Biblio

Trusted Platform Modules (TPMs) are specialized chips that store RSA keys specific to the host system for hardware authentication. The RSA keys refer to an encryption technology developed by RSA Data Security. The RSA algorithm accounts for the fact that there is no efficient way to factor extremely large numbers. Each TPM chip contains an RSA Key pair known as the Endorsement Key that cannot be accessed by software. The TPM contains an additional key, called the Attestation Identity Key that protects the device itself against unauthorized firmware and software modification by implementing hash functions on critical sections of the software and firmware before execution. As a result, the TPM can be used as a chip for handling encryption for a larger system to offer an additional layer of security. Furthermore, the TPM can also be used for managing encryption keys, as a Storage Root Key is created when a user or administrator takes ownership of the system. However, merging the TPM into a system does come with additional costs along with potential benefits. This paper focuses on integrating a TPM into a system implemented on an ARM processor that engages with power electronics, and then presents the security benefits associated with a TPM.

A distributed energy resource prototype is used to show cybersecurity best practices. These best practices include straightforward security techniques, such as encrypted serial communication. The best practices include more sophisticated security techniques, such as a method to evaluate and respond to firmware integrity at run-time. The prototype uses embedded Linux, a hardware-assisted monitor, one or more digital signal processors, and grid-connected power electronics. Security features to protect communication, firmware, power flow, and hardware are developed. The firmware run-time integrity security is presently evaluated, and shown to maintain power electronics uptime during firmware updating. The firmware run-time security feature can be extended to allow software rejuvenation, multi-mission controls, and greater flexibility and security in controls.

Modern Energy Management Systems (EMS) are becoming increasingly complex in order to address the urgent issue of global energy consumption. These systems retrieve vital information from various Internet-connected resources in a smart grid to function effectively. However, relying on such resources results in them being susceptible to cyber attacks. Malicious actors can exploit the interconnections between the resources to perform nefarious tasks such as modifying critical firmware, sending bogus sensor data, or stealing sensitive information. To address this issue, we propose a novel framework that integrates PowerWatch, a solution that detects compromised devices in the smart grid with Cyber-secure Power Router (CSPR), a smart energy management system. The goal is to ascertain whether or not such a device has operated maliciously. To achieve this, PowerWatch utilizes a machine learning model that analyzes information from system and library call lists extracted from CSPR in order to detect malicious activity in the EMS. To test the efficacy of our framework, a number of unique attack scenarios were performed on a realistic testbed that comprises functional versions of CSPR and PowerWatch to monitor the electrical environment for suspicious activity. Our performance evaluation investigates the effectiveness of this first-of-its-kind merger and provides insight into the feasibility of developing future cybersecure EMS. The results of our experimental procedures yielded 100% accuracy for each of the attack scenarios. Finally, our implementation demonstrates that the integration of PowerWatch and CSPR is effective and yields minimal overhead to the EMS.