A Lightweight Scheme to Authenticate and Secure the Communication in Smart Grids

Abstract

Self-reconfiguration in electrical power grids is a significant tool for their planning and operation during both normal and abnormal conditions. The increasing in employment of Intelligent Electronic Devices (IEDs), as well as the rapid growth of the new communication technologies have increased the application of Feeder Automation (FA) in Distribution Networks (DNs). In a Smart Grid (SG), automation equipment, such as a Smart Breaker (SB), is used. Using either a wired or a wireless network or even a combination of both, communication between the Control Center (CC) and SBs can be made. Nowadays, wireless technology is widely used in the communication of DNs. This may cause several security vulnerabilities in the power system, such as remote attacks, with the goal of cutting off the electrical power provided to significant consumers. Therefore, to preserve the cybersecurity of the system, there is a need for a secure scheme. The available literature investments proposed a heavyweight level in security schemes, while the overhead was not considered. To overcome this drawback, this paper presents an efficient lightweight authentication mechanism with the necessary steps to ensure real-time automatic reconfiguration during a fault. As a first stage, authentication will be made between CC and SB, SB then sends the information about its status. To ensure the integrity of the authentication exchange, a hash function is used, while the symmetric algorithm is used to ensure privacy. The applicability of the suggested scheme has been proved by conducting security performance and analysis. The proposed scheme will be injected on ABB medium voltage breaker with the REF 542plus controller. Therefore, the probable benefit of the suggested scheme is the contribution to provide more flexibility for electrical utilities in terms of reducing the overall computational overhead and withstanding to various types of attacks, while also opening new prospects in FA of SGs.

1. Introduction

A topic that is currently being frequently discussed is how the electrical power networks will be designed in the future. Nowadays, many application fields have rapidly grown in their technological evolution, including power systems. With the benefits of IEDs and communication networks, the FA system in DNs can easily be applicable. Therefore, the electrical distribution grid recently witnessed a transition from the old-style electrical grid to the new style of grid that is called the SG [1]. By implementing intelligent monitoring and control from a distance to power the equipment, an SG will become a promising platform for increasing the efficiency and the quality of service [2]. The primary purpose of the SG is to combine valuable data from the electrical grid to permit the CC to evaluate the present status of the electrical grid [3]. The objective of SGs is to create a new power grid that runs economically and smartly [4]. In an SG environment, feeder handling can be implemented via automatic reconfiguration to improve the voltage profile, power quality and to reduce the branch power loss [5,6]. The ability to self-heal, in case of a fault, is one of the required features for a SG, which brings significant economic benefits [7]. The effect of a prolonged outage in the electric DN to an area would be greater than the economic loss. To achieve a fast power restoration, the power utilities have been using smart remote-controlled breakers in distribution networks to ensure continuous power supply. Guaranteeing the continuity of provided power is one of the primary functions of a power system [8]. SG systems with remote and fast switching breakers make network reconfigurations possible and thus, they reduce the breakout period when an outage occurs [9,10]. The SB can offer new functions such as a real-time remote switch by the CC. The remote signal can be sent by the CC to the SB to connect or disconnect a power line. These breakers have a high impact [11] and become economically sustainable due to a lot of automation equipment and to new communication technologies. The general purpose of computing and communication in power system resources is to improve the system efficiency [12,13]. In the SG, the SB device lies far from CC and uses two-way communications at normal and fault conditions. Therefore, the maneuvers for self-reconfiguration must be passed in a secure way or through a secure process. The data can be sent to the CC and to the SB over wireless or wired networks. Wireless technologies are extensively used for local communication subsystems in the SG [14]. The wireless communication technology may produce new and important challenges for the security of existing network [15]. For instance, a faked fault data can be invented and forwarded to CC or SB. Therefore, without suitable security, the SG cannot perform well as an energy management system [16,17].

