1. Securing the Smart Grid with
SafeNet HSMs
SafeNet
WH
WHITEPAPER
WHITEPAPER
Overview
The smart grid is the first major effort to modernize an energy infrastructure that has
remained largely unchanged over the past several decades. The smart grid creates a network
of links between customers and utility companies that provides increased insight into and
management of energy consumption, cost, and workload across the entire energy grid. At a
time when energy utilities play an increasingly important part of our everyday lives, smart
grid technologies introduce new security challenges that must be addressed. Implementing a
smart grid without proper security could result in grid instability, loss of private information,
utility fraud, and unauthorized access to energy consumption data.
Building a trusted smart grid will require robust security solutions, and interoperability from
multiple vendors, that can be easily deployed at the communication and application layers of
the smart grid infrastructure. In the first phase of smart grid deployments, traditional meters
will be replaced with meters that can be read remotely, called smart meters. The Advance
Metering Infrastructure (AMI) is the second phase of the smart grid and uses smart meters
to enable a two-way channel of communication between meters and the utility company.
Securing this two-way line of communication is imperative, and will require a solution for
Head End Trusted Identity authentication and Smart Meter device attestation to ensure the
integrity of the grid. Leveraging this integrity will allow utilities to both; issue trusted firmware
upgrades on deployed smart meters, and verify data from smart meters coming back to the
deployed Head End Systems. This system integrity will maintain security, and minimize cost
footprint of upgrades to the deployed smart meters.
A critical component of smart grid security is cryptography and key management, which will
ensure confidentiality, authenticity, and integrity of devices and communications within the
grid. Every cryptographic system needs strong protections for the top-level cryptographic
material used to provide the systems trust anchor. Typically, compromise of these top-level
keys results in complete or at least very broad system-wide compromise. This is where
hardware security modules offer significant trust value.
Securing the Smart Grid with SafeNet HSMs Whitepaper 1
2. HSMs Role in the Smart Grid
Smart grid security solutions must be able to deploy on a large scale, with minimal effect
on applications. Securing the smart grid at the communication layer will require a system
to identify connected meters, to verify that these meters are configured correctly, and to
validate these meters for network access. The recommended solution for this authentication
process is an identity based model, often a Public Key Infrastructure (PKI). PKIs are ideal for
large-scale security deployments that require a high level of security with minimal impact
on performance. In a PKI environment, it is essential that private keys and certificates are
guarded with a reliable key management solution that protects against ever-evolving data
threats, such as hardware security modules (HSMs).
HSMs require secure interoperability with deployed Smart Grid infrastructures. For years,
various industries have relied on HSMs for securing the most sensitive PKI environments.
In fact, SFNT HSMs have a long standing history with large scale deployments in the
financial industry, working to define and implement industry standard based deployments,
and deployed to protect more financial transactions than any other HSM (more than a
trillion Dollars day) applications. SafeNet HSMs offer a cost-effective PKI solution for
easy deployment in smart grid infrastructures. With the SafeNet PKI Bundle, product and
maintenance costs are dramatically reduced by combining HSM functionality that usually
requires two or more HSMs into a single HSM “bundle” of modular functions. For CAs with
certificates and root keys, for example, rather than requiring separate HSMs for key generation
and key export for offline and online root CAs, the requirements can be fulfilled by one SafeNet
HSM that stores keys in hardware to achieve FIPS 140-2 L3 security. In addition, with high-
performance RSA, ECC, and AES cryptographic services, SafeNet HSMs are the only HSM in
the industry that can keep up with the performance requirements of even the most complex
advanced smart grid deployments.
Generation
High Value
Endpoints
Suppliers
Device ID DR
PKI PKI
Provisioning
Head-End
PKI
Messaging
Production
Code Signing
HAN
Utility Engineering
Development
Code Signing Utility Operations
PEV
End to End Security
HSMs Uses Related to Smart Grid Functions
Device Identities. A SafeNet HSM performs many vital security functions during the
manufacturing of smart grid devices. While issuing device identity certificates at the factory,
the SafeNet HSM can protect both a sub-ordinate CA and registration authority (RA) key
pairs, and secure signing key for any firmware or code loaded at manufacturing time. Hosting
a sub-ordinate CA at the each manufacturing site isolates the site both operationally and
cryptographically. HSM-supported RA functionality at the manufacturing site is important
as the HSM provides high entropy RNG seed material and FIPS 140-2 Level 3-certified key
generation for each device. The resource-constrained nature of smart grid devices makes
Securing the Smart Grid with SafeNet HSMs Whitepaper 2
3. it critical to ensure devices are provisioned with FIPS Validated high entropy seed material.
