Cyber–Physical Device Authentication for the Smart Grid Electric Vehicle Ecosystem
- 19 June 2014
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Journal on Selected Areas in Communications
- Vol. 32 (7), 1509-1517
- https://doi.org/10.1109/jsac.2014.2332121
Abstract
Entity authentication and related key management is an active research topic in smart grid security. However, existing works seem to have overlooked the significance that the smart grid is a cyber-physical system, which entails more considerations in the integration of its cyber and physical domains. Ignoring this could possibly undermine security since the effects of cyber authorization in the smart grid are usually extended into the physical domain. The substitution attack, a kind of the man-in-the-middle attack, has been demonstrated using this gap. This paper proposes a two-factor cyber-physical device authentication protocol to defend against coordinated cyber-physical attacks in the smart grid. The idea is to combine a novel contextual factor based on physical connectivity in the power grid with the conventional authentication factor in the challenge-response protocol, widely used in cybersecurity. The resulting protocol provides assurance on not only the digital identity of a device but also the device's controllability in the physical domain. While the design is for the electric vehicle ecosystem, the framework could be readily extended to other smart grid subsystems.Keywords
Funding Information
- Energy Market Authority (EMA), Singapore
This publication has 14 references indexed in Scilit:
- Efficient Authentication and Key Management Mechanisms for Smart Grid CommunicationsIEEE Systems Journal, 2013
- On smart grid cybersecurity standardization: Issues of designing with NISTIR 7628IEEE Communications Magazine, 2013
- Contextual OTP: Mitigating Emerging Man-in-the-Middle Attacks with Wireless Hardware TokensLecture Notes in Computer Science, 2012
- Adapting PKI for the smart gridPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- A Lightweight Message Authentication Scheme for Smart Grid CommunicationsIEEE Transactions on Smart Grid, 2011
- Interoperable device identification in Smart-Grid environmentsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Authentication and authorization for Smart Grid application interfacesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2011
- Fourth-factor authenticationPublished by Association for Computing Machinery (ACM) ,2006
- Seeing-Is-Believing: Using Camera Phones for Human-Verifiable AuthenticationPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Distance-Bounding ProtocolsPublished by Springer Science and Business Media LLC ,2001