In this paper, a secure authentication scheme using a new fast technique for a SB in the SG has been introduced. The proposed scheme consists of two scenarios for authentication between the SB and the CC. The first permits a CC to authenticate with the SB, while the second is similar to the first and allows the SBs to authenticate with its CC. Where, the CC or SB will be Sending End (SE), while the SB or CC will be Receiving End (RE). This scheme permits authentication between the SE and the RE. The SE creates a random number, which is then hidden in the breaker ID, to encrypt the result using the hidden parameter. Afterwards, the SE creates the hash value for the proposed authentication and authorization. At last, the RE receives an authentication signal that contains the hash value from the SE. After receiving the authentication message, firstly, the RE re-decrypts the information to get the random number and then it generates a new parameter called the obtained hash value. The obtained hash is compared with the hash that was previously sent from the SE; if both are equal, then the calculated random number was right. Then, the RE creates a random number and conceals it within the breaker ID and then it encrypts the final result. Secondly, the RE generates an additional hash value that contains the received random parameter and another random parameter and then forwards the authentication message to the SE; this message includes the hash value and the encrypted result. As soon as the authentication message is received, the SE decrypts the information and gets a random value. The SE utilizes a hash value to check if the obtained random value was right.

Numerous investigations have been undertaken in the field of SG security, particularly on mutual authentication. In this section, the key security problem of authentication is presented. The authors in Reference [18] suggested a scheme that offers mutual authentication between smart meters at various locations. The calculated time and communication size of the proposed scheme is high owing to the use of Rivest, Shamir, and Adleman (RSA). In Reference [19], the authors proposed an effective privacy-preserving scheme; holomorphic encryption was employed by the suggested scheme to realize Privacy-Preserving Demand Aggregation (PPDR) and a better response. The authors in Reference [20] presented several types of schemes and protocols; they proposed a mutual authentication scheme for a Smart Meter (SM) to solve the challenges in SGs. In Reference [21], a scheme to address mutual authentication and to prevent several types of attacks between SG utility networks and SMs was presented. Also, the authors proposed a new protocol for key management to secure data among the utility server and the SMs. The Wide Area Measurement Systems (WAMS) offer a time-synchronized assessment of the situations for electrical power networks over a large geographical area. The WAMS Key management (WAKE) scheme was proposed for securing communications in WAMS [22]. The proposed authentication scheme employed a symmetric key to secure real-time data in the transmission lines. To the best of our knowledge, it is the first study to propose an authentication scheme between CC and SBs in SG. Therefore, the related works are very limited and almost nonexistent.

There is an excessive variability of methods for performing authentication. Unfortunately, much of the available literature investigated SG security, while all the above-mentioned works [18,19,20,21,22,23,24,25,26] lack high computation and long communication sizes and use a complex scheme such as the Public-Key Infrastructure (PKI). Signature generation as well as signature verification are needed for the PKI. Therefore, these actions cause high computation and communication overhead. An excessive amount of authentication steps is sometimes needed to secure communications, which causes additional computation and communication costs. In this paper, all the previous challenges were addressed by proposing a lightweight authentication scheme for securing the communication between the CC and SBs in an SG.

Generally, this paper contributes to providing SE authentication with RE and to the creation of a secure channel between the CC and the SBs. The proposed scheme will use the symmetric system to ensure the integrity of various interactions with the cryptographic hash function. The benefits of the suggested lightweight scheme offer the authentication with low communication and computation costs; thus, the power consumption will be low. Where, the most articles in wireless security such as [27] focus on the energy cost. The scheme offers the identity of SE detection and ends with the Session Key Agreement (SKA) among SE and RE. The suggested scheme also offers SG Mutual Authentication (SGMA) and with a suitable level of security against multiple attacks. The experiments and measurements adopted in: first, theoretical method then, the simulations platform was done using MATLAB R2014a software. Finally, we recommended to apply the proposed scheme (by the help of ABB switchgear companies) on ABB eVD4 SB and REF542plus controller. This work successfully manages the above proposition and is organized as follows.

The discussion of the related works is presented in Section 1. Section 2 deals with the SB in the SG. The network architecture is presented in Section 3, which clarifies the network model and the main goals of this work. Section 4 illustrates the proposed authentication mechanism with all notations and all phases. Section 5 offers the main results and the system performance. The proposed scheme’s security analysis for this paper is presented in Section 6 and involves all the necessary safety needs between the CC and the SB. Finally, Section 7 concludes this work.

