Publications

Abstract not provided.

Distributed energy resource (DER) systems are rapidly being adopted and integrated within the electric power grid. Developments in smart grid devices and communication protocols are advancing the power system domain but are also introducing new cyber attack vectors. In particular, the ability to maintain the confidentiality, integrity, and availability of data is of increasing concern. Cryptography is a powerful tool that can be leveraged to protect DER systems and their critical information. This paper discusses prominent methods of cryptographic authentication and encryption that can be used to secure DER communications. Specific considerations and recommendations for applying cryptography to DER systems are provided, including system design constraints and system impact. These will be demonstrated with two case studies that assess cryptography hardware requirements and communications latency in DERs.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

In this study we review literature on machine to machine (M2M) authentication and encryption pertaining to communication with grid-attached power inverters. We regard security recommendations from NIST, constrained device recommendations from CoAP, as well as influences from the existing markets. We will not focus on passwordless or multifactor schemes of user authentication, the handover/roaming authentication of mobile systems, or the group authentication of WiMAX/LTE communications. The de-facto standards for authentication and encryption are certificate-based public key cryptography and AES, respectively. While certificate-based public key cryptography is widely adopted, certificate management is seen as an Achilles heel of public key infrastructure (PKI). State of the art authentication system research includes work on certificateless authentication; however, much work in the areas of privacy preservation, efficient or lightweight systems continue to be based in public key methods. We will see efforts such as bilinear pairing, aggregate message authentication codes, one-time signatures, and Merkle trees surface and resurface with improved authentication approaches. Though research continues to produce new encryption schemes, AES prevails as a viable choice, as it can be implemented across a variety of resource constrained devices. Other lightweight encryption algorithms often employ the same fundamental addition-rotation-xor operations as AES while achieving higher efficiency, but at steep tradeoffs to security. Despite mathematical proofs of the security of cryptographic algorithms, in practice the greatest weaknesses continue to be incurred during implementation. Security researchers will find edge cases and bugs that allow unintentional behavior. In the following sections, accepted methodologies of authentication and encryption are discussed. Due diligence for securing M2M communications requires consideration during planning, design, implementation and product lifetime, as opposed to a set-it and forget-it policy. Best practices can be gleaned from published successes and failures, with no single end-all, be-all detailed solution.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.

Abstract not provided.