Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices
Abstract
:1. Introduction
2. Prior Work Related to IoT Device Security for Smart Grids
3. Research Gaps and Novel Contributions
3.1. Problem Formulation
3.2. Research Gaps
- To the best of our knowledge, most IoT authentication schemes provide attestation and authentication mechanisms without considering the integrity of the device software.
- Most schemes use a cryptography key for attestation but may be vulnerable to software or intruders.
- Very few schemes provide complete authentication between IoT devices and servers for smart grids.
- Lightweight authentication schemes such as IoT devices in smart grids are generally resource constraints.
3.3. Research Contribution
- The paper proposes a certificate-based authentication scheme for IoT devices containing a TPM in a smart grid.
- Device authentication utilizes a preloaded certificate and establishes a secret session key after mutual authentication.
- The integrity of device software is ensured using TPM PCR measurement and comparison.
- The proposed scheme has validated its performance on the widely acceptable AVISPA tool and the random or real (ROR) model.
- Our analysis illustrates that the proposed model is secure, privacy-preserving, and supports minimal communicational overhead.
4. The Roles of the Trusted Platform Module (TPM) for Hardware-Assisted Security (HAS) for Smart Grids
4.1. Hardware Assisted Security (HAS)
4.2. Trusted Platform Module (TPM) for Smart Grid IoT Devices
- Key generation and secure storage: Communication mainly occurs in the smart grid system in an open environment. Hence, secure storage and key generation are fundamental requirements in the smart grid network. The generation of cryptographic keys is one of the TPM’s fundamental functions. The secret key is generated by a random number generator (RNG) or a secret seed. TPM can generate an infinite number of keys. The endorsement key (EK) always remains inside the TPM, while the Attestation Identification Key (AIK) is used for attestation purposes.
- Integrity management: This is another vital feature of TPM. For the integrity of devices in smart grid IoT systems, all devices must be periodically configured because any vulnerability in any device increases the likelihood that the entire system will fail. TPM has multiple Platform Configuration Registers (PCRs), and the PCRs hash and store system states. After the defined interval, each execution hash value is recomputed and compared with the previous accumulated value. As resetting or rolling back the PCR to its original state is impossible, any suspicious activity can be easily detected. An integrity measurement at system boot or startup ensures the client’s trust [30].
- Remote attestation: The advantages of the remote attestation technique for smart grid systems include confidentiality and defense against the man in the middle (MITM). Cryptography-based systems are considered secure against various attacks, but in some instances, cryptography keys are compromised, resulting in the entire system being under threat. Therefore, validating the entity or key became imperative before allowing system access. TPM performs an attestation to validate the entity’s or key’s trustworthiness and authenticity. TPM generates a quote that contains the hash of the PCR state and nonce, signed by TPM. At the other end, if the TPM signature is validated, it is authenticated, and the nonce ensures the freshness of the quote and avoids a replay attack.
- Authorization of an entity: This gives an authenticated device or user the necessary permissions to access smart grid resources. Access control ensures that correctly recognized entities only access SG resources. By managing an entity’s authorization, malicious attackers can alter the status or data of the entity. TPM can be used to mitigate these security threats. The PCR can be set to a specific value by defining a specific policy for an entity, so that when PCR is set to a desirable value, devices are only accessible. Hence, all IoT devices are protected from unauthorized access, as all PCRs can roll back to the desired value.
- User Identification and Secure Communication: One of the key differences between smart and traditional grids is their two-way communication. This has several potential benefits, such as distributed smart sensors, distributed power generation, real-time measurements with metering infrastructure, monitoring systems, and fast response, which require reliable communication and information exchange. It enables smart grids to communicate effectively to provide dependable electricity generation and distribution. TPM generates a random nonce that prevents replay attacks and secures communication between smart grid IoT devices [31].
4.3. Digital Certificate Extensions in SG-IoT Network
4.4. Remote Attestation Procedures (RATS) in IoT-Aided Smart Grids
5. The Proposed Fortified-Grid Model
5.1. Network Model
5.2. Assumptions
5.3. Threat Model
- An adversary can control the insecure communication channels of an SG network and hence eavesdrop, modify, alter, or block transmitted messages on the smart grid IoT network.
- An adversary can obtain secrets stored in NVM for smart grid devices via a side-channel attack.
- An adversary cannot compromise GWN since it is fully trusted in a smart grid system.
- An adversary can perform clone or physical attacks, a man in the middle, password guessing, etc., except they cannot perform cryptanalysis in a smart grid network.
