Towards a security architecture for substations

Abstract

The security of the electricity delivery system has received much attention recently with increasing focus on Smart Grids. While substations used to be protected by concrete walls and barbed wire, today the industry is getting worried about attacks over the communication infrastructure. In this paper, we analyse the primary threats and present a first cut of a security architecture. We suggest security policy options for utilities, as well as protocols to do key management for substations. We conclude that the priority should be to secure the electronic perimeter of substation—as this has the maximum impact. Authentication should be done at the level of the substation station room rather the substation bays. Using cryptography for authentication inside substation bays does not have significant benefits, but is likely to bring fragility instead.