2. Smart Breaker in Smart Grid

In a smart electrical distribution network, all probable fault locations [6] which can occur in the network were listed in the CC and the SB was designed for online monitoring. The observed electrical network can use the data from the Supervisory Control and Data Acquisition (SCADA) or WAMS. Then, the automatic breakers will isolate the faulty line (during fault occurrence) till the network reconfiguration. The SB sends data about its status to CC, while the CC send commands to the remote switches to connect or disconnect (on or off) [28]. The reconfiguration allows to handover the demand on other lines that have lower loads [29]. The action of the SBs is an automatically process from the CC, which permits the SG to implement the strategies for the continuous process. The CC has fault analysis and application software, where the CC generates an automatic breaker action, while in some situations, directly sends a movement action to the SBs [30]. SG communication mostly uses wireless infrastructure to send the breakers actions. Using wireless technology in parts of SGs causes a delay in the sensitive data and in various types of attacks [18]. Therefore, there is a necessary need to find a secure path or secure scheme.

The smart breaker which will be used is ABB eVD4, the hardware minimum requirements for “Initialization Phase” are: Pentium III, 800 MHz; 128 MB of RAM; 40 MB of available disk space. The software requirements are: Operating system Microsoft Windows 98/2000/XP; PCM600 Version 2.3 Production Build; Microsoft .NET Framework 2.0; and eVD4-RBX615 Connectivity Package. The eVD4 classified as Intelligent Electronic Device (IED) and use the international standard for substation communication and modeling IEC 61850 with GOOSE messaging and Modbus. The controller of the SB will be REF542plus, the block diagram of this controller shown in Figure 1. The ability of REF542plus is extremely powerful in terms of automation.

3. Network Architecture

3.1. Network Model

The suggested manner is applied to the medium scale system of the standard IEEE 33-bus, which is exceedingly utilized as a network model which is shown in . The network includes 33 buses and 37 branches ranging from s1 to s37. It includes 32 branches with normally closed SB pairs, as shown in Figure 2 with solid black lines, and 5 branches with normally opened SB pairs that are shown with the hidden black line. The pairs of breakers shown as red circles denote the beginning and ending of each branch.

The network architecture of the proposed approach between the CC and the SBs under a fault via wireless network of the SG is shown in Figure 3. The real physical fault in DN may occur in any branch due to several causes such as: Lightning, tree contact, birds, squirrels, and vandalism. The fault type may be Line to Ground (LG), Line to Line (LL), Line to Line to Ground (LLG) or Line to Line to Line (LLL). The most fault type is LG which constitutes 80% from the total number of faults. The protection system will manage the fault by physical response to open the SB. The SB is designed to send the information (data) about its status and several measurements such voltage, current, frequency, time and date. The CC is designed to send actions (commands) to open or close the SBs. The wireless communication is widely used where the cyber-attack may be taken place to made a faked fault or disconnect the electricity on a pivotal area.

where, L_i represents the load at the node i, SB_j represents the smart breaker of the jth branches.

3.2. Design Goals

The SB can disconnect the power line in case of a fault in its line, in which case, the SB tries to communicate with the CC to hand over the load to another line as fast as possible. The goals of this design are as follows:

• Secure the communication channel between the CC and the SBs to avoid cyber-attacks.
• Reduce the overhead of the network in terms of computation and communication costs.
• Anonymous IDs for the SBs and the CC to avoid receiving a fabricated faked fault.
• Prevent different types of attacks.

4. The Proposed Authentication Mechanism

This section presents the proposed scheme, which involves two scenarios to secure the communication between the SBs and the CC. In the first scenario, an SB will be SE, and the CC will be RE. While in the second scenario, the CC will be SE and the SBs will be REs. The notations used in this study (first scenario) are given in

Table 1. The notation used.

