SlideShare ist ein Scribd-Unternehmen logo
1 von 27
Downloaden Sie, um offline zu lesen
© 2012 Sirrix AG




Applying a Security Kernel Framework
      to Smart Meter Gateways
         Michael Gröne, Marcel Winandy




                                                       1
Introduction: The Smart Grid Household



                         Computer
      Solar panel




                       Thermostat       Dish washer




                                                      Hybrid / e-car
      Battery pack   Hot water heater   Sensors




                                                                       2
Introduction: Smart Metering Infrastructure


                                                      Utility Provider


                       Gateway



                                           Internet
             Gateway




                                 Gateway




                                                                     3
Critical Issues


•  Privacy (individual power consumption, smart home communication)


•  Security (connection via Internet, different data and stakeholders)




                                                                         4
Considerations by the EU
  •  EU Directive 2009/72/EC:
      •  80% of households should be equipped with smart meters by 2020

  •  EU Task Force on Smart Grids, Expert Group 2 (February 2011):
      •  “Smart Grid products and solutions should be designed from the start
         with appropriate levels of data privacy and security at their core”

  •  EU Commission’s recommendation (March 2012):
      •  Use “‘best available techniques’ to safeguard personal data and
         guarantee data security when data are processed in smart metering
         systems and smart grids”



(cf. Tijmen Wisman: “The Transformation of the Home through the Internet of Things: the impact on the private sphere” at APC 2012)
                                                                                                                               5
This Talk


Security requirements for smart meter gateways


The TURAYATM High-Assurance Security Kernel
              Framework

    Applying the security kernel framework
           to smart meter gateways

                                                 6
Security requirements for smart meter gateways




                                                 7
Smart Meter Gateway
                                                         External Parties:
                                                         -  Utility provider (billing)
                                                         -  Gateway Admin




Home Area Network:                    Local Metrological Network:
-  Controllable Local Systems (CLS)   -  Smart Meters (power, water, heat, etc.)
-  User Displays for consumers
                                                                                         8
Main Functions of the Smart Meter Gateway

         Meter Data          Administration
        Management
                            Receiving control
         Capturing,          commands and
         processing,        configuration data
          and billing




          CLS Proxy           User Display

         Providing an         Providing an
         interface for        interface for
       controllable local    display units in
       systems (CLS) to         the HAN
           the WAN
                                                 9
Protection Profile for Smart Meter Gateways
•    Developed by German federal agency for information security (BSI)
•    All gateway vendors must have their products certified according the PP
•    PP comes along with Technical Specification regulating interoperability
•    Overall security objectives:
      •  Protection of person-related data of consumers
      •  Securing a reliable billing process
      •  Protection of the smart meter systems
          and smart grid infrastructure




                                                                               10
Required Security Functions
•  Providing secure communications channels between networks
•  Privacy protection:
    •  Pseudonymization of consumer data
    •  Gateway administrators should not be able to see consumer data
•  Confidentiality and integrity protection of content data
    •  On the device
    •  When transferred to external parties
•  User authentication for consumers
•  Secure execution environments for processing on the device
•  Secure remote update (firmware, policies)
•  Logging
•  Self Tests

                                                                        11
Information Flow Control
             •  WAN connection establishment
                only allowed by Gateway (!)
                 •  Exception: Wake-Up Call
             •  CLS and Meters can call Gateway
             •  CLS can communicate to
                authorized parties in WAN
                 •  Gateway acts as proxy
             •  No communication between HAN
                and LMN allowed
             •  External parties must use Gateway
                Admin to issue Wake-Up call
                 •  Gateway then calls pre-defined
                    service in WAN
                                                     12
Problems
•  Smart meter and smart meter gateway vendors are no IT security experts
    •  Unfamiliar with Common Criteria evaluation process
    •  Need to develop new or adapt existing system software to comply
    •  Need to demonstrate that their product protects data according PP

•  Simply using Embedded Linux OS + firewall functionality not enough
    •  Protecting data on the device
    •  Controlling information flow
    •  Remote administrators should not be able to access consumer data




                                                                            13
TURAYATM High-Assurance Security Kernel
             Framework




                                          14
TURAYATM High-Assurance Security Kernel Framework
•    Security architecture based on functional requirements from Common Criteria
•    Platform independent:

      server systems (virtualization, cloud)        end-user / embedded devices




                                                   App       App      App




                                                                                   15
Experiences
•  Research & Development projects:
    •  EMSCB: individual PCs, laptops
    •  OpenTC: trusted infrastructures (PCs, servers, virtual data center)
    •  TClouds: trusted cloud infrastructures
    •  Emergent: information flow control in digital enterprises
    •  RUBTrust/MediTrust: evaluation of certain application domains
    •  TrustedMobile/BizzTrust: smartphones




                                                                             16
Development Approach
•  HASK-PP: Common Criteria protection profile for the security kernel (EAL 5)
    •  Main concept: isolated domains for data/execution, trusted computing
    •  Approach: simplicity
       (only few main security requirements, implementation-independent)




                                                                                 17
Framework Approach: Reduced Complexity
•  Goal: Reduce size of trusted computing base
    •  Easier to maintain and evaluate (e.g., Common Criteria)
    •  Reduced attack surface
•  Approaches: microkernel, virtualization, code optimization (e.g., remove
   unneeded libraries)

       App      App      App
                                                                  Complex application logic
                                                         (could also include device drivers)



                                                                    Basic security services


                                                              Basic resource management


                                                                 Hardware security module
                                                                              (e.g., TPM)
                                                                                        18
Framework Approach: Modularity
•  Goal: Make security kernel applicable to several usage scenarios
    •  Components could be added or removed (depending on need)
    •  Components could be replaced by alternative implementations
       (depending on hardware capabilities or required security guarantees)
•  Examples:
    •  Resource Management: L4 microkernel, Xen hypervisor, SELinux, etc.
    •  Hardware Security Module: HSM, TPM, smartcard, etc.




                                                                              19
Applying the security kernel framework
       to smart meter gateways




                                         20
High-Level Security Architecture (Gateway)




                                             21
Meter Data Processing and Delivery




                                     22
Remote Administration of the Gateway




                                       23
Smart Meter Backend
Smart Meter Gateways




                                       Backend
                                      Management
                                        System
                                                          External Party




      ...


                                  Gateway Administrator



                                                                           24
Outlook: Trusted Smart Metering Architecture




                                               25
Conclusion
•  Smart grid needs to address security & privacy requirements
•  Smart Meter Gateway is one important component
•  In Germany: regulatory requirement of Common Criteria evaluation

•  TURAYATM Security Kernel framework:
    •  Modular security architecture
    •  Common Criteria oriented development

•  Smart Meter Gateway realizable on top of the security kernel framework:
    •  Gateway functions as isolated compartments
    •  Information flow control by design



                                                                             26
QUESTIONS?
Sirrix AG
Lise-Meitner-Allee 4
44801 Bochum
Germany

Tel     +49 234 / 61 00 71-0
Fax     +49 234 / 61 00 71-500

Email   info@sirrix.com
Web     www.sirrix.de




Marcel Winandy

Email:     m.winandy@sirrix.com



                                              27

Weitere ähnliche Inhalte

Was ist angesagt?

Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloudTrend Micro
 
A Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingKevin Fealey
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationCharles Lim
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyNandita Nityanandam
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareTzar Umang
 
Modern Security Operations & Common Roles/Competencies
Modern Security Operations & Common Roles/Competencies Modern Security Operations & Common Roles/Competencies
Modern Security Operations & Common Roles/Competencies Harry McLaren
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewSteven Russo
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloadsRuncy Oommen
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterVMUG IT
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systemscentralohioissa
 
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...Priyanka Aash
 
Ten security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard ofTen security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard ofAdrian Sanabria
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology PillarsPriyanka Aash
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?sohailAhmad304
 

Was ist angesagt? (20)

Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
A Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product TestingA Stratagem on Strategy: Rolling Security Testing into Product Testing
A Stratagem on Strategy: Rolling Security Testing into Product Testing
 
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow LogsCloud Security: Limitations of Cloud Security Groups and Flow Logs
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1
 
Managing Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your OrganizationManaging Cloud Security Risks in Your Organization
Managing Cloud Security Risks in Your Organization
 
Vulnerability Testing Services Case Study
Vulnerability Testing Services Case StudyVulnerability Testing Services Case Study
Vulnerability Testing Services Case Study
 
Cloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-wareCloud security From Infrastructure to People-ware
Cloud security From Infrastructure to People-ware
 
Modern Security Operations & Common Roles/Competencies
Modern Security Operations & Common Roles/Competencies Modern Security Operations & Common Roles/Competencies
Modern Security Operations & Common Roles/Competencies
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
CertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed OverviewCertainSafe MicroTokenization Technology Detailed Overview
CertainSafe MicroTokenization Technology Detailed Overview
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
 
Security for cloud native workloads
Security for cloud native workloadsSecurity for cloud native workloads
Security for cloud native workloads
 
TrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data CenterTrendMicro - Security Designed for the Software-Defined Data Center
TrendMicro - Security Designed for the Software-Defined Data Center
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
 
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
 
Ten security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard ofTen security product categories you've (probably) never heard of
Ten security product categories you've (probably) never heard of
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology Pillars
 
resume IT security
resume IT securityresume IT security
resume IT security
 
What operational technology cyber security is?
What operational technology cyber security is?What operational technology cyber security is?
What operational technology cyber security is?
 

Ähnlich wie Applying a Security Kernel Framework to Smart Meter Gateways

Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2fadielmoussa
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systemsPeter Wood
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEurotech
 
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfTM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfssuser8b324e
 
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdfHCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdfRayanneAguiar4
 
Accelerated adoption of Internet of Things (IoT) with In-network computing an...
Accelerated adoption of Internet of Things (IoT) with In-network computing an...Accelerated adoption of Internet of Things (IoT) with In-network computing an...
Accelerated adoption of Internet of Things (IoT) with In-network computing an...Infosys
 
Stop Wasting Energy on M2M
Stop Wasting Energy on M2MStop Wasting Energy on M2M
Stop Wasting Energy on M2MEurotech
 
[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical DeviceICS
 
Introduction to Cloud Security.pptx
Introduction to Cloud Security.pptxIntroduction to Cloud Security.pptx
Introduction to Cloud Security.pptxssuser0fc2211
 
Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02abhisheknayak29
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cCharles Li
 
IoT Notes Syllabus .pdf
IoT Notes Syllabus .pdfIoT Notes Syllabus .pdf
IoT Notes Syllabus .pdfAnujashejwal
 
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...Marcel Winandy
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Ahmed Mohamed Mahmoud
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 

Ähnlich wie Applying a Security Kernel Framework to Smart Meter Gateways (20)

Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2Fadi El Moussa Secure Cloud 2012 V2
Fadi El Moussa Secure Cloud 2012 V2
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systems
 
Cloud & Cybersecurity
Cloud & CybersecurityCloud & Cybersecurity
Cloud & Cybersecurity
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT Solutions
 
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdfTM4C-IoT-Gateway-with-Security-Protection_0.pdf
TM4C-IoT-Gateway-with-Security-Protection_0.pdf
 
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdfHCSA-Presales-IP+Network+V3.0+Training+Material.pdf
HCSA-Presales-IP+Network+V3.0+Training+Material.pdf
 
Accelerated adoption of Internet of Things (IoT) with In-network computing an...
Accelerated adoption of Internet of Things (IoT) with In-network computing an...Accelerated adoption of Internet of Things (IoT) with In-network computing an...
Accelerated adoption of Internet of Things (IoT) with In-network computing an...
 
Stop Wasting Energy on M2M
Stop Wasting Energy on M2MStop Wasting Energy on M2M
Stop Wasting Energy on M2M
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device[Webinar] Software: The Lifeblood of any Medical Device
[Webinar] Software: The Lifeblood of any Medical Device
 
Introduction to Cloud Security.pptx
Introduction to Cloud Security.pptxIntroduction to Cloud Security.pptx
Introduction to Cloud Security.pptx
 
Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02
 
Io t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425cIo t security defense in depth charles li v1 20180425c
Io t security defense in depth charles li v1 20180425c
 
IoT Notes Syllabus .pdf
IoT Notes Syllabus .pdfIoT Notes Syllabus .pdf
IoT Notes Syllabus .pdf
 
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
MediTrust: Secure Client Systems for Healthcare IT to Protect Sensitive Data ...
 
Internet of things security "Hardware Security"
Internet of things security "Hardware Security"Internet of things security "Hardware Security"
Internet of things security "Hardware Security"
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 

Mehr von Marcel Winandy

Security Patterns - An Introduction
Security Patterns - An IntroductionSecurity Patterns - An Introduction
Security Patterns - An IntroductionMarcel Winandy
 
Uni-directional Trusted Path: Transaction Confirmation on Just One Device
Uni-directional Trusted Path: Transaction Confirmation on Just One DeviceUni-directional Trusted Path: Transaction Confirmation on Just One Device
Uni-directional Trusted Path: Transaction Confirmation on Just One DeviceMarcel Winandy
 
A Note on the Security in the Card Management System of the German E-Health Card
A Note on the Security in the Card Management System of the German E-Health CardA Note on the Security in the Card Management System of the German E-Health Card
A Note on the Security in the Card Management System of the German E-Health CardMarcel Winandy
 
Securing the E-Health Cloud
Securing the E-Health CloudSecuring the E-Health Cloud
Securing the E-Health CloudMarcel Winandy
 
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop EnvironmentsTrusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop EnvironmentsMarcel Winandy
 
Patterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer SystemsPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer SystemsMarcel Winandy
 
A Pattern for Secure Graphical User Interface Systems
A Pattern for Secure Graphical User Interface SystemsA Pattern for Secure Graphical User Interface Systems
A Pattern for Secure Graphical User Interface SystemsMarcel Winandy
 
TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
TruWallet: Trustworthy and Migratable Wallet-Based Web AuthenticationTruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
TruWallet: Trustworthy and Migratable Wallet-Based Web AuthenticationMarcel Winandy
 
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...Marcel Winandy
 
Modeling Trusted Computing Support in a Protection Profile for High Assurance...
Modeling Trusted Computing Support in a Protection Profile for High Assurance...Modeling Trusted Computing Support in a Protection Profile for High Assurance...
Modeling Trusted Computing Support in a Protection Profile for High Assurance...Marcel Winandy
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM VirtualizationMarcel Winandy
 
Compartmented Security for Browsers
Compartmented Security for BrowsersCompartmented Security for Browsers
Compartmented Security for BrowsersMarcel Winandy
 

Mehr von Marcel Winandy (12)

Security Patterns - An Introduction
Security Patterns - An IntroductionSecurity Patterns - An Introduction
Security Patterns - An Introduction
 
Uni-directional Trusted Path: Transaction Confirmation on Just One Device
Uni-directional Trusted Path: Transaction Confirmation on Just One DeviceUni-directional Trusted Path: Transaction Confirmation on Just One Device
Uni-directional Trusted Path: Transaction Confirmation on Just One Device
 
A Note on the Security in the Card Management System of the German E-Health Card
A Note on the Security in the Card Management System of the German E-Health CardA Note on the Security in the Card Management System of the German E-Health Card
A Note on the Security in the Card Management System of the German E-Health Card
 
Securing the E-Health Cloud
Securing the E-Health CloudSecuring the E-Health Cloud
Securing the E-Health Cloud
 
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop EnvironmentsTrusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
Trusted Virtual Domains on OpenSolaris: Usable Secure Desktop Environments
 
Patterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer SystemsPatterns for Secure Boot and Secure Storage in Computer Systems
Patterns for Secure Boot and Secure Storage in Computer Systems
 
A Pattern for Secure Graphical User Interface Systems
A Pattern for Secure Graphical User Interface SystemsA Pattern for Secure Graphical User Interface Systems
A Pattern for Secure Graphical User Interface Systems
 
TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
TruWallet: Trustworthy and Migratable Wallet-Based Web AuthenticationTruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
 
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...
Dynamic Integrity Measurement and Attestation: Towards Defense Against Return...
 
Modeling Trusted Computing Support in a Protection Profile for High Assurance...
Modeling Trusted Computing Support in a Protection Profile for High Assurance...Modeling Trusted Computing Support in a Protection Profile for High Assurance...
Modeling Trusted Computing Support in a Protection Profile for High Assurance...
 
Property-Based TPM Virtualization
Property-Based TPM VirtualizationProperty-Based TPM Virtualization
Property-Based TPM Virtualization
 
Compartmented Security for Browsers
Compartmented Security for BrowsersCompartmented Security for Browsers
Compartmented Security for Browsers
 

Kürzlich hochgeladen

Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialJoão Esperancinha
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessWSO2
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfROWELL MARQUINA
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 

Kürzlich hochgeladen (20)

Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
Kuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorialKuma Meshes Part I - The basics - A tutorial
Kuma Meshes Part I - The basics - A tutorial
 
Accelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with PlatformlessAccelerating Enterprise Software Engineering with Platformless
Accelerating Enterprise Software Engineering with Platformless
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
QMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdfQMMS Lesson 2 - Using MS Excel Formula.pdf
QMMS Lesson 2 - Using MS Excel Formula.pdf
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 

Applying a Security Kernel Framework to Smart Meter Gateways

  • 1. © 2012 Sirrix AG Applying a Security Kernel Framework to Smart Meter Gateways Michael Gröne, Marcel Winandy 1
  • 2. Introduction: The Smart Grid Household Computer Solar panel Thermostat Dish washer Hybrid / e-car Battery pack Hot water heater Sensors 2
  • 3. Introduction: Smart Metering Infrastructure Utility Provider Gateway Internet Gateway Gateway 3
  • 4. Critical Issues •  Privacy (individual power consumption, smart home communication) •  Security (connection via Internet, different data and stakeholders) 4
  • 5. Considerations by the EU •  EU Directive 2009/72/EC: •  80% of households should be equipped with smart meters by 2020 •  EU Task Force on Smart Grids, Expert Group 2 (February 2011): •  “Smart Grid products and solutions should be designed from the start with appropriate levels of data privacy and security at their core” •  EU Commission’s recommendation (March 2012): •  Use “‘best available techniques’ to safeguard personal data and guarantee data security when data are processed in smart metering systems and smart grids” (cf. Tijmen Wisman: “The Transformation of the Home through the Internet of Things: the impact on the private sphere” at APC 2012) 5
  • 6. This Talk Security requirements for smart meter gateways The TURAYATM High-Assurance Security Kernel Framework Applying the security kernel framework to smart meter gateways 6
  • 7. Security requirements for smart meter gateways 7
  • 8. Smart Meter Gateway External Parties: -  Utility provider (billing) -  Gateway Admin Home Area Network: Local Metrological Network: -  Controllable Local Systems (CLS) -  Smart Meters (power, water, heat, etc.) -  User Displays for consumers 8
  • 9. Main Functions of the Smart Meter Gateway Meter Data Administration Management Receiving control Capturing, commands and processing, configuration data and billing CLS Proxy User Display Providing an Providing an interface for interface for controllable local display units in systems (CLS) to the HAN the WAN 9
  • 10. Protection Profile for Smart Meter Gateways •  Developed by German federal agency for information security (BSI) •  All gateway vendors must have their products certified according the PP •  PP comes along with Technical Specification regulating interoperability •  Overall security objectives: •  Protection of person-related data of consumers •  Securing a reliable billing process •  Protection of the smart meter systems and smart grid infrastructure 10
  • 11. Required Security Functions •  Providing secure communications channels between networks •  Privacy protection: •  Pseudonymization of consumer data •  Gateway administrators should not be able to see consumer data •  Confidentiality and integrity protection of content data •  On the device •  When transferred to external parties •  User authentication for consumers •  Secure execution environments for processing on the device •  Secure remote update (firmware, policies) •  Logging •  Self Tests 11
  • 12. Information Flow Control •  WAN connection establishment only allowed by Gateway (!) •  Exception: Wake-Up Call •  CLS and Meters can call Gateway •  CLS can communicate to authorized parties in WAN •  Gateway acts as proxy •  No communication between HAN and LMN allowed •  External parties must use Gateway Admin to issue Wake-Up call •  Gateway then calls pre-defined service in WAN 12
  • 13. Problems •  Smart meter and smart meter gateway vendors are no IT security experts •  Unfamiliar with Common Criteria evaluation process •  Need to develop new or adapt existing system software to comply •  Need to demonstrate that their product protects data according PP •  Simply using Embedded Linux OS + firewall functionality not enough •  Protecting data on the device •  Controlling information flow •  Remote administrators should not be able to access consumer data 13
  • 14. TURAYATM High-Assurance Security Kernel Framework 14
  • 15. TURAYATM High-Assurance Security Kernel Framework •  Security architecture based on functional requirements from Common Criteria •  Platform independent: server systems (virtualization, cloud) end-user / embedded devices App App App 15
  • 16. Experiences •  Research & Development projects: •  EMSCB: individual PCs, laptops •  OpenTC: trusted infrastructures (PCs, servers, virtual data center) •  TClouds: trusted cloud infrastructures •  Emergent: information flow control in digital enterprises •  RUBTrust/MediTrust: evaluation of certain application domains •  TrustedMobile/BizzTrust: smartphones 16
  • 17. Development Approach •  HASK-PP: Common Criteria protection profile for the security kernel (EAL 5) •  Main concept: isolated domains for data/execution, trusted computing •  Approach: simplicity (only few main security requirements, implementation-independent) 17
  • 18. Framework Approach: Reduced Complexity •  Goal: Reduce size of trusted computing base •  Easier to maintain and evaluate (e.g., Common Criteria) •  Reduced attack surface •  Approaches: microkernel, virtualization, code optimization (e.g., remove unneeded libraries) App App App Complex application logic (could also include device drivers) Basic security services Basic resource management Hardware security module (e.g., TPM) 18
  • 19. Framework Approach: Modularity •  Goal: Make security kernel applicable to several usage scenarios •  Components could be added or removed (depending on need) •  Components could be replaced by alternative implementations (depending on hardware capabilities or required security guarantees) •  Examples: •  Resource Management: L4 microkernel, Xen hypervisor, SELinux, etc. •  Hardware Security Module: HSM, TPM, smartcard, etc. 19
  • 20. Applying the security kernel framework to smart meter gateways 20
  • 22. Meter Data Processing and Delivery 22
  • 23. Remote Administration of the Gateway 23
  • 24. Smart Meter Backend Smart Meter Gateways Backend Management System External Party ... Gateway Administrator 24
  • 25. Outlook: Trusted Smart Metering Architecture 25
  • 26. Conclusion •  Smart grid needs to address security & privacy requirements •  Smart Meter Gateway is one important component •  In Germany: regulatory requirement of Common Criteria evaluation •  TURAYATM Security Kernel framework: •  Modular security architecture •  Common Criteria oriented development •  Smart Meter Gateway realizable on top of the security kernel framework: •  Gateway functions as isolated compartments •  Information flow control by design 26
  • 27. QUESTIONS? Sirrix AG Lise-Meitner-Allee 4 44801 Bochum Germany Tel +49 234 / 61 00 71-0 Fax +49 234 / 61 00 71-500 Email info@sirrix.com Web www.sirrix.de Marcel Winandy Email: m.winandy@sirrix.com 27