For smart grids, the importance of security issues is increasing because of the increasing probability that the grid infrastructure is being attacked and the stable Power Supply in each country is at risk of malicious attacks. IT security is especially important for this; many solutions support end-to-end communication data encryption, such as data concentrators, monitors, and data collector systems (SCADA). The focus on IT encryption measures is unquestionable because of the need to ensure the security of data transmitted "over the air." However, even with strong end-to-end encryption, the entire smart grid cannot be secured: because the embedded device itself is vulnerable.
Is encryption equal to security?
While encryption tools are very effective for privacy protection and authentication of data and commands, it must be noted that this is only part of the solution. The role of encryption is to prevent protected data from being decrypted or falsified during transmission or storage. Some people think that complex RF or power carrier communication relies on frequency modulation to fully guarantee the security of the data. In fact, such protection can easily be broken. Assuming that the attacker can arbitrarily control the remote meter pull-and-close relay, the power company will need to invest a lot of resources to handle the fault. Power companies not only suffer economic losses, but also cause great troubles, posing a survival threat to places that must use air conditioners.
So how do you avoid such accidents? If both parties to the communication encrypt, decrypt, sign or verify the data on the communication line by key, data encryption from the embedded sensor to the control system is critical, and key protection for encryption is also more important. Once the key is stolen, the entire network is no longer secure. The embedded terminal of the smart grid needs a more complete security solution, which can learn from the security technology of the financial terminal, focuses on key protection, and adopts chip-level hardware and multiple protection measures against attack.
The focus of power supply protection cannot be limited to valid data and command verification for smart grids. The worm maker understands the effective means of attacking embedded infrastructure, which is not easily detected and causes serious damage to the system. The famous "zero-day attack" uses the way to eliminate or modify the system program, and the damage caused to the system is very hidden. Therefore, we should not only pay attention to the installation of equipment, but also pay attention to any programming part that is vulnerable to attack (such as production process).
What are the loopholes?
Achieving a safe and reliable design is not an easy task, requiring a lot of time and an in-depth understanding of security protection technologies. So, is this investment worth it? Let us first analyze a smart meter that is connected to the net. For example, an electric meter installed in our own home without protection measures is easy for outsiders to open such an electric meter. If the meter uses a general purpose MCU to handle communication and application functions, there is likely to be a programming port that an attacker can reprogram or read. With sufficient resources and time, some people can write a program with similar functions, but implant a virus that gets key data or falsifies the bill.
Even if the meter on the net has certain protection measures, it can prevent tampering to a certain extent. We can still find some vulnerable parts of the production process - the so-called "social engineering" provides an opportunity for attackers to invade IP and production processes. With thousands of dollars spent, it is possible for an attacker to acquire a program and, after a reverse engineering modification, implant a "new program" into the product. In addition, an attacker can also sell your program to a competitor, causing huge losses.
How to ensure the safety of the equipment life cycle?
Strict product production processes should consider the security from design to production and the strategies for tampering. To ensure the safety of the life cycle, consider the following:
1. Ensure that the chips obtained are produced from the original factory and are purchased through formal channels to reduce risks. Of course, encryption technology should also be considered. Security processors and smart grid products sold by Maxim can incorporate user keys or certificates to prevent others from unlocking and programming ICs.
2. Protect your IP. Signatures, program encryption, and secure loading from system processors to chip software decryption and authorization certification are provided at the factory production site. This type of encryption prevents programs from being cloned or cracked.
3. Run only the programs you specify. Secure program loading uses digital signatures to verify the validity of the code and prevent unauthorized code from being loaded or run.
4. Reliable communication. Encrypt and sign new configurations, firmware updates, and instructions to verify the reliability of your data source.
5. On-site protection key. Do not store the key in it, such as an external EEPROM. If your system uses a separate security processor and application processor, keep the key in a secure processor and do not send it out. In order to prevent an attacker from stealing keys from the communication data of the board.
6, the company's internal key protection. Engineers can use development keys to develop product security features, and product-level keys are signed by multiple people. Authorization can usually be done using a higher level security module.
7, do not let go of every tiny vulnerability. If a system attacker steals important information from only one meter and invests a lot of time and money to research the information, it is hoped that the entire system will be attacked accordingly. An experienced attacker may open the IC package and look for important information from the MCU's memory. Therefore, it is necessary to use a unique key or asymmetric encryption (eg elliptical curve digital signature).
Figure 1. Security within the product lifecycle requires consideration of every detail from development to production.
The current grid security measures leave a lot of room for attackers. In order for embedded devices to be secure throughout their lifecycle, we also need to strengthen the security design of the entire smart grid, which is discouraged by attackers.
ZhenHuan`s line of ac-dc power supplies output power ranging from 3 W to 200 W is available in a variety of wall plug-in and desktop adapter configurations to meet your needs. From our low power international wall plug adapters to our high power desktop ac-dc power adapters, we ensure that the majority of our external power supplies not only comply with the current energy efficiency Level VI standards, but also meet global safety certifications.
Power Adapter 12V,Ac Dc Adapter,Camera Adaptor,Dc 12V Adapter For Laptop,19V Power Supply,18V DC Adapters
Shenzhenshi Zhenhuan Electronic Co Ltd , https://www.szzhpower.com