Therefore, it is important to offer support for both CA and RA capabilities in the same HSM
Bundle—SafeNet HSMs support this through the PKI Bundle feature without compromising
security. Once manufactured with a trusted identity, a deployed device is expected to remain in
the field for a long period, during that period the HSM is used to securely sign all firmware or
Device ID updates in the field
Root CA
Vendor DR CA Site
Contract
Manufacturers ……
Utilities
Equipment vendors certifying device IDs at manufacturing
Device Provisioning. The same SafeNet HSM features and capabilities that support device
issuance, as described above, can also be used by utility companies to provision devices
within their infrastructures. In this case, deploying subordinate CAs at distribution centers,
where meters and other devices are accepted into the utility’s control. Of course, this may
be at a central office when provisioning is done during final installation at the site. Here, the
utility either re-certifies the key pair created by the device manufacturer or generates their
own completely new key pair and certificate. Device identities (certificates) are one part of
the provisioning, HSMs are also leveraged for firmware updates and code signing -an equally
important part of a secure end-to-end system. At this staging point, it is also critical to import
into each device a trust root database, informing the devices which head-end systems to trust.
Such device provisioning is required to maintain security, and minimize operational costs, in
the long life expectancy of smart meters once deployed.
Securing the Smart Grid with SafeNet HSMs Whitepaper 3
4. Key
Manager
Head
PKI Utility
End
HSMs in
High Availability
Device
HSMs in
Vendor High Availability
Device
Manifests
Device S/N
Customer ID
Create/Certify ID
Issue Device ID Pre - provisioned Issue Utility keys
Seed Device
End Point
Installer
From factory to deployment
Device Re-Certification. It would certainly be tempting to issue device certificates with
very long lifecycles to avoid re-certification challenges altogether. However, this is not
practical given the realities of the infrastructure. Devices fail and are replaced, devices
require upgraded certificates, and the device firmware could get compromised—all leading
to potential point of weakness. Because of this, device certificates and firmware need to
have reasonable lifecycles and, therefore, utilities need the ability to re-certify the devices.
The same set of SafeNet HSMs used for device provisioning can support re-certification. Of
course, this is standard CA functionality but highlights another reason why utilities need their
own PKI.
Secure Message Processing. In smart grid infrastructures, the confidentiality, integrity, and
authenticity of messages are critical. Meters need to accept commands only from authentic
head-end systems, and the integrity and confidentiality of meter data must be assured. HSMs
are critical in protecting the high assurance trusted head-end system Identities. Endpoint
devices can use their certificates to sign and encrypt messages destined for the head-
end system. At the head-end messaging side, keys used to sign commands and messages
directed to the endpoint are obviously high-value keys. A compromise of these keys could also
compromise a substantial portion of the infrastructure. SafeNet HSM’s provide the security,
performance, and reliability, and cross vendor interoperability required to support this
function. SafeNet HSMs provide 5 9’s availability and high-performance RSA, ECC, and AES
cryptographic services capable of supporting a wide range of secure messaging architectures.
SafeNet HSMs are also capable of protecting very large quantities of keys, so it’s easy to
ensure keys are used for only one purpose and to devise schemes that cryptographically
segment a network into a large number of keys to provide further isolation within the
infrastructure.
Securing the Smart Grid with SafeNet HSMs Whitepaper 4
5. Distribution
Automation
Meter Data
Mgmt System Head End
HSMs in
Meter Reading
High Availability
Residential
Generation
Meter
Management
Demand
Management
Pluggable
Electric Vehicle
Digital envelope messaging
Device Authentication. Given the massive scale associated with many smart grid
deployments, utilities need to carefully manage their certificate policies. Without proper
segmentation and lifetimes, revocation schemes will quickly become overwhelmed.
Segmenting a utility’s equipment cryptographically as discussed above is one component
of the strategy. Another strategy is the use of On-Line Certificate Status responders.
Traditionally, a head-end system would check an OCSP responder directly while validating
a device’s certificate. However, a recommended approach has the end devices periodically
collecting their own certificate status. The devices cache the responses, and then supply it to
the head end with each message. This approach has the advantage of making the grid more
robust to equipment failures, but has the disadvantage of broadening the attack footprint.
A compromise of the OCSP responder key pair could then be used to supply fraudulent
certificate status. SafeNet HSMs provide the performance and FIPS 140-2 Level 3 protections-
protection of the OCSP responder private keys, offsetting the risk associated with caching
certificate statuses. The HSM partitioning capability means the utility does not need a
dedicated HSM to support the OCSP responder.
