PKC and PUF-Based Authentication and Secret Key Establishment in Smart Grid

Reliable and secure operation of smart grid depends on authentication and secure communication between nodes at all hierarchical levels of smart grid, that is, between central control station (SCADA) and substations, between distributed energy resources (DERs) controller and SCADA, between phasor measurement units (PMUs) and phasor data concentrators (PDCs), between DERs and the substation, and between smart meters and the utility provider. The existing standards for data communication between nodes in smart grid, such as IEEE C37.118.2 and IEC 61850-90-5, either do not specify cybersecurity specifications for communication between nodes or there are security vulnerabilities. This project proposes three main novel approaches for authentication and symmetric key establishment between the nodes at all hierarchical levels in the smart grid. The first one is based on public key cryptography (PKC) and post-quantum cryptography (PQC), the second one is based on physically unclonable functions (PUFs) employing a novel concept of binary string shuffling, and the third one is a novel data-driven sanity authentication mechanism at DERs primary controller (e.g., inverter primary local controller) that minimizes the impact of a potential security breach and triggers post-attack control schemes for resiliency enhancement. This project also aims at addressing the security vulnerabilities of the existing standards by integrating the proposed authentication, secret key establishment, and encryption-based secure communication mechanisms with existing standards for reliable authentication and communication between nodes in smart gird. This project plans to integrate proposed authentication, key establishment, and encryption mechanisms with inverters’ gateway and other grid-edge devices and address real-time requirements. The developed technologies will be validated and demonstrated using testbed platforms available at team institutions’ laboratories, in a small-scale network of inverters, and large-scale utility-owned facilities. This project is highly relevant to advance cybersecurity technologies specifically designed to reduce cyber risks to energy delivery infrastructure. The project will ensure compliance of developed security technologies with recent security standards by NIST and communication standards by IEEE and IEC.  It is anticipated that this effort will have a tremendous impact in supporting and ensuring a more secure, resilient, and reliable energy delivery system by developing next generation authentication and encryption mechanisms to mitigate a cyber incident disruption to energy delivery. The proposed technology has two potential pathways for commercialization and technology to market: (1) university-led team and industry partners for security technologies, (2) university-led team and utility partner FPL for integration with smart grid devices and resiliency enhancement of energy delivery system.