6. Proposed Scheme for TPM-Based Authentication in Smart Grids
6.1. Registration Phase
6.2. Initialization Phase
Algorithm 1: Initialization Process |
: Smart grid IoT device A creates a random nonce and measure PCR event log →: , : IoT device B creates a random nonce and measure PCR event log →: , |
Algorithm 2: Authentication Process |
: Smart gird IoT device A creates a TPM Quote quote = () →: quote,PCR, cert,Ta : verify the signature of CA and extracts from : unsign and verify contains expected and : verify if event log of = : IoT device B creates a TPM Quote quote = () →: quote, cert,Tb : verify the signature of CA and extracts from : verify contains expected and : verify if = : verify if ≤ Ta − Tb |
Algorithm 3: Session Key Generation and Exchange |
: smart gird IoT device A TPM generates ephemeral key pair , public part of ephemeral key : calculates secret →: secret, , cert,Ta : verify the signature of CA and extracts from : verify contains expected and : IoT device B TPM generates ephemeral key pair , public part of ephemeral key : calculates session key SKba = kdf(‖‖‖) : calculates secret →: secret, , cert,Tb : verify the signature of CA and extracts from : verify contains expected and : calculates session key SKab = kdf(‖‖‖) |
6.3. Remote Attestation Phase
- Step 1: Device A, which wants to communicate with B, generates a unique random nonce (Na). It sends the value of Na towards B and makes a request for a PCR event log. Attesting device PCRs ( and ) are extended with measurements. Device B generates a unique random nonce (Nb) PCR event log (PCReveB) and sends it toward A. After that, device A sends the PCR event log (PCReveA) towards B. Finally, both devices exchange the nonce, and send the PCR event logs to each other.
- Step 2: IoT device A creates a TPM quote and sends , , towards device B.
- Step 3: Device B verifies the signature of CA and extracts from and unsign and verify contains expected and . Further verify if event log of =
- Step 4: Device B transmits , , toward device A.
- Step 5: Device A verifies the signature of CA and extracts from and unsign and verify contains expected and . Further verify if event log of =
- Step 6: Verify if the time difference is within the threshold limit ≤ Ta − Tb.
- The signature of TPM evidence does not match;
- If the nonce in the quote does not match the original quote, as it may be a replay message;
- If the PCR value received in the quote does not match the PCR evidence log;
- If the time difference Ta or Tb exceeds the threshold limit set for the freshness of messages.
6.4. Session Key Establishment Phase
7. Security Analysis of Proposed TPM-Based IoT Smart Grid Network
7.1. Security Verification Using AVISPA Tool
7.2. Formal Verification Using Random or Real Oracle Model
- Send (Y, M): In this query, can send message M to Y in the smart grid and receive a specific entity’s response.
- Execution (Y): uses this query to launch a passive attack in the smart grid. It can eavesdrop on all messages transmitted between , , and .
- Reveal (Y): can get the session key SK of , by executing this query.
- Corrupt (Y): If this query is executed, it will obtain the long-term session key SK in the smart grid.
- Test (Y): can send a query to any participant in V2G, and it tosses a coin. Obtain the correct secret key if C = 1 . If C = 0, then a randomly selected value of the same bit string, which equals SK, is returned.
- : In the first round of the game, does not make any query. The probability of successfully cracking is
- : In this round, performs Execute (Y) operation. only intercepts message QuoteA, QuoteB, CertA, and CertB transmitted over an insecure communication channel. Since the value of dhA.pvt and dhB.pvt are unknown, can not calculate the secret session key SKab and SKba. Hence, the probability of is same as .
- : In this round, performs a Send (Y) operation other than . As per Zipf’s law, the probability of is
- : In this round, performs one more query (Y) operation and one less operation Send (Y). According to the birthday paradox, the probability of collusion occurring during the hash query simulation is
- : In this game uses , to acquire the or secret dh key . Assume that acquires the dh key . Because cannot calculate the value of , it cannot calculate the SK, where SKab = kdf(‖‖‖). Therefore, the probability of is
- : uses Corrupt (Y) to capture the parameters in is , . Therefore, the probability of is
- : In this game, can guess session key SKab and SKba. The session key remains independent from oracle and other parameters. Hence, the probability of isBased on Equations (1)–(8), we obtained Equation (10), which proves the theorem.
7.3. Informal Security Analysis
8. Experimental Results
8.1. Computational Overhead Analysis
8.2. Communicational Overhead Analysis
8.3. Discussion
- The major challenges for secure IoT redeployment in a smart gird are secret key leakage, firmware compromise, and hardware-based routes of trust. To mitigate these challenges, we propose an X.509 certificate-based TPM protocol.
