System Architecture and Threat Modelling of Advanced Metering Infrastructure

Authors

  • Anurag Chevendra Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra
  • Parul V. Sindhwad Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra
  • Rigved Kulkarni Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra
  • Mahita Samant Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra
  • Sharal Deegoju Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra
  • Faruk Kazi Electrical Engineering Department, VJTI, Mumbai - 400019, Maharashtra

DOI:

https://doi.org/10.33686/pwj.v20i1.1164

Keywords:

AMI, CyberSecurity, LINDUNN, STRIDE, Threat Modelling, Vulnerabilities

Abstract

Advanced Metering Infrastructure (AMI) is a collection of smart meters, communications networks, and data management systems that have been specifically designed to facilitate the effective integration of energy resources. As AMI continues to become more complex and integrated with advanced functionalities, additional questions about cyber security must be considered. The security of an AMI is of critical importance. The implementation of secure protocols and the enforcement of strict security requirements may be able to stop vulnerabilities from being exploited. This research analyses AMI from a security standpoint. It also discusses potential flaws related to various smart meter attack surfaces, as well as the security and threat implications of these flaws. Threat modelling is an engineering undertaking that helps identify security threats, potential vulnerabilities, and their criticality and prioritize corrective or countermeasures. The results show how threat models, specifically STRIDE and LINDDUN, can be used in the case of an AMI and demonstrate the dangers connected to this AMI configuration.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Downloads

Published

2024-09-24

How to Cite

Chevendra, A. ., Sindhwad, P. V., Kulkarni, R., Samant, M., Deegoju, S., & Kazi, F. (2024). System Architecture and Threat Modelling of Advanced Metering Infrastructure. Power Research - A Journal of CPRI, 20(1), 27–33. https://doi.org/10.33686/pwj.v20i1.1164

Issue

Section

Articles

References

Mohassel RR, Fung AS, Mohammadi F, Raahemifar K. A survey on advanced metering infrastructure and its application in smart grids. In: 2014 IEEE 27th Canadian Conference on Electrical and Computer Engineering (CCECE); 2014. p. 1-8. https://doi.org/10.1109/CCECE.2014.6901102 DOI: https://doi.org/10.1109/CCECE.2014.6901102

Potter B. Microsoft sdl threat modelling tool. Network Security. 2009; 2009(1):15-8. https://www.sciencedirect.com/science/article/pii/S135348580970008. https://doi.org/10.1016/S1353-4858(09)70008-X DOI: https://doi.org/10.1016/S1353-4858(09)70008-X

MS, VD, KBR, PK, Gupta P. Smart metering system. In: 2021 Innovations in Power and Advanced Computing Technologies (i-PACT). 2021. DOI: https://doi.org/10.1109/i-PACT52855.2021.9696950

Yan Y, Hu R, Das S, Sharif H, Qian Y. A security protocol for advanced metering infrastructure in smart grid. IEEE Network. 2013; 27:64-71. https://doi.org/10.1109/ MNET.2013.6574667 DOI: https://doi.org/10.1109/MNET.2013.6574667

Khan R, McLaughlin K, Laverty D, Sezer S. Stride-based threat modelling for cyber-physical systems. In: 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe). IEEE; 2017. p. 1-6. https://doi.org/10.1109/ISGTEurope.2017.8260283 DOI: https://doi.org/10.1109/ISGTEurope.2017.8260283

Sion L, Wuyts K, Yskout K, Van Landuyt D, Joosen W. Interaction-based privacy threat elicitation. In: 2018 IEEE European Symposium on Security and Privacy Workshops (EuroSandPW). IEEE; 2018. p. 79-86. https:// doi.org/10.1109/EuroSPW.2018.00017 DOI: https://doi.org/10.1109/EuroSPW.2018.00017

Metke R, Ekl RL. Security technology for smart grid networks. IEEE Trans Smart Grid. 2010; 1:99-107. https:// doi.org/10.1109/TSG.2010.2046347 DOI: https://doi.org/10.1109/TSG.2010.2046347

Paverd J, Martin AP. Hardware security for device authentication in the smart grid. In: Cuellar J, editor. Smart Grid Security. Berlin, Heidelberg: Springer Berlin Heidelberg; 2013. p. 72-84. https://doi.org/10.1007/978-3-642-38030-3_5 DOI: https://doi.org/10.1007/978-3-642-38030-3_5

Wang W, Lu Z. Cyber security in the smart grid: Survey and challenges. Comput Netw. 2013; 57:1344-71. https://doi.org/10.1016/j.comnet.2012.12.017 DOI: https://doi.org/10.1016/j.comnet.2012.12.017

Fan Z, Kulkarni P, Gormus S, Efthymiou C, Kalogridis G, Sooriyabandara M, Zhu Z, Lambotharan S, Chin WH. Smart grid communications: Overview of research challenges, solutions, and standardization activities. IEEE Commun Surv Tutor. 2013; 15(1):21-38. https://doi.org/10.1109/SURV.2011.122211.00021 DOI: https://doi.org/10.1109/SURV.2011.122211.00021

Anzalchi, Sarwat A. A survey on security assessment of metering infrastructure in smart grid systems. In: SoutheastCon; 2015. p. 1-4. https://doi.org/10.1109/ SECON.2015.7132989 DOI: https://doi.org/10.1109/SECON.2015.7132989

Gupta H, Mondal S, Majumdar R, Ghosh NS, Suvra Khan S, Kwanyu NE, Mishra VP. Impact of side channel attack in information security. In: 2019 International Conference on Computational Intelligence and Knowledge Economy (ICCIKE). 2019; 291-5. https://doi.org/10.1109/ ICCIKE47802.2019.9004435 DOI: https://doi.org/10.1109/ICCIKE47802.2019.9004435

Huseinovic, Mrdovic S, Bicakci K, Uludag S. A taxonomy of the emerging denial-of-service attacks in the smart grid and countermeasures. In: 2018 26th Telecommunications Forum (TELFOR); 2018. p. 1-4. https://doi.org/10.1109/ TELFOR.2018.8611847 DOI: https://doi.org/10.1109/TELFOR.2018.8611847

Patni P, Iyer K, Sarode R, Mali A, Nimkar A. Man-in-themiddle attack in http/2. In: 2017 International Conference on Intelligent Computing and Control (I2C2); 2017. p. 1-6. https://doi.org/10.1109/I2C2.2017.8321787 DOI: https://doi.org/10.1109/I2C2.2017.8321787

Marback, Do H, He K, Kondamarri S, Xu D. A threat model-based approach to security testing. Softw Pract Exp. 2013; 43(2):241-58. https://doi.org/10.1002/spe.2111 DOI: https://doi.org/10.1002/spe.2111

Hussain S, Kamal A, Ahmad S, Rasool G, Iqbal S. Threat modelling methodologies: a survey. Sci Int (Lahore). 2014; 26(4):1607-9.

Khan S. A stride model-based threat modelling using unified and or fuzzy operator for computer network security. Int J Comput Netw Technol. 2017; 5:13-20. https://doi.org/10.12785/ijcnt/050103 DOI: https://doi.org/10.12785/ijcnt/050103

Hussain S, Kamal A, Ahmad S, Rasool G, Iqbal S. Threat modelling methodologies: A survey. Sci Int (Lahore). 2014; 26(4):1607-9.

Wuyts K, Joosen W. Linddun privacy threat modelling: A tutorial. CW Reports; 2015.