Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
j
= Random(b)
S7.2 gk
j
= Kgen(1
b
)
TABLE IV
KEY REFRESHING POLICY OF THE FIXED DR PROJECT GROUP
If some users join or quit the DR project, the
group key and additional value should be regener-
ated before the update time.
Step 8) Prepare to distribute the new group key and addi-
tional value to all the members of DR project j. u
0
:
S8.1 C
i
=H(HMAC
k
i
(M
i
CDate)Count
i
)
S8.2 sk
i
= H(k
i
C
i
)
S8.3 EData = E
sk
i
(GCount
j
, gk
j
)
S8.4 Sign
t
= HMAC
sk
i
(EData)
Step 9) Distribution of the new group key and additional
value to all the members of DR project j
u
0
{u
i
} : (EDataSign
t
), u
i
userset(gsk
j
).
Step 10) Session key generation and usage at the receiving
ends. u
i
(u
i
userset(gsk
j
)):
S10.1 C
i
=H(HMAC
k
i
(M
i
CDate)Count
i
)
S10.2 sk
i
= H(k
i
C
i
)
S10.3 Sign
r
= HMAC
sk
i
(EData)
IF Sign
t
= Sign
r
S10.4 GCount
j
, gk
j
= DE
sk
i
(EData)
END
D. Key Refreshing Policy
According to the aforementioned key management process,
the key refreshing policy also can be introduced separately by
whether users of the DR project change or not.
1) The users in a DR project do not change.
The refreshing of gk
j
, GCount
j
GC
j
, gsk
j
is similar
to that of broadcast communication. The details are listed
in Table IV.
2) Users join or quit a DR project.
When users subscribe or quit the DR project, gk
j
and GCount
j
should be regenerated by u
0
and then
distributed to all the users participating in the project. The
details are listed in Table V.
4754 IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS, VOL. 60, NO. 10, OCTOBER 2013
TABLE V
KEY REFRESHING POLICY WHEN NEW USERS
ARE ADDED IN THE DR PROJECT GROUP
VII. SECURITY ANALYSIS
A. Key Generation
A user key and a group key are both generated by using
a b-bit secure random key generation function. A session key
is created based on a user key or group key and mixed with
additional value using a HASH function. The user key is
secure. The additional value, which is created using a random
number through a HASH function, is random and independent.
Therefore, the session key will also be secure.
B. Key Freshness
In the KMS, the user key can be autorefreshed in a certain
period. Refreshing of group keys depends on whether there are
users joining or quitting the DR project. If there is any user
who wants to join or quit the DR project, the group key should
be refreshed at the update time.
On refreshing methods, both of the user and session keys use
HASH functions. The difference is that the session key also
uses a random additional value or metering data with metering
date to refresh it. As a result, the new keys are independent of
old keys.
C. Authentication and Integrity
Session keys are held only by the two communication ends.
The receiver will verify the signature of encrypted data rst,
with a secure session key. Only if it passes the authentica-
tion, the receiver would decrypt the message. Otherwise, the
message will be discarded. The authentication and integrity of
information transmission can then be ensured.
D. Forward and Backward Security
As the users can choose to join or quit the group of the DR
project, the forward and backward security of the group should
be considered. In our scheme, if there are any users who choose
to join or quit the group, all the group keys and additional values
will be regenerated and refreshed and then distributed to the
members of the new group.
VIII. PERFORMANCE ANALYSIS
A. Storage Cost
For application of the KMS, related data should be stored,
including various keys, counters, and additional values. The
data which should be stored in MS and SXs are summarized
in Table VI.
Based on Table VI, the calculation methods of the storage
cost of the communication ends are listed in Table VII.
TABLE VI
KEYS AND RELATED DATA STORED IN THE MS AND SXs
TABLE VII
CALCULATION METHODS OF STORAGE COST
TABLE VIII
STORAGE COST ACCORDING TO NUMBER OF DR PROJECTS AND SXs
In actual applications, the key used in symmetric cryptogra-
phy algorithms usually has a length of 128 or 256 b (such as
AES and IDEA). In this paper, we choose a 128-b-long key,
with the same length of a counter and an additional value.
For MS, special key management servers can be used as stor-
age for keys and the related data. The storage cost is not a prob-
lem. In contrast, the storage ability of SXs is limited. Therefore,
the maximal possible storage cost of each SX according to SX
number and DR project numbers should be evaluated. Based on
Table VII, the results are listed in Table VIII.
From the result, we can nd that the storage cost in each
SX will not increase with the number of SXs in the AMI
system. The storage cost in each SX is only increased with the
number of DR projects. In a normal situation, we assume that
the number of DR projects is not more than 15, and the related
maximum storage cost of each SX is 1.088 KB. This result is
acceptable.
