Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Designing and Operating Through Compromise: Architectural Analysis of CKMS for the Advanced Metering Infrastructure

Conference ·
OSTI ID:1073663
 [1];  [2];  [2];  [2]
  1. Sypris Electronics, LLC
  2. ORNL
+ Show Author Affiliations
Compromises attributable to the Advanced Persistent Threat (APT) highlight the necessity for constant vigilance. The APT provides a new perspective on security metrics (e.g., statistics based cyber security) and quantitative risk assessments. We consider design principals and models/tools that provide high assurance for energy delivery systems (EDS) operations regardless of the state of compromise. Cryptographic keys must be securely exchanged, then held and protected on either end of a communications link. This is challenging for a utility with numerous substations that must secure the intelligent electronic devices (IEDs) that may comprise complex control system of systems. For example, distribution and management of keys among the millions of intelligent meters within the Advanced Metering Infrastructure (AMI) is being implemented as part of the National Smart Grid initiative. Without a means for a secure cryptographic key management system (CKMS) no cryptographic solution can be widely deployed to protect the EDS infrastructure from cyber-attack. We consider 1) how security modeling is applied to key management and cyber security concerns on a continuous basis from design through operation, 2) how trusted models and key management architectures greatly impact failure scenarios, and 3) how hardware-enabled trust is a critical element to detecting, surviving, and recovering from attack.
Research Organization:
Oak Ridge National Laboratory (ORNL)
Sponsoring Organization:
ORNL work for others
DOE Contract Number:
AC05-00OR22725
OSTI ID:
1073663
Country of Publication:
United States
Language:
English

Similar Records

Cryptographic Key Management and Critical Risk Assessment
Technical Report · Thu May 01 00:00:00 EDT 2014 · OSTI ID:1131520
Centralized Cryptographic Key Management and Critical Risk Assessment - (CRADA Final Report)
Technical Report · Wed May 28 00:00:00 EDT 2014 · OSTI ID:1132557
Cryptographic Key Management System (CKMS)
Technical Report · Mon Sep 15 00:00:00 EDT 2014 · OSTI ID:1162182

Related Subjects

Cryptographic Key Management System (CKMS)
Key Management
Security
Security Models/Metrics
Smart Grid
Testing/Experimentation
Trusted Hardware
Verification