Key management for substations: Symmetric keys, public keys or no keys?

Shailendra Fuloria, Ross Anderson, Fernando Alvarez, Kevin McGrath

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract / Description of output

In this paper, we discuss symmetric-key and public-key protocols for key management in electricity transmission and distribution substations-both for communication within substations, and between substations and the network control center. Key management in the electricity network is widely regarded as a challenging problem, not only because of the scale, but also due to the fact that any mechanism must be implemented in resource-constrained environments. NISTIR 7628, the foundation document for the architecture of the US Smart Grid, mentions key management as one of the most important research areas, and the IEC 62351 standards committee has already initiated a new specification dedicated to key management. In this document, we describe different variants of symmetric-key and public-key protocols. Our design is motivated by the need to keep the mechanism simple, robust, usable and still cost effective. It is important to take into account the complexity and the costs involved not just in the initial bootstrapping of trust but also in subsequent key management operations like key update and revocation. It is vital to determine the complexity and the cost of recovery mechanisms-recovery not only from malicious, targeted attacks but also from unintentional failures. We present a detailed threat model, analysing a range of scenarios from physical intrusion through disloyal maintenance personnel to supply-chain attacks, network intrusions and attacks on central systems. We conclude that while using cryptography to secure wide area communication between the substation and the network control center brings noticeable benefits, the benefits of using cryptography within the substation bay are much less obvious; we expect that any such use will be essentially for compliance. The protocols presented in this paper are informed by this threat model and are optimised for robustness, including simplicity, usability and cost.
Original languageEnglish
Title of host publication2011 IEEE/PES Power Systems Conference and Exposition
Number of pages6
ISBN (Electronic)978-1-61284-788-7, 978-1-61284-787-0
Publication statusPublished - 23 May 2011
Event2011 IEEE PES Power Systems Conference and Exposition - Phoenix, United States
Duration: 20 Mar 201123 Mar 2011


Conference2011 IEEE PES Power Systems Conference and Exposition
Abbreviated titlePSCE 2011
Country/TerritoryUnited States

Keywords / Materials (for Non-textual outputs)

  • key management
  • substation communication


Dive into the research topics of 'Key management for substations: Symmetric keys, public keys or no keys?'. Together they form a unique fingerprint.

Cite this