Smart grid infrastructure and smart metering Security

Work package 12 focused on the security of smart metering and smart grid infrastructure in the Upper Rhine region, encompassing France, Germany, and Switzerland, is of paramount importance for ensuring the secure operation of these systems. Basic rules have been developed for the main metering functions. For various reasons and traditions, these sets of rules differ in countries not only around the globe but also in Europe (incl. CH, DE & FR). The project aimed to develop a unified proposal addressing the security of smart meters and grid infrastructure. This work package is a logical continuation of the ivESK team part from the Interreg project “Smart Meter Inclusif“, where were identified gaps in these rules. In this project, we will more focus on several crucial areas: sub-meters, Controllable Local Systems (CLS), Low Power Wide Area Network (LPWAN) technologies, and advanced fingerprinting methods.

The first work package part evaluated security regulations for sub-meters and CLS. It involved a thorough analysis of current regulations in the three countries, scrutinizing their effectiveness and identifying technological weaknesses. The goal is to explore globally available solutions for secure communication of sub-meters and CLS, assessing their strengths, weaknesses, and emerging trends. This will allow us to propose a consolidated solution with additional security measures specifically for the Upper Rhine region, aiming to facilitate secure communication across the entire region.

The second work package part focused on optimal LPWAN solutions for the region. It will allow to assess the security regulations for narrowband LPWAN technologies in local metrological networks (LMN). This package part includes an assessment of the current narrowband LPWAN regulations, gauging their effectiveness and identifying gaps. We will explore worldwide narrowband LPWAN solutions for secure communications to propose a uniform solution incorporating additional security measures, tailored for use in the Upper Rhine region local metrological networks.

The third work package part addressed fingerprinting and fingerprinting protection. In the context of the kill chain attack model, acquiring information about target software is crucial for identifying potential vulnerabilities. The ivESK team’s tasks include the conduct of deeper research on TLS fingerprinting, including tests of implementations with undifferentiated configurations and the influence of different reduction functions. We will conceptualize approaches to prevent TLS fingerprinting and estimate their feasibility, especially on low-resource, deeply embedded devices.

In this work package part we will improve cloning software for differential testing, which allows to build, run, and orchestrate of multiple communication protocol implementation versions with parameters close to the target implementation. In the later stage, this will allow us to extend our fingerprinting approach to use it not only for TLS but also for other communication protocols implementations such as SSH.

Also, in the third work package part we extend fingerprinting in one more direction by exploring timing fingerprinting. Timing fingerprinting is a vector of fingerprinting that identifies both software and hardware aspects of testing devices. It focused on concealing the timing parameters of security software to mitigate the risk of side-channel attacks. This involves preparing a test bench and software for invoking crypto primitive functions, establishing a database of local and remote timing fingerprints, and analyzing the data to identify the most accurate approach.
Overall, these work packages represented a comprehensive effort to enhance technological security and efficiency in the Upper Rhine region, covering a broad spectrum of areas and ensuring a robust approach to regional security and technological advancement.