Symbol	Definition
IDsbj	Identification of the jth SB
IDsbwj	IDj shadow of the SB
IDcc	Identification of CC
Msbwj	Mask of ID shadow for the SB
pj	Secure Parameter of the jth SB
pc	Secure Parameter CC
αj, βj	Random values from the SB, CC
Hsbj	Hash function of the SB
OHsbj	Hash function obtained from IDsbwj
IDcrwj	Replay of the control ID shadow
Mcrwj	Mask of the replay of the control ID shadow
Hcrj	Hash value of IDcrwj
OHcrj	Hash value obtained from IDcrwj
⊕	XOR function
||	Concatenation function
h	Hash function

. While, the notations of the second scenario are similar to the first one.

The suggested scheme offers SGMA, authorization and information privacy between the SB and the CC. The proposed scheme is involved in the following phases.

• Initialization Phase: the SBs in this phase are recorded in the CC with unique identity numbers.
• Authentication Phase: from the SB to the CC to authenticate each other.
• Key Session Phase: is the mutual key creation, which is utilized as a session key and forwards data from the SB and the CC.

4.1. Initialization Phase

This is like a registration process among the SBs and the CC; it is very important to run the proposed scheme. The SBs are connected to the CC, where the CC is assumed to be a trusted entity. The applied suites cypher, such as a type of hash function, and the cryptography procedure are defined. In addition, an off-line supplier defined the SB identity IDsb_j and the corresponding parameters p_j and p_c for each recorded SB as shown in Figure 4.

4.2. Authentication Phase

In traditional power distribution networks, when a fault occurs in any medium voltage power line, a portion of the load will be unsupplied. Therefore, in the SG, to use the property of self-healing, the SB will disconnect automatically and start to inform the CC about its existing status. This needs particular authentication steps between the SB and the CC. Each remote SB that requires communication with the CC must implement and pass the authentication steps. The suggested authentication scheme can be seen in Figure 5. After confirming the sureness of the information from the SB, the CC will send actions to other SBs. This action, which is achieved through the software, is already saved in the CC and has the ability to deal with fault issues automatically. The CC will make its decisions for specific SBs to handover the network branches to maximize the service within acceptable power losses and the voltage profile. Therefore, the CC will send actions to SBs.

The steps of the authentication phase in this scenario are outlined in the steps below.

Calculation 1

Step 1

the SB generates an unknown random number α_j ← Z* then it computes IDsbwj:

$$IDsb{w}_j=IDs{b}_j \oplus {\alpha }_j$$

Step 2

the SB computes Msbwj by coding the IDsbwj via the unknown parameter p_j as the secure key:

$$Msb{w}_j=E(IDsb{w}_j,p_j)$$

Step 3

the SB computes the hash function IDsbwj and concatenates it with α_j:

$$Hs{b}_j=h (IDsb{w}_j\parallel {\alpha }_j)$$

Sending 1, the SB forwards a message authentication to the CC, the message includes (Hsb_j; Msbw_j; IDsb_j).

Calculation 2

Step 1

after receiving the message authentication, the CC decrypts Msbw_j to get IDsbwj:

$$IDsb{w}_j=D(Msb{w}_j,p_j)$$

Step 2

the CC extracts α_j from IDsbw_j:

$${\alpha }_j= IDsb{w}_j \oplus IDs{b}_j$$

Step 3

to confirm the value of α_j, the CC calculates the OHsb_j of the IDsbwj and concatenates it with α_j:

$$OHs{b}_j=h (IDsb{w}_j\parallel {\alpha }_j)$$

If OHsb_j = Hsbj, then the resulting value of α_j is right. Else,

Failure Sending 1, the CC forwards a message of failure to the SB.

Step 4

the CC creates a random number β_j ← Z^∗ and then calculates the replay control ID shadow IDcrw_j:

$$IDcr{w}_j=IDs{b}_j \oplus {\beta }_j$$

Step 5

the CC computes Mcrw_j by encrypting IDcrw_j using p_j as the unknown key:

$$Mcr{w}_j=E(IDcr{w}_j,p_j)$$

Step 6

the CC calculates the hash value of IDcrw_j and concatenates it with α_j and β_j:

$$Hc{r}_j=h (IDcr{w}_j\parallel {\alpha }_j\parallel {\beta }_j)$$

Sending 2, the CC forwards a message of authentication to the SB, which involves (Hcrj; Mcrw_j).