- The proposed scheme addresses hardware security challenges, secret key storage, integrity measurement, and remote firmware upgrades. TPM protects against ransomware or any other kind of hack and malware.
- However, these schemes have limitations, such as the dynamic addition of new nodes. Due to space, power, and cost limitations, TPM is unsuitable for resource-constrained devices. Research is needed to reduce the cost and power consumption for the wide application of TPM in security. A trusted third party or certificate authority (CA) is required for the validation of digital certificate X.509. The results are also compared with other state-of-the-art methods, where our proposed model outperforms other related work in terms of computational overhead and robustness.
9. Conclusions
Author Contributions
Funding
Data Availability Statement
Conflicts of Interest
References
- Wang, B.; Ma, H.; Wang, F.; Dampage, U.; Al-Dhaifallah, M.; Ali, Z.M.; Mohamed, M.A. An IoT-Enabled Stochastic Operation Management Framework for Smart Grids. IEEE Trans. Intell. Transp. Syst. 2022, 24, 1025–1034. [Google Scholar] [CrossRef]
- Sharma, G.; Joshi, A.M.; Mohanty, S.P. An efficient physically unclonable function based authentication scheme for V2G network. In Proceedings of the IEEE International Symposium on Smart Electronic Systems (iSES) (Formerly iNiS), Jaipur, India, 20–22 December 2021; pp. 421–425. [Google Scholar]
- Kim, Y.; Hakak, S.; Ghorbani, A. Smart grid security: Attacks and defence techniques. IET Smart Grid 2022, 6, 103–123. [Google Scholar] [CrossRef]
- Kim, K.T.; Lim, J.D.; Kim, J.N. An iot device-trusted remote attestation framework. In Proceedings of the 2022 24th International Conference on Advanced Communication Technology (ICACT), Pyeongchang, Republic of Korea, 13–16 February 2022; IEEE: New York, NY, USA, 2022; pp. 218–223. [Google Scholar]
- Berbecaru, D.G.; Sisinni, S. Counteracting software integrity attacks on IoT devices with remote attestation: A prototype. In Proceedings of the 2022 26th International Conference on System Theory, Control and Computing (ICSTCC), Sinaia, Romania, 19–21 October 2022; pp. 380–385. [Google Scholar]
- Jain, A.; Joshi, A.M. Device authentication in IoT using reconfigurable PUF. In Proceedings of the 2nd IEEE Middle East and North Africa COMMunications Conference (MENACOMM), Manama, Bahrain, 19–21 November 2019; pp. 1–4. [Google Scholar]
- Sharma, G.; Joshi, A.M.; Mohanty, S.P. sTrade: Blockchain based secure energy trading using vehicle-to-grid mutual authentication in smart transportation. Sustain. Energy Technol. Assess. 2023, 57, 103296. [Google Scholar] [CrossRef]
- Bathalapalli, V.K.; Mohanty, S.P.; Kougianos, E.; Iyer, V.; Rout, B. PUFchain 4.0: Integrating PUF-based TPM in Distributed Ledger for Security-by-Design of IoT. In Proceedings of the Great Lakes Symposium on VLSI 2023, Knoxville, TN, USA, 5–7 June 2023; pp. 231–236. [Google Scholar]
- Goudarzi, A.; Ghayoor, F.; Waseem, M.; Fahad, S.; Traore, I. A Survey on IoT-Enabled Smart Grids: Emerging, Applications, Challenges, and Outlook. Energies 2022, 15, 6984. [Google Scholar] [CrossRef]
- Chiu, W.-Y.; Meng, W.; Li, W. TPMWallet: Towards Blockchain Hardware Wallet using Trusted Platform Module in IoT. In Proceedings of the 2023 International Conference on Computing, Networking and Communications (ICNC), Honolulu, HI, USA, 20–22 February 2023; pp. 336–342. [Google Scholar]
- Jain, H.; Kumar, M.; Joshi, A.M. Intelligent energy cyber physical systems (iECPS) for reliable smart grid against energy theft and false data injection. Electr. Eng. 2021, 104, 331–346. [Google Scholar] [CrossRef]
- Sharma, R.; Joshi, A.M.; Sahu, C.; Sharma, G.; Akindeji, K.T.; Sharma, S. Semi Supervised Cyber Attack Detection System For Smart Grid. In Proceedings of the 30th Southern African Universities Power Engineering Conference (SAUPEC), Durban, South Africa, 25–27 January 2022; pp. 1–5. [Google Scholar]
