Protecting smart grids with a dedicated cyber security solution


Smart Grid Cybersecurity

 

In the burgeoning age of the Internet of Things (IoT), the energy infrastructure has become increasingly complex. New players and private citizens are joining the ecosystem, deploying assets that tie into evolving grid infrastructures. As the smart energy ecosystem expands, so does the opportunity for cyber attacks and there has never been a more urgent need to secure Advanced Metering Infrastructure (AMI). 

Unprotected smart meters, implemented for long periods exceeding 10 years, can easily be hacked to alter consumption data, to gain access to sensitive data, or even to cause physical damage to the global grid. The consequences of such attacks, such as the Stuxnet attack, can be devastating: black outs across entire countries, access to nuclear plants and personal data breaches. For device makers, DSOs (Distribution System Operators ) and Utilities, the loss of customers, reputation and revenue can be difficult to recover.

Uninterrupted security is paramount to the success of smart energy systems.

Governments, led by Germany and the BSI, in Europe, are launching initiatives that mandate specific protection protocols for smart grid deployments. In addition, other regulators as the National Institute of Standards and Technology (NIST) recommends a policy whereby encryption keys and certificates stored in connected devices should be renewed every 5 years or sooner.

As ​smart meters have a lifecycle of 10 to 15 years, an advanced security mechanism to replace aging keys and to enable remote credential management is paramount. Strong encryption and authentication tools must be considered and implemented before meters are deployed. Without built-in security architecture that is reliable for the entire device lifetime, ecosystem partners are exposed to unnecessary and costly risk.

Ensuring end-to-end secur​ity for the smart grid

Leveraging decades of digital security expertise and the Gemalto Trusted Key Manager solution, Gemalto offers an advanced security solution, dedicated to the grid management and to utilities. The Gemalto metering security solution protects massive smart metering deployments and ensures integrity and reliability for the entire lifecycle of energy devices and the data they exchange.

The solution is comprised of cryptographic hardware products (Hardware Security Modules (HSM), Secure Elements), which protect sensitive data in the smart grid. It also leverages leading-edge authentication and encryption technology with digital code signing certificates. This ensures metering data is received from a legitimate source while safeguarding against data tampering and fraud at all points.

The solution facilitates dynamic credential updates and authorizations, without costly service in the field.  

Gemalto Trusted Key Manager - the smart grid security pillar:

  • ​Diversified Meter IDs
    The Gemalto solution expertly manages key provisioning in energy assets, allowing meter manufacturers and utilities to focus on their core competencies. It securely provisions encrypted keys in smart meters at the time of manufacturing, which eliminates the need to send keys over the air and reduces the ecosystem´s cyber attack surface.

  • Digital Authentication
    Before a device or application is allowed to send or access data, the Gemalto solution remotely authenticates and activates key credentials for authorized meters and applications that can prove their legitimacy. The process leverages standardized cryptographic algorithms and a highly reliable digital authentication handshake, between data sender and data receiver.
  • Data Encryption
    The Public Key Infrastructure (PKI)-based solution automates encryption and decryption mechanisms to ensure data confidentiality and integrity between smart meters, gateways and back-ends. Implemented at the core of edge devices, these mechanisms prevent data interception and tampering along the way, which would alter system validity or even endanger the grid.
  • ​Security Lifecycle Management
    The smart energy ecosystem is dynamic with new players coming and going, with new cyber threats or regulations emerging. Gemalto provides continuous protection through remote device credential management enabling secure software updates and revocation/renewal of cryptographic keys when needed. ​​​

 Document

  • Empowering DSOs to secure the Smart Grid - WHITEPAPER

    As the main actors for managing the smart grid, Distribution System Operators (DSOs) are central to driving the evolution of the new energy ecosystem. This whitepaper brings recommendations for them to build security at the very beginning of smart metering deployments. It is a guide to ensure data trustworthiness throughout the ecosystem and the success of the new energy digitalized world.

    Download the whitepaper
  • Cyber-security for Advanced Metering Infrastructure

    End-to-end cyber-security solution for Utilities – Solution Overview

    As the energy ecosystem gets more complex and keeps expanding, so does the opportunity for cyber-attacks. Gemalto helps Utilities, DSO and meter vendors to secure energy assets and ensure a complete credential lifecycle management for all stakeholders, over long periods.

    Download this Solution Overview