Escolar Documentos
Profissional Documentos
Cultura Documentos
Neil McGuinness, ESB Networks Smart Metering Project Manager Final Public 28/11/2012 2.0
30/11/2012
BACKGROUND
3 3.1 3.2 3.3 3.4 3.5 3.6 3.7 4 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 5
HIGH LEVEL SECURITY PRINCIPLES CONFIDENTIALITY AND PRIVACY PRINCIPLE INTEGRITY PRINCIPLE AVAILABILITY PRINCIPLE AUTHENTICATION AND IDENTIFICATION PRINCIPLE AUTHORISATION PRINCIPLE NON-REPUDIATION PRINCIPLE AUDITING AND ACCOUNTING PRINCIPLE HIGH LEVEL SECURITY REQUIREMENTS PROVABLE DEVICE IDENTITY AT NETWORK JOIN PROVABLE USER IDENTITY SECURE HARDWARE SECURE MANUFACTURING AND SOFTWARE LIFECYCLE PROCESSES SECURE FIRMWARE UPGRADE AFTER DEPLOYMENT REGULAR DYNAMIC ENCRYPTION KEY REFRESH ROLE BASED AUTHORISATION BASED ON LEAST PRIVILEGE PRINCIPLE INTRUSION DETECTION/PREVENTION COMPREHENSIVE AUDITING AND SECURITY POLICY REVIEWS OVERARCHING DATA SECURITY AND PRIVACY PRINCIPLES
5 5 6 6 6 6 7 7 8 8 9 9 9 10 10 10 10 10 11
SECURITY PRINCIPLES FOR INTERFACES TO CUSTOMERS HAN SECURITY REMOTE OPERATION OF METER CONTACTOR OR VALVE CUSTOMER ACCESS TO DATA ON THE PROPOSED INDUSTRY PORTAL BACKEND IT SYSTEMS SECURITY CONSIDERATIONS (HIGH LEVEL)
30/11/2012
30/11/2012
30/11/2012
30/11/2012
30/11/2012
30/11/2012
30/11/2012
30/11/2012
30/11/2012
Where Data Encryption is implemented, the encryption solution chosen will be strong enough to make it impractical for someone with access to the data flow or data repository to decipher the data using currently available hardware. However, hardware capabilities will improve over time (assuming Moores Law continues to apply) so potential attackers will continue to improve their ability to decipher encrypted data using brute force methods. Some elements of the Smart Metering Infrastructure are expected to have a lifetime of over 15 years. Therefore, the encryption solutions chosen for these elements of the infrastructure ideally should be capable of being updated to take advantage of new encryption algorithms and techniques and to facilitate the use of longer encryption keys. A defence in depth approach will also be taken to the Smart Meter Infrastructure security design. This means that security services will be layered on top of each other so that a failure of one protection will not compromise the security of the data. This layered security approach has been used in enterprise security designs for many years and is well proven there. Applying it to the myriad components of a Smart Metering Infrastructure poses many challenges, but possible architectures are beginning to emerge from the major security companies, national standards bodies and the Smart Metering/Smart Grid vendors.
30/11/2012
30/11/2012
30/11/2012
30/11/2012