Utilities and the Smart Grid
The United States Department of Energy defines the smart grid as a “class of technology which brings utility electricity delivery systems into the 21st century”. This 21st century technology requires 21st century security to protect its vast networking systems.
Why the Smart Grid?
The global electrical infrastructure is in the midst of a revolution that will enhance efficiency, introduce sustainability, and redefine the relationship between consumers and energy companies. Made possible by technological advancements as well as third-party and governmental investments, “Smart Grid” technology has already reached implementation stages across the globe—especially in the form of smart meters. Smart meters collect data about end-point usage and feed it back to centralized information processing hubs to be analyzed. This feedback loop allows for the power generation station to adapt their power generation to consumption and for the end-consumer to view usage data.
The improvement in data collection provides many benefits; however, administrative and technological efforts must be altered to ensure the security of this flood of customer energy usage data (CEUD). The CEUD collected by smart meters and appliances, relay information in such detail that everyday activity and habits can be extrapolated from this data. This information combined with personally identifiable information can essentially provide real-time surveillance on households. For this reason, securing this information is of utmost importance.
Approaches to Securing the Smart Grid
Securing Smart Meters
Smart meters gather information from the consumer endpoint and transmit it to central processing hubs for analysis. Because of their physically unprotected location at the consumer end-point, these devices are vulnerable to
Encryption of Consumer Energy Usage Data in Transit and at Rest
The smart grid functions in part because of the feedback of CEUD from smart meters. This information combined with the personally identifiable information (PII) stored by utility companies provides a high-value target for those wishing to gain access to this information. Because of this, this information needs to be protected in transit and at rest. An end-to-end encryption solution should be used to protect data in transit. For data stored at rest, it should be encrypted.
Certificate Issuance for Network Access
The power grid consists of many interoperable systems, including power generation stations, transmission lines, distribution lines, energy markets and smart meters at the consumer endpoint. These many interacting systems provide numerous entry points an attacker could exploit. Because of this, it is important to issue certificates to entities communicating in the grid. Certificate issuance, conducted using a certificate authority server, allows entities to create a mutually authenticated environment to verify each other’s identities before secure communication occurs.
Advantages of Hardware-Based Encryption
Hardware-based data encryption offers a number of advantages: dedicated physical, logical and encryption-based security; tamper resistance and responsiveness; disaster recovery and redundancy. The degree of security that accompanies hardware-based data encryption solutions is unrivaled, providing utilities with data encryption solutions impervious to human interference and natural disaster. For organizations maintaining records in widespread use on a 24x7x365 basis, this reliability is a necessity.
To discuss data encryption technology and solutions for your needs with a Futurex Solutions Architect, contact us .
Hardened Enterprise Security Platform Solutions
KMES Series 3
Hardened, enterprise-class key and certificate lifecycle management solutions
- Full symmetric and asymmetric key and certificate management
- Robust, versatile API for programmatic automation of repetitive tasks
- Easy, convenient generation of certificate trees
- Permission-based user management system with dual control
- Customized monitoring and alerting
Integrate small form-factor encryption devices directly into a variety of environments for on-site data security
- Supports all common key types and protocols
- Optional external self-contained enclosure
- Optimized size, weight, power, and cooling characteristics
- Supports mutual authentication under a trusted root certificate
Encrypt, manage, and store high volumes of your sensitive data in Futurex’s best-in-class attached storage solution
- Support for multiple separate databases within a single SAS9000 unit
- Adjustable, customizable role-based separation of duties
- Automatic hard drive replication and advanced hardware redundancy features
- Ten hot-swappable storage bays
Guardian Series 3
Empower your administrators with centralized management, redundancy, device status monitoring, and more
- Central management for Futurex devices
- Comprehensive load distribution and automated failover
- User-defined grouping for devices
- Intuitive visual and logical user interface
- Customized notifications, alerts, and status reports