LIU et al.: KEY MANAGEMENT SCHEME FOR SECURE COMMUNICATIONS OF AMI IN SMART GRID 4755
TABLE IX
CALCULATION METHODS OF COMPUTATION COST
TABLE X
TIME COST OF COMPUTATION IN EACH SX
B. Time Cost of Computation
As the transmission of messages is time limited, the time cost
of the maximum computation tasks at a certain time needs to be
analyzed. According to the processes of the key management,
the calculation method of computation cost in all the three
transmission modes is listed in Table IX:
1) C
R
: time cost of a random-number generation;
2) C
Kgen
: time cost of b-bit key generation algorithm;
3) C
H
: time cost of executing a HASH operation;
4) C
HMAC
: time cost of executing an HMAC operation;
5) C
XOR
: time cost of an exclusive OR operation;
6) N
P
: the number of DR projects which have users joining
or quitting (N
P
m);
7) N
G
: the total number of users in the DR projects which
have users joining or quitting (N
G
n).
1) Time Cost of Computation in Each SX: The SX is always
implemented by embedded systems. Embedded cipher chips
are used for cryptography computation. The operation rate
for symmetric cryptography algorithms, hash functions, and
HMAC is about 1050 Mb/s. The rate of a XOR operation is
too small to be taken into consideration.
The time cost of computation in each SX can then be calcu-
lated. The results are listed in Table X.
From the results, the time cost of computation in each SX
is very small for SXs which will not affect the transmission of
different messages.
2) Time Cost of Computation in MS: The PCI cryptographic
coprocessor can be used to do the computation in MS. The
operation rate for symmetric cryptography algorithms, hash
functions, and HMAC is about 50 Mb/s1 Gb/s, and the rate
of random-number generation is about 1 Gb/s. The rate of a
XOR operation can be ignored.
The time cost of computation in unicast and broadcast modes
is calculated and listed in Table XI. From the results, we can
nd that the time cost is very small and almost has no effect on
the transmission of different messages.
The time cost in multicast mode should consider the value
of N
P
and N
G
, and the results are calculated and listed in
TABLE XI
TIME COST OF COMPUTATION IN MS
(UNICAST AND BROADCAST MODES)
TABLE XII
TIME COST OF COMPUTATION IN MS (MULTICAST MODE)
TABLE XIII
TIME COST OF DISTRIBUTION
Table XII. The time cost increases with the value of N
G
.
However, even if N
G
is set to 10 000, the time cost will not
affect the transmission of messages.
C. Time Cost of Distribution
According to the analysis of the key management process,
the time cost of distribution in a refreshing time is N
G
C
T
,
where C
T
is the distribution time cost of a package including
the key and the related data.
The package size of key and related data distribution is
usually no more than 384 b. According to the actual situ-
ation of AMI systems, the communication rate in the MS
is not less than 155 Mb/s (the SDH network based on
optical bers is always used as the main communication
channel between users and MS; the transmission rate is
155 Mb/s, 622 Mb/s, and more), and then, the distribution cost
can be calculated in Table XIII.
From the result, we can nd that the time cost of distribution
will not affect the refreshing of keys and the distribution of the
network trafc in AMI systems.
IX. CONCLUSION
To solve the key management problems of AMI systems, a
novel KMS has been proposed. From the security and perfor-
mance analysis, the conclusion includes the following: 1) The
design of KMS is closely integrated with the three different
transmission modes, which supports the unicast, broadcast, and
multicast modes; 2) the storage and computation of keys and
related data are not a difcult task to be implemented in SMs
or UGs; 3) the distribution of the keys and related data will not
affect the normal network trafc in an AMI system; and 4) the
KMS can deal with normal security problems; the forward and
backward security can also be ensured.
4756 IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS, VOL. 60, NO. 10, OCTOBER 2013
REFERENCES
[1] H. Sui, H. Wang, M.-S. Lu, and W.-J. Lee, An AMI system for the
deregulated electricity markets, IEEE Trans. Ind. Appl., vol. 45, no. 6,
pp. 21042108, Nov./Dec. 2009.
[2] V. C. Gngr, D. Sahin, T. Kocak, S. Ergt, C. Buccella, C. Cecati, and
G. P. Hancke, Smart grid technologies: Communication technologies
and standards, IEEE Trans Ind. Informat., vol. 7, no. 4, pp. 529539,
Nov. 2011.
[3] G. Zhabelova and V. Vyatkin, Multiagent smart grid automa-
tion architecture based on IEC 61850/61499 intelligent logical
nodes, IEEE Trans. Ind. Electron., vol. 59, no. 5, pp. 23512362,
May 2012.
[4] A. Hahn and M. Govindarasu, Cyber attack exposure evaluation frame-
work for the smart grid, IEEE Trans. Smart Grid, vol. 2, no. 4, pp. 835
843, Dec. 2011.
[5] G. N. Ericsson, Cyber security and power system communication
Essential parts of a smart grid infrastructure, IEEE Trans. Power Del.,
vol. 25, no. 3, pp. 15011507, Jul. 2010.
[6] F. M. Cleveland, Cyber security issues for advanced metering
infrastructure (AMI), in Proc. IEEE Power Energy Soc. Gen.
MeetingConvers. Del. Elect. Energy 21st Century, Pittsburgh, PA,
Jul. 2008, pp. 15.
[7] Y. Ye, Q. Yi, and S. Hamid, A secure and reliable in-network collab-
orative communication scheme for advanced metering infrastructure in
smart grid, in Proc. IEEE WCNC, Cancun, Mexico, Mar. 2831, 2011,
pp. 909914.
