TCG Software Stack (TSS) Trusted Device Driver Library (TDDL) libtpm libtpm TSS integration Device Driver TPM Device Linux kernel Atmel AT97SC3203 * Wave Systems Corp. Platform Specific

12 Building an Trusted, Open Smart Grid Device Market Requirements Applications Proprietary Software Generic Cyber Security Requirements Crypto Service Provider (CSP) TCG Software Stack (TSS) Trusted Device Driver Library (TDDL) Device Driver TPM Device Open Standards & Open Source Software * Wave Systems Corp.

13 Dynamic Data Flow Analysis System Architecture Application C Program DDFA Compiler System Static Analysis Instrumentation Engine Dynamically Policed C Program Policy Specification Translator DDFA Runtime Library Security Policies Test Policies Fault Tolerance Policies

14 Development with DDFA Security policy separate from source code Static dataflow analysis minimizes instrumentation Runtime library provides the dynamic data flow analysis capability DDFA Runtime Library Policy and dynamic data flow analysis provide customized error mitigation DDFA Compiler Security Policed C Code Conventional Compiler Security Policed Executable

15 Need for Smart Grid Security R&D Ongoing threat & risk assessment of new SG devices Enhanced decapping protections for TPM modules Increased RD&T for open source, TCG stack Enhancements to the DDFA compiler Support for more languages within the DDFA compiler Addition of new DDFA fight through attack policies

16 Questions and Answers

Atmel Trusted Platform Module June, 2014

Atmel Trusted Platform Module June, 2014 1 2014 Atmel Corporation What is a TPM? The TPM is a hardware-based secret key generation and storage device providing a secure vault for any embedded system Four