- Zhu, Q. Multilayer cyber-physical security and resilience for smart grid. In Smart Grid Control: Overview and Research Opportunities; Springer: Cham, Switzerland, 2019; pp. 225–239. [Google Scholar]
- Haggi, H.; Song, M.; Sun, W. A review of smart grid restoration to enhance cyber-physical system resilience. In Proceedings of the IEEE Innovative Smart Grid Technologies-Asia (ISGT Asia), Chengdu, China, 21–24 May 2019; pp. 4008–4013. [Google Scholar]
- Puthal, D.; Mohanty, S.P. Proof of authentication: IoT-friendly blockchains. IEEE Potentials 2018, 38, 26–29. [Google Scholar] [CrossRef]
- Xu, L.; Guo, Q.; Yang, T.; Sun, H. Robust routing optimization for smart grids considering cyber-physical interdependence. IEEE Trans. Smart Grid 2018, 10, 5620–5629. [Google Scholar] [CrossRef]
- Halle, P.D.; Shiyamala, S. Secure advance metering infrastructure protocol for smart grid power system enabled by the Internet of Things. Microprocess. Microsyst. 2022, 95, 104708–104718. [Google Scholar] [CrossRef]
- Zhang, J.; Cui, J.; Zhong, H.; Chen, Z.; Liu, L. PA-CRT: Chinese remainder theorem based conditional privacy-preserving authentication scheme in vehicular ad-hoc networks. IEEE Trans. Dependable Secur. Comput. 2019, 18, 722–735. [Google Scholar] [CrossRef]
- Zhong, H.; Cao, W.; Zhang, Q.; Zhang, J.; Cui, J. Toward trusted and secure communication among multiple internal modules in CAV. IEEE Internet Things J. 2021, 8, 17734–17746. [Google Scholar] [CrossRef]
- Fuchs, A.; Kern, D.; Krauß, C.; Zhdanova, M. HIP: HSM-based identities for plug-and-charge. In Proceedings of the 15th International Conference on Availability, Reliability and Security, Virtual, 25–28 August 2020; pp. 1–6. [Google Scholar]
- Dave, A.; Wiseman, M.; Safford, D. SEDAT: Security Enhanced Device Attestation with TPM2. 0. arXiv 2021, arXiv:2101.06362. [Google Scholar]
- Wazid, M.; Das, A.K.; Shetty, S. TACAS-IoT: Trust Aggregation Certificate-Based Authentication Scheme for Edge-Enabled IoT Systems. IEEE Internet Things J. 2022, 9, 22643–22656. [Google Scholar] [CrossRef]
- Chen, L.; Qian, S.; Lim, M.; Wang, S. An enhanced direct anonymous attestation scheme with mutual authentication for network-connected UAV communication systems. China Commun. 2018, 15, 61–76. [Google Scholar] [CrossRef]
- Kabir, S.; Gope, P.; Mohanty, S.P. A Security-enabled Safety Assurance Framework for IoT-based Smart Homes. IEEE Trans. Ind. Appl. 2022, 59, 6–14. [Google Scholar] [CrossRef]
- Khurshid, A.; Raza, S. AutoCert: Automated TOCTOU-secure digital certification for IoT with combined authentication and assurance. Comput. Secur. 2023, 124, 102952–102962. [Google Scholar] [CrossRef]
- Huang, H.F.; Liu, K.C. A new dynamic access control in wireless sensor networks. In Proceedings of the IEEE Asia-Pacific Services Computing Conference, Yilan, Taiwan, 9–12 December 2008; pp. 901–906. [Google Scholar]
- Kim, H.S.; Lee, S.W. Enhanced novel access control protocol over wireless sensor networks. IEEE Trans. Consum. Electron. 2009, 55, 492–498. [Google Scholar] [CrossRef]
- Broström, T.; Zhu, J.; Robucci, R.; Younis, M. IoT boot integrity measuring and reporting. ACM SIGBED Rev. 2018, 15, 14–21. [Google Scholar] [CrossRef]
- Kuang, B.; Fu, A.; Susilo, W.; Yu, S.; Gao, Y. A survey of remote attestation in Internet of Things: Attacks, countermeasures, and prospects. Comput. Secur. 2022, 112, 102498. [Google Scholar] [CrossRef]
- Biswas, S.; Sharif, K.; Li, F.; Maharjan, S.; Mohanty, S.P.; Wang, Y. PoBT: A lightweight consensus algorithm for scalable IoT business blockchain. IEEE Internet Things J. 2019, 7, 2343–2355. [Google Scholar] [CrossRef]
