OMAP: One-Way Memory Attestation Protocol for Smart Meters

Abstract

A smart meter is one of the key elements of smart grids. An attacker can compromise smart meters by injecting malicious codes, and take financial benefits by modifying memory contents of the smart meters. An attestation scheme can prevent such a memory forgery attack as verifying memory contents. In smart grids, however, attestation processes are remotely performed through networks by a faraway utility. Therefore, attestation processes are exposed to network attacks such as man-in-the-middle (MITM) attacks. Even though existing attestation mechanisms detect local attacks such as the memory forgery, they are vulnerable to network attacks since they adopt a two-way attestation so-called a challenge-response protocol. In this paper, we propose a novel attestation mechanism, termed One-way Memory Attestation Protocol(OMAP), not only to detect local attacks, but also to defend against network attacks. Instead of using the two-way attestation, OMAP adopts an one-way attestation protocol, OMAP conducts a pre-defined internal algorithm, generates a checksum, and sends it to a verifier in one direction. Thus, OMAP does not require any information (e.g., challenges) from a verifier that can be exploitable by an adversary. In our experiments, as a smart meter scans only 0.004% of its memory, OMAP enables a verifier to detect memory modification with 95% probability if an attacker changes 20% of the memory.