Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach

Awad, Ali Ismail; Shokry, Mostafa; Khalaf, Ashraf A. M.; Abd-Ellah, Mahmoud Khaled

doi:10.1016/j.compeleceng.2023.108667

Cited by 9 publications

(4 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [27], the important role of authentication and key agreement mechanism in smart grid environment, especially in AMI system, is expounded, which can effectively protect entities from adversary attacks and threats of unauthorized illegal entities and ensure the reliable operation of the whole system. In [28], the potential risks in the AMI system are evaluated by the OCTAVE Allegro method. According to [10,28], the key agreement scheme designed for the AMI system needs to be able to resist impersonation, man-in-the-middle, replay and other attacks in addition to mutual authentication, ensuring session key security, providing anonymity and forward confidentiality.…”

Section: Motivationmentioning

confidence: 99%

“…In [28], the potential risks in the AMI system are evaluated by the OCTAVE Allegro method. According to [10,28], the key agreement scheme designed for the AMI system needs to be able to resist impersonation, man-in-the-middle, replay and other attacks in addition to mutual authentication, ensuring session key security, providing anonymity and forward confidentiality. These are the main requirements of smart grid security.…”

Section: Motivationmentioning

confidence: 99%

See 1 more Smart Citation

A Lightweight Chaotic Map-Based Key Agreement Scheme for the Advanced Metering Infrastructure

Wang,

Feng,

Zhang

2024

Applied Sciences

View full text Add to dashboard Cite

In the advanced metering infrastructure (AMI), impersonation, eavesdropping, man-in-the-middle and other attacks occur in the process of communication between entities through public channels, which will lead to the leakage of user privacy or the incorrect issuance of control instructions, resulting in economic losses and even power system operation failures. In view of this situation, we design a lightweight key agreement scheme based on a chaotic map for the AMI. We use the chaotic map to replace the time-consuming bilinear pairing and elliptic curve method and establish a secure communication channel between legal entities. In addition, we also design a multicast key generation mechanism for message transmission in AMI. The security analysis proves the security of the proposed scheme in the random oracle model, which can meet the security characteristics of anonymity and forward secrecy, and can effectively resist common attacks such as impersonation, replay and man-in-the-middle. The performance analysis results show that the proposed scheme requires lower computational and communication costs than related schemes, so it is more suitable for AMI scenarios with limited resources.

show abstract

Section: Motivationmentioning

confidence: 99%

Section: Motivationmentioning

confidence: 99%

A Lightweight Chaotic Map-Based Key Agreement Scheme for the Advanced Metering Infrastructure

Wang,

Feng,

Zhang

2024

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…Penelitian sebelumnya dilakukan oleh Ahmad Nur dkk, 2020 pada UPT Puskom menghasilkan 5 area yang belum sesuai dengan standar metode OCTAVE-S yaitu peraturan kemanan dan kebijakan, kontrol akses fisik, manajemen kerentanan, perancangan keamanan dan arsitektur keamanan dan manajemen risiko [1], [11]. Peneliti memiliki menggunakan metode OCTAVE-S untuk digunakan dalam melakukan analisis risiko yaitu dengan cara identifikasi aset kristis, evaluasi praktik keamanan, evaluasi ancaman dan identifikasi risiko yang terdapat dalam organisasi [12].…”

Section: Pendahuluanunclassified

Information Technology Security Risk Management using the OCTAVE-S Method

Rahmawati,

Hartomo

2023

SISTEMASI

View full text Add to dashboard Cite

AbstrakDinas Kependudukan dan Pencatatan Sipil Kota Salatiga merupakan organisasi perangkat daerah yang sudah menggunakan teknologi informasi pada proses bisnisnya. Meskipun sudah memanfaatkan sistem informasi namun mereka belum melaksanakan penilaian mengenai ancaman risiko dan belum menjalankan sebuah manajemen risiko. Bersumber pada permasalahan tersebut dibutuhkan sebuah pemecahan masalah dalam menjalankan teknik pengukuran dan manajemen risiko memakai metode OCTAVE-S yang fokus pada organisasi dengan jumlah anggota tidak lebih dari 100 orang. Teknik ini digunakan yaitu untuk mengindentifikasi dan melakukan analisis terhadap ancaman yang terdapat pada aset kritis yang ada pada Dinas Kependudukan dan Pencatatan Sipil Kota Salatiga. Hasil dari analisis terhadap ancaman tersebut yang nantinya akan berguna pada saat melakukan rencana mitigasi sesuai dengan praktik keamanan yang ada. Dari penelitian yang telah dilaksanakan terdapat 2 area praktik kemanan yang menghasilkan status stoplight berwarna kuning yang merupakan tanda organisasi telah menerapkan praktik keamanan namun belum sempurna. Kedua area praktik keamanan itu yang akan dipilih menjadi area.

show abstract

“…Another set of papers assess potential security-related risks that can occur in smart meters and adjacent infrastructure. Reference [8], is based on risk related to DLMS, whereas paper [9] deals with the wider area of the AMI. Another paper [10] examines the security and privacy aspects of smart metering infrastructure.…”

mentioning

confidence: 99%

Smart Metering Cybersecurity—Requirements, Methodology, and Testing

Kohout

Lieskovan

Mlýnek

2023

Sensors

View full text Add to dashboard Cite

This paper addresses the current challenges in cybersecurity of smart metering infrastructure, specifically in relation to the Czech Decree 359/2020 and the DLMS security suite (device language message specification). The authors present a novel testing methodology for verifying cybersecurity requirements, motivated by the need to comply with European directives and legal requirements of the Czech authority. The methodology encompasses testing cybersecurity parameters of smart meters and related infrastructure, as well as evaluating wireless communication technologies in the context of cybersecurity requirements. The article contributes by summarizing the cybersecurity requirements, creating a testing methodology, and evaluating a real smart meter, using the proposed approach. The authors conclude by presenting a methodology that can be replicated and tools that can be used to test smart meters and the related infrastructure. This paper aims to propose a more effective solution and takes a significant step towards improving the cybersecurity of smart metering technologies.

show abstract

Assessment of potential security risks in advanced metering infrastructure using the OCTAVE Allegro approach

Cited by 9 publications

References 19 publications

A Lightweight Chaotic Map-Based Key Agreement Scheme for the Advanced Metering Infrastructure

A Lightweight Chaotic Map-Based Key Agreement Scheme for the Advanced Metering Infrastructure

Information Technology Security Risk Management using the OCTAVE-S Method

Smart Metering Cybersecurity—Requirements, Methodology, and Testing

Contact Info

Product

Resources

About