Calculation 3

Step 1

after getting the message of authentication from the CC, the SB decrypts Mcrw_j to obtain IDcrw_j:

$$IDcr{w}_j=D(Mcr{w}_j,p_j)$$

Step 2

the SB extracts β_j from IDcrw_j through:

$${\beta }_j=IDs{b}_j \oplus IDcr{w}_j$$

Step 3

to confirm the value of β_j, the SB calculates the hash value of IDcrw_j and concatenates it with α_j and β_j:

$$OHc{r}_j=h (IDcr{w}_j\parallel {\alpha }_j\parallel {\beta }_j)$$

If OHcr_j = Hcrj, then the resulting value of β_j is corrected. Else,

Failure Sending 2, the SB sends a message of failure to the CC.

4.3. Key Session Phase

As soon as the authentication phase is successfully passed, a mutual symmetric key K_j is generated to give the channel of communication its security. K_j can be computed as:

$$K_j=h ({\alpha }_j\parallel {\beta }_j\parallel IDs{b}_j)$$

The key K_j is used in data privacy of the existing session. After the ending of this session, the value of the secret parameters α_j and β_j are deleted from the system. The key session from the SB to the CC is shown in Figure 6.

5. Results and System Performance

In this section, a comparison in the performance of the proposed scheme with References [18,31,32] is discussed. The initialization phase will only be implemented one time. Therefore, the required comparison will be in the authentication phase of performance. Where, the standard costs regarding to authentication which are computational and communication cost as shown in

Table 2. The comparison in computational cost (msec).

Scheme	SE to RE	RE to SE	Total
Proposed	8.10	6.40	14.10
[31]	-	-	23.13
[18]	-	-	34.65
[32]	-	-	34.65

and

Table 3. The comparison in communication cost (bit).

Scheme	Sending 1	Sending 2	Sending 3	Total
Proposed	354	256	-	510
[31]	464	336	-	800
[18]	384	512	144	1040
[32]	384	512	144	1040

, are considered. Such these costs are well known and common in most authentication researches.

The experiments are conducted on a 2.5 GHz Intel i3-M380 processor, with a Windows 7 operating system of 64-bits, and 4 GB RAM (Lenovo PC HK limited, Hong Kong, China). Where, MATLAB R2014a is used to implement our experiments. While, Java class is used to implement the cryptosystem.

In Table 2, a comparison is made among References [18,31,32] with the proposed scheme in terms of their computational costs. The total computational cost of our proposed scheme for the authentication phase is 14.1 milliseconds, which is deemed the lowest. The other mentioned papers have respective computational costs of 23.13, 34.65 and 34.65 milliseconds. In addition, another comparison of the communication costs, as shown in Table 3, is the total communication cost, which is 510 bits for the proposed scheme and 800, 1040 and 1040 bits for the other schemes respectively. In our proposed scheme, three considerations are involved with the key requirements of authentication phase (Hsbj; Msbwj; IDsbj). The full length of the communication requirement is 3 × 128 = 354 bits. In the upcoming requirement, two considerations are elated, which are 2 × 128 = 256 bits. Thus, we proved that the suggested scheme is the best and overcomes the others, that is References [18,31,32] in terms of computational cost and communication costs.

6. Security Analysis

This part primarily offers a discussion of the proposed scheme, which can meet all of the necessary safety needs between the SB and the CC. The subsequent condition is identical to the initial one.

As mentioned earlier, the components of data security include data integrity, privacy and confidentiality. Considering the broadcast nature of wireless and internet communications, the SG data may be interfered with and substituted by the adversary; such a system is considered quite risky in the event of a system outage. Therefore, the present model decrypts the data by utilizing a one-time session key. This unique random key is generated after the authentication stage and is altered periodically. This method of data encryption (one-time key-based) may meet all three data security properties, whereby any data alteration or adversary’s replay attempt may simply be identified using a tag that is highly resistant to falsification.