Securing the Smart Grid with SafeNet HSMs Whitepaper 5
6. DR
PKI
Device Vendor
Utility Utility Root
Federated
Neighbors
……
Device ID
HSMs in
High Availability
Regional
Sub Roots
West Central East
Securing utilities segmented by domain
Infrastructure Trust Anchors. As utilities and smart grid vendors deploy PKIs within their
solutions, they often choose to set up their own private PKI, as opposed to basing it on a public
CA, however both are viable options. SafeNet HSMs are the market leader in both Enterprise
PKI, and hosted PKI Services options. An Enterprise PKI provides the policy controls and
assurance necessary that are not always available in a public CA. When deploying root CAs,
it is common to keep the root offline and use it under very strict controls on a rare basis. The
SafeNet HSM family includes small form factor, high security HSMs ideal for a root CA. These
devices are small enough to be stored in a safe, provide all the security demanded by root key
protection and, of course, interoperate with the rest of SafeNet’s HSM family.
Securing the Smart Grid with SafeNet HSMs Whitepaper 6
7. Smart Grid
Distributed
Generation and Storage
Utility Infrastructure Consumer
Encrypted
Information
PKI and Key
Management
HSMs for
Root of Trust
HSMs are the secure root of trust for protecting the smart grid
Secure Management of Meters. Securely update the metering settings, configuration, security
credentials, and firmware of all devices in the smart grid system. Signing and encryption
of messages was discussed previously under the Secure Message Processing use case. In
addition, SafeNet HSMs can be used to protect code signing keys. These high-value keys are
used to sign firmware update images destined for endpoint devices. Compromise of these keys
can lead to fraudulent software loads on devices, so an HSM is a natural place to host these
keys.
Utility Engineering
Secure over the air
Utility Operations firmware update
Development
Code Signing
Production
Code Signing
HSMs in HAN
High Availability
Suppliers HSMs in
High Availability
Initial
Production
Firmware
Provisioning
Installer
Secure firmware management
Securing the Smart Grid with SafeNet HSMs Whitepaper 7
8. HSMs Features Supporting Smart Grid Uses
Compliance and Certifications: SafeNet HSMs have been validated to FIPS 140-2 Level 3 and
Common Criteria EAL4+. They also facilitate compliance with PII, NIST, and NERC audits.
HSM Partitioning. A key challenge in a smart grid is the overall scale of the deployments. It is
not uncommon for a utility to have millions of endpoints. This leads to all sorts of challenges
in the cryptographic management system, including the impact of a key compromise
and management of the CRLs. One recommended strategy to address these issues is to
cryptographically segment the utility into regions or groups. Establishing subordinate
certificate authorities for each region or group limits the impact of any compromise. This
segmenting scheme also helps manage the size of CRLs since they will be issued on a per-
segment basis. SafeNet HSMs support this approach through a secure flexible partitioning
capability. A single physical HSM can be segmented into up to twenty logically separate
HSMs, referred to as partitions. This can be field upgradable to up to 100 partitions per HSM.
Keys stored within each partition are not just separated by thin access control lists, but
are fully cryptographically isolated from every other partition. Partitions can be mapped to
independent applications, assigned object limits per partition and, perhaps most importantly,
can be controlled by a separate group of users. This feature is not only useful to utilities,
but is also instrumental for device manufacturers. It provides the capability to run separate
subordinate CAs at the factory for each end customer, tailoring the manufacturing of devices
to specific customers. Through HSM partitioning, a device manufacturer can cryptographically
isolate its customers so that a compromise of one customer does not impact other customers.
It also enables the use of low-cost contract manufacturers without putting at risk security-
sensitive customers who may not be able to accept devices manufactured in certain countries.
Meter Data Head End
Code Signing PKI Root Key Manager
Mgmt System Messaging
High Availability
HSM and
Root of Trust Load Balancing
Automatic Key
DR site Replication
for HSMs
HSM partitioning for support of multiple applications in the smart grid
HSM Key Usage Controls. Smart grid devices can be manufactured all over the world and,
given the cost sensitivities; they are often manufactured in locations that have limited trust.
SafeNet HSMs provide key usage controls that allow a remote authority to manage how often
a particular key is used. With this capability, an organization can tightly control how many
devices each contract manufacturer produces—preventing the production of fraudulent
devices by manufacturing vendors.
Securing the Smart Grid with SafeNet HSMs Whitepaper 8