X.500 Standard status
(Implementors' Guide)

X.509 Related activities

How to be involved

More Information

Tutorial section 1
X.500 General

Tutorial section 2
X.509 specific

X.509 at work

edit SideBar

Search

Threats against Smart Grid

This page is under development

There are almost an indefinite number of threats against the Smart Grid. Here we will not regard all the classical ones, like unreliable employees. In the following are listed some threats. The list is currently quite preliminary, but will be expanded as time allows.

Physical threats

Smart meters, photovoltaic inverters, etc. are placed in consumer areas to which there is very easy access. Such devices are difficult to protected physically and can easily be made the entry point for all kinds of viruses, e.g., Trojan horses. The network serving consumer units should be separated as far as possible from the network serving the more critical units.

Configuration problems

The many devices and their communication channels, