© 2012 Sirrix AGApplying a Security Kernel Framework      to Smart Meter Gateways         Michael Gröne, Marcel Winandy   ...
Introduction: The Smart Grid Household                         Computer      Solar panel                       Thermostat ...
Introduction: Smart Metering Infrastructure                                                      Utility Provider         ...
Critical Issues•  Privacy (individual power consumption, smart home communication)•  Security (connection via Internet, di...
Considerations by the EU  •  EU Directive 2009/72/EC:      •  80% of households should be equipped with smart meters by 20...
This TalkSecurity requirements for smart meter gatewaysThe TURAYATM High-Assurance Security Kernel              Framework ...
Security requirements for smart meter gateways                                                 7
Smart Meter Gateway                                                         External Parties:                             ...
Main Functions of the Smart Meter Gateway         Meter Data          Administration        Management                    ...
Protection Profile for Smart Meter Gateways•    Developed by German federal agency for information security (BSI)•    All ...
Required Security Functions•  Providing secure communications channels between networks•  Privacy protection:    •  Pseudo...
Information Flow Control             •  WAN connection establishment                only allowed by Gateway (!)           ...
Problems•  Smart meter and smart meter gateway vendors are no IT security experts    •  Unfamiliar with Common Criteria ev...
TURAYATM High-Assurance Security Kernel             Framework                                          14
TURAYATM High-Assurance Security Kernel Framework•    Security architecture based on functional requirements from Common C...
Experiences•  Research & Development projects:    •  EMSCB: individual PCs, laptops    •  OpenTC: trusted infrastructures ...
Development Approach•  HASK-PP: Common Criteria protection profile for the security kernel (EAL 5)    •  Main concept: iso...
Framework Approach: Reduced Complexity•  Goal: Reduce size of trusted computing base    •  Easier to maintain and evaluate...
Framework Approach: Modularity•  Goal: Make security kernel applicable to several usage scenarios    •  Components could b...
Applying the security kernel framework       to smart meter gateways                                         20
High-Level Security Architecture (Gateway)                                             21
Meter Data Processing and Delivery                                     22
Remote Administration of the Gateway                                       23
Smart Meter BackendSmart Meter Gateways                                       Backend                                     ...
Outlook: Trusted Smart Metering Architecture                                               25
Conclusion•  Smart grid needs to address security & privacy requirements•  Smart Meter Gateway is one important component•...
QUESTIONS?Sirrix AGLise-Meitner-Allee 444801 BochumGermanyTel     +49 234 / 61 00 71-0Fax     +49 234 / 61 00 71-500Email ...
Nächste SlideShare
Wird geladen in …5
×

Applying a Security Kernel Framework to Smart Meter Gateways

3.366 Aufrufe

Veröffentlicht am

Veröffentlicht in: Technologie
1 Kommentar
2 Gefällt mir
Statistik
Notizen
Keine Downloads
Aufrufe
Aufrufe insgesamt
3.366
Auf SlideShare
0
Aus Einbettungen
0
Anzahl an Einbettungen
4
Aktionen
Geteilt
0
Downloads
15
Kommentare
1
Gefällt mir
2
Einbettungen 0
Keine Einbettungen

Keine Notizen für die Folie

Applying a Security Kernel Framework to Smart Meter Gateways

  1. 1. © 2012 Sirrix AGApplying a Security Kernel Framework to Smart Meter Gateways Michael Gröne, Marcel Winandy 1
  2. 2. Introduction: The Smart Grid Household Computer Solar panel Thermostat Dish washer Hybrid / e-car Battery pack Hot water heater Sensors 2
  3. 3. Introduction: Smart Metering Infrastructure Utility Provider Gateway Internet Gateway Gateway 3
  4. 4. Critical Issues•  Privacy (individual power consumption, smart home communication)•  Security (connection via Internet, different data and stakeholders) 4
  5. 5. Considerations by the EU •  EU Directive 2009/72/EC: •  80% of households should be equipped with smart meters by 2020 •  EU Task Force on Smart Grids, Expert Group 2 (February 2011): •  “Smart Grid products and solutions should be designed from the start with appropriate levels of data privacy and security at their core” •  EU Commission’s recommendation (March 2012): •  Use “‘best available techniques’ to safeguard personal data and guarantee data security when data are processed in smart metering systems and smart grids”(cf. Tijmen Wisman: “The Transformation of the Home through the Internet of Things: the impact on the private sphere” at APC 2012) 5
  6. 6. This TalkSecurity requirements for smart meter gatewaysThe TURAYATM High-Assurance Security Kernel Framework Applying the security kernel framework to smart meter gateways 6
  7. 7. Security requirements for smart meter gateways 7
  8. 8. Smart Meter Gateway External Parties: -  Utility provider (billing) -  Gateway AdminHome Area Network: Local Metrological Network:-  Controllable Local Systems (CLS) -  Smart Meters (power, water, heat, etc.)-  User Displays for consumers 8
  9. 9. Main Functions of the Smart Meter Gateway Meter Data Administration Management Receiving control Capturing, commands and processing, configuration data and billing CLS Proxy User Display Providing an Providing an interface for interface for controllable local display units in systems (CLS) to the HAN the WAN 9
  10. 10. Protection Profile for Smart Meter Gateways•  Developed by German federal agency for information security (BSI)•  All gateway vendors must have their products certified according the PP•  PP comes along with Technical Specification regulating interoperability•  Overall security objectives: •  Protection of person-related data of consumers •  Securing a reliable billing process •  Protection of the smart meter systems and smart grid infrastructure 10
  11. 11. Required Security Functions•  Providing secure communications channels between networks•  Privacy protection: •  Pseudonymization of consumer data •  Gateway administrators should not be able to see consumer data•  Confidentiality and integrity protection of content data •  On the device •  When transferred to external parties•  User authentication for consumers•  Secure execution environments for processing on the device•  Secure remote update (firmware, policies)•  Logging•  Self Tests 11
  12. 12. Information Flow Control •  WAN connection establishment only allowed by Gateway (!) •  Exception: Wake-Up Call •  CLS and Meters can call Gateway •  CLS can communicate to authorized parties in WAN •  Gateway acts as proxy •  No communication between HAN and LMN allowed •  External parties must use Gateway Admin to issue Wake-Up call •  Gateway then calls pre-defined service in WAN 12
  13. 13. Problems•  Smart meter and smart meter gateway vendors are no IT security experts •  Unfamiliar with Common Criteria evaluation process •  Need to develop new or adapt existing system software to comply •  Need to demonstrate that their product protects data according PP•  Simply using Embedded Linux OS + firewall functionality not enough •  Protecting data on the device •  Controlling information flow •  Remote administrators should not be able to access consumer data 13
  14. 14. TURAYATM High-Assurance Security Kernel Framework 14
  15. 15. TURAYATM High-Assurance Security Kernel Framework•  Security architecture based on functional requirements from Common Criteria•  Platform independent: server systems (virtualization, cloud) end-user / embedded devices App App App 15
  16. 16. Experiences•  Research & Development projects: •  EMSCB: individual PCs, laptops •  OpenTC: trusted infrastructures (PCs, servers, virtual data center) •  TClouds: trusted cloud infrastructures •  Emergent: information flow control in digital enterprises •  RUBTrust/MediTrust: evaluation of certain application domains •  TrustedMobile/BizzTrust: smartphones 16
  17. 17. Development Approach•  HASK-PP: Common Criteria protection profile for the security kernel (EAL 5) •  Main concept: isolated domains for data/execution, trusted computing •  Approach: simplicity (only few main security requirements, implementation-independent) 17
  18. 18. Framework Approach: Reduced Complexity•  Goal: Reduce size of trusted computing base •  Easier to maintain and evaluate (e.g., Common Criteria) •  Reduced attack surface•  Approaches: microkernel, virtualization, code optimization (e.g., remove unneeded libraries) App App App Complex application logic (could also include device drivers) Basic security services Basic resource management Hardware security module (e.g., TPM) 18
  19. 19. Framework Approach: Modularity•  Goal: Make security kernel applicable to several usage scenarios •  Components could be added or removed (depending on need) •  Components could be replaced by alternative implementations (depending on hardware capabilities or required security guarantees)•  Examples: •  Resource Management: L4 microkernel, Xen hypervisor, SELinux, etc. •  Hardware Security Module: HSM, TPM, smartcard, etc. 19
  20. 20. Applying the security kernel framework to smart meter gateways 20
  21. 21. High-Level Security Architecture (Gateway) 21
  22. 22. Meter Data Processing and Delivery 22
  23. 23. Remote Administration of the Gateway 23
  24. 24. Smart Meter BackendSmart Meter Gateways Backend Management System External Party ... Gateway Administrator 24
  25. 25. Outlook: Trusted Smart Metering Architecture 25
  26. 26. Conclusion•  Smart grid needs to address security & privacy requirements•  Smart Meter Gateway is one important component•  In Germany: regulatory requirement of Common Criteria evaluation•  TURAYATM Security Kernel framework: •  Modular security architecture •  Common Criteria oriented development•  Smart Meter Gateway realizable on top of the security kernel framework: •  Gateway functions as isolated compartments •  Information flow control by design 26
  27. 27. QUESTIONS?Sirrix AGLise-Meitner-Allee 444801 BochumGermanyTel +49 234 / 61 00 71-0Fax +49 234 / 61 00 71-500Email info@sirrix.comWeb www.sirrix.deMarcel WinandyEmail: m.winandy@sirrix.com 27

×