[8] J. Wang and V. C. M. Leung, A survey of technical requirements and
consumer application standards for IP-based smart grid AMI network, in
Proc. ICOIN, Barcelona, Spain, Jan. 2628, 2011, pp. 114119.
[9] J. Kim, S. Ahn, and Y. Kim, Sensor network-based AMI network secu-
rity, in Proc. IEEE PES Transmiss. Distrib. Conf. Expo.: Smart Solutions
Changing World, New Orleans, LA, Apr. 1922, 2010, pp. 15.
[10] Z. M. Fadlullah, M. M. Fouda, N. Kato, A. Takeuchi, N. Iwasaki,
and Y. Nozaki, Toward intelligent machine-to-machine communica-
tions in smart grid, IEEE Commun. Mag., vol. 49, no. 4, pp. 6065,
Apr. 2011.
[11] T. Sauter and M. Lobashov, End-to-end communication architecture for
smart grids, IEEE Trans. Ind. Electron., vol. 58, no. 4, pp. 12181228,
Apr. 2011.
[12] R. Shein, Security measures for advanced metering infrastructure
components, in Proc. APPEEC, Chengdu, China, Mar. 2831, 2010,
pp. 13.
[13] D. Robert, B. Colin, D. Ed, and M. G. N. Juan, SKMAA key manage-
ment architecture for SCADA systems, in Proc. 4th Austral. Inf. Security
Workshop, 2006, vol. 54, pp. 183192.
[14] D. Choi, H. Kim, D. Won, and S. Kim, Advanced key-management
architecture for secure SCADA communications, IEEE Trans. Power
Del., vol. 24, no. 3, pp. 11541163, Jul. 2009.
[15] N. Liu, J. Zhang, and W. Liu, Toward key management for communica-
tions of wide area primary and backup protection, IEEE Trans. Power
Del., vol. 25, no. 3, pp. 20302032, Jul. 2010.
[16] H. Sle and O. S. Grande, Demand response from household customers:
Experiences from a pilot study in Norway, IEEE Trans. Smart Grid,
vol. 2, no. 1, pp. 102109, Mar. 2011.
[17] F. Benzi, N. Anglani, E. Bassi, and L. Frosini, Electricity smart meters
interfacing the households, IEEE Trans. Ind. Electron., vol. 58, no. 10,
pp. 44874494, Oct. 2011.
[18] D.-M. Han and J.-H. Lim, Smart home energy management system using
IEEE 802.15.4 and ZigBee, IEEE Trans. Consum. Electron., vol. 56,
no. 3, pp. 14031410, Aug. 2010.
[19] H. Gharavi and B. Hu, Multigate communication network for smart
grid, Proc. IEEE, vol. 99, no. 6, pp. 10281045, Jun. 2011.
[20] C. K. Wong, M. Gouda, and S. Lam, Secure group communication
using key graphs, IEEE/ACM Trans. Netw., vol. 8, no. 1, pp. 1630,
Feb. 2000.
Nian Liu (S06M11) received the B.S. and
M.S. degrees in electric engineering from Xiangtan
University, Xiangtan, China, in 2003 and 2006, re-
spectively, and the Ph.D. degree in electrical engi-
neering from North China Electric Power University,
Beijing, China, in 2009.
He is currently a Lecturer with the School of
Electrical and Electronic Engineering, North China
Electric Power University. His research interests in-
clude smart grid, cyber security, and power system
optimization.
Jinshan Chen received the B.S. and M.S. degrees
in the major of communication engineering and
communication and information system from North
China Electric Power University, Beijing, China, in
2009 and 2012, respectively.
He is currently with the Power Grid Technology
Center, Electric Power Research Institute of Fujian
Electric Power Company Ltd., Fuzhou, China. His
research interests are communication technology and
cyber security of electric power system.
Lin Zhu received the B.S. degree from Beijing
Language and Culture University, Beijing, China,
in 2007. She is currently working toward the M.S.
degree at Tianjin Normal University, Tianjin, China.
Her research interests are demand side manage-
ment and energy saving.
Jianhua Zhang (M04) was born in Beijing, China,
in 1952. He received the M.S. degree in electrical
engineering from North China Electric Power Uni-
versity, Beijing, in 1984.
He was a Visiting Scholar with Queens University
Belfast, Belfast, U.K., from 1991 to 1992 and was a
Multimedia Engineer of electric power training with
CORYS T.E.S.S., France, from 1997 to 1998. He
is currently a Professor and Head of the Transmis-
sion and Distribution Research Institute, North China
Electric Power University. He is also the Consultant
Expert of National 973 Planning of the Ministry of Science and Technology.
His research interests are in power system security assessment, operation and
planning, and microgrid.
Prof. Zhang is a Fellow of the Institution of Engineering and Technology,
U.K., and a member of several technical committees.
Yanling He received the B.S. and M.S. degrees
in the major of materials science and engineering
from Shandong University, Jinan, China, in 2009 and
2012, respectively.
She is currently with Fujian Shuikou Hydropower
Generation Company, Ltd., Fuzhou, China.