6.1. Preventing the Replay Attack

The process of conducting a replay attack requires the attacker to tap into the authentication message that is normally transferred to the CC from the SB. After the SB-CC interchange, the attacker’s attempts to have the same message replayed surpasses the system’s verification process. In the present authentication procedure, it is only practical to transfer the secret parameter in the authentication message to the CC from the SB only once. Therefore, in case the attacker attempts to have the same request message intercepted or resent, the CC is then able to easily identify it by using the ID shadow’s hash function of the SB’s Hsb_j. In the same method, if an attacker tries to copy an authentication message and resends it to the SS, then this action can be easily detected by the CC. For this approach, the suggested unidentified authentication protocol may hold against the replay attacks.

6.2. Resistance to Forgery Attacks

Interception and modification of existing legal data for the SB to pass the CC’s authentication procedure may be targeted by the attacker as well. In such a situation, the attacker is expected to build a useable authentication message using a useable secret parameter to meet the SGMA. Therefore, to achieve this, it is important for the attacker to get rid of the ID shadow’s function of the SB and to understand the unknown parameter (p_j). The attacker finds it quite hard to determine this parameter (secret parameter p_j) as its insertion into the SB is done in its offline mode, while the α_j value is random and is utilized only one time. Contrary to this, the attacker may disguise attempts as the CC to acquire the benefits. If this happens to be the case, then the attacker is required to create a valid message of authentication and to equally understand the random value (α_j; β_j) and the secret parameter p_j. In doing this, the proposed scheme will be able to offer resistance against forgery attacks.

6.3. Sustaining Mutual Authentication

In the present proposal, the SB is authenticated by the CC via having the random value α_j and the ID shadow’s hash function of the SS verified in the message of authentication, where a genuine SB creates a valid message of authentication. Nonetheless, a random value of α_j is considered in the authentication of the SS by the CC, where this value is computed from IDsbw_j (α_j = IDsbw_j ⊕ IDsb_j). The resulting hash is OHsb_j = h (IDsbw_j || α_j) and is expected to correspond to the ID shadow’s hash function of the SB in the message of authentication OHsb_j = Hsb_j. On the other hand, the CC’s legitimacy can be authenticated by the SB using the random values of β_j and α_j, as well as the hash value Hcc_j = h (IDccw_c|| α_j || β_j), which are expected to correspond to the resulting hash value of OHcc_j. By doing this, the proposed scheme suits the mutual authentication property.

6.4. Supporting Anonymity Authentication

For the proposed design, both the random values (α_j; β_j) and the secure number p_j may offer solution issues like intractability and anonymity, nonetheless, the idea that the secure number p is integrated into the SB while being in offline status. For this study, this concept is considered during the ID shadow’s encryption and decryption. The ID shadow is used in hiding the one-time random value (α_j; β_j), whereby a secret parameter p_j is considered for encrypting it. Authentication is achieved as a courtesy of this random value; therefore, the scheme in the present study promotes anonymous authentication. Nonetheless, while executing the process of anonymous authentication in the present study, the parameters in the authentication message are not allowed to be sent at one time. For the purposes of acquiring PAE (Privacy Against Eavesdroppers), it is imperative to employ an effective approach such as the proposed scheme.

7. Conclusions

The SG is likely to be the most reasonable key for forthcoming energy problems. With proper security, the SG can play a vital role in solving these energy management issues. The security and privacy of communication between the SB and the CC are important to prevent partial system outages that may lead to large-scale blackouts, damage of the electrical equipment or serious consequences in the power grid. Pursuing higher security by sacrificing communication and computation costs is unfair to the utility. The main contributions of this paper are highlighted as follows: Firstly, the authentication between the CC and the SBs in SG is introduced in this paper, which is presently missing in the literature of this field. Second, in the field of performance, a lightweight authentication scheme for SG communication using the crypto hash function with masked identity, as well as symmetric cryptography for various exchanges, is proposed. Third, upon its comparison with other schemes, the proposed scheme is the best regarding the computation and communication costs. For future work, the proposed scheme can be injected to the REF542plus controller using manufacturing software such as CAN Open digital fieldbus, which can be applied by the help of ABB switchgear companies. Thus, the suggested scheme can be appropriate for real-time SG applications. Therefore, the importance of this article is that the proposed scheme can provide a suitable industry-security level with low computation and communication costs.