• English
  • Deutsch
  • Log In
    Password Login
    Research Outputs
    Fundings & Projects
    Researchers
    Institutes
    Statistics
Repository logo
Fraunhofer-Gesellschaft
  1. Home
  2. Fraunhofer-Gesellschaft
  3. Konferenzschrift
  4. Work in Progress: Security Analysis for Safety-critical Systems: Smart Grid and IoT
 
  • Details
  • Full
Options
2019
Conference Paper
Title

Work in Progress: Security Analysis for Safety-critical Systems: Smart Grid and IoT

Abstract
Internet of Thing (IoT) and Smart Grid (SG) are separate technologies. The digital transformation of the energy industry and the increasing digitalization in the private sector connect these technologies. Currently in Germany, the SG is under construction. In order to use future innovative services, SG and IoT must be combined. For this, we connect the SG Infrastructure with the IoT. A potential insecure device and network (IoT) should be able to transfer data to and from a critical infrastructure (SG). Open research question in this context are the security requirements architecture SG and IoT and the mechanism for authentication and authorisation in future application (SG and IoT). Due to the increasing networking of the systems (SG and IoT) new threats and attack vectors arise. The attacks to the architecture influence the target of authenticity, security and privacy. For the security analysis we focus on two communication points: the communication between the smart meter gateway, and the IoT device. In our example, a connected charging station with cloud services is connected with a SG infrastructure. To create a really smart service, the charging station needs a connection to the SG to get the current amount of renewable energy in the grid. With this two connections, new threats emerge. A security analysis over all the connections, including the vulnerability and the ability of an attacker, is developed in this paper. The analysis shows us challenges of the communication between IoT and SG. For this, we defined technical and organizational requirements for authentication and authorization. Current authentication and authorization mechanisms are no longer sufficient for the defined requirements. We present the Role-based trust model for Safety critical Systems for these defined requirements. The new trust model is integrated into a role-based access control model. It defines data classes, which separate the sensitive and non-sensitive information.
Author(s)
Neubauer, Katrin
Ostbayerische Technische Hochschule Regensburg
Hackenberg, Rudolf
Ostbayerische Technische Hochschule Regensburg
Fischer, Sebastian  
Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC  
Mainwork
ARCS 2019, 32nd GI/ITG International Conference on Architecture of Computing Systems. Workshop proceedings  
Conference
International Conference on Architecture of Computing Systems (ARCS) 2019  
Language
English
Fraunhofer-Institut für Angewandte und Integrierte Sicherheit AISEC  
Keyword(s)
  • smart grid

  • Internet of Things (IoT)

  • security analysis

  • safety-critical infrastructure

  • trust model

  • Cookie settings
  • Imprint
  • Privacy policy
  • Api
  • Contact
© 2024