- Puthal, D.; Obaidat, M.S.; Nanda, P.; Prasad, M.; Mohanty, S.P.; Zomaya, A.Y. Secure and sustainable load balancing of edge data centers in fog computing. IEEE Commun. Mag. 2018, 56, 60–65. [Google Scholar] [CrossRef]
- Shen, J.; Zhou, T.; Wei, F.; Sun, X.; Xiang, Y. Privacy-preserving and lightweight key agreement protocol for V2G in the social Internet of Things. IEEE Internet Things J. 2017, 5, 2526–2536. [Google Scholar] [CrossRef]
- Trusted Company Group. TCG TPM 2.0 Automotive Thin Profile For TPM Family 2.0; Trusted Company Group: Beaverton, OR, USA, 2018. [Google Scholar]
- Armando, A.; Basin, D.; Boichut, Y.; Chevalier, Y.; Compagna, L.; Cuéllar, J.; Drielsma, P.H.; Héam, P.C.; Kouchnarenko, O.; Mantovani, J.; et al. The AVISPA tool for the automated validation of internet security protocols and applications. In Proceedings of the 17th International Conference, CAV 2005, Edinburgh, UK, 6–10 July 2005; pp. 281–285. [Google Scholar]
- Malani, S.; Srinivas, J.; Das, A.K.; Srinathan, K.; Jo, M. Certificate-based anonymous device access control scheme for IoT environment. IEEE Internet Things J. 2019, 6, 9762–9773. [Google Scholar] [CrossRef]
Works | Primitive Used | Features | Vulnerabilities |
---|---|---|---|
Zhang et al. 2019 [18] | TPD, ECDLP | Chinese-remainder-theorem-based security of VANETs smart grid system. | No integrity measurement, lack of security |
Zhong et al. 2021 [19] | TPM, SGX, HMAC | Connected and autonomous vehicles (CAVs) of smart grids | High overhead, lack of proper security mechanism |
Wazid et al. 2022 [22] | TTP, Digital certificate | Less computational and communication overhead | Provide no Hardware-assisted security and firmware integrity |
Khurshid et al. 2023 [25] | TPM, RATS, X.509 | Supports hardware-assisted security and firmware integrity | Each time communicates with TTP for certificate, hence large overheads |
Currently proposed (Fortified-Grid) | TPM, RATS, X.509 | Hardware security for SG IoT devices, servers, and gateway, TPM ensures the integrity of firmware | Slightly higher overhead due to application of TPM |
Symbols | Descriptions |
---|---|
P | Generator point ECC |
h | One-way hash function |
, | IoT Dev A,B |
, | Random number a,b |
, | PCR value of A,B |
, | PCR event value of A,B |
, | PCR reference value of A,B |
, | Attestation Public key of A,B |
, | Attestation Pvt. key of A,B |
, | Digital certificate of dev. A,B |
Ta, Tb | Time stamp of A,B |
, | Diffi–Helman Public key of A,B |
Cryptographic Operation | Time (s) |
---|---|
Hash (Th) | 0.138 |
Random number (Trng) | 0.535 |
Encryption (Te) | 4.420 |
Decryption (Td) | 4.420 |
Bilinear pairing (Tbp) | 42.11 |
Scheme | Authentication Cost | Session Cost | Total Cost (s) |
---|---|---|---|
Zhang et al. [18] | 5 Te + 2 Th | Te + Th | 23.75 |
Zhong et al. [19] | 2 Tbp + Th | 2 Th | 84.48 |
Wazid et al. [22] | 6 Tem + 11 Th | 6 Tem + 12 Th | 56.26 |
Khurshid et al. [25] | 2 Trn + 3 Te + 3 Td | 2 Trn + 3 Te + 3 Td + 2 Th | 55.18 |
Fortified-Grid | 2 Trn + 2 Te + 2 Td | 2 Trn + 2 Te + 2 Td + 2 Th | 37.78 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Sharma, G.; Joshi, A.M.; Mohanty, S.P. Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices. Information 2023, 14, 491. https://doi.org/10.3390/info14090491
Sharma G, Joshi AM, Mohanty SP. Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices. Information. 2023; 14(9):491. https://doi.org/10.3390/info14090491
Chicago/Turabian StyleSharma, Giriraj, Amit M. Joshi, and Saraju P. Mohanty. 2023. "Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices" Information 14, no. 9: 491. https://doi.org/10.3390/info14090491
APA StyleSharma, G., Joshi, A. M., & Mohanty, S. P. (2023). Fortified-Grid: Fortifying Smart Grids through the Integration of the Trusted Platform Module in Internet of Things Devices. Information, 14(9), 491. https://doi.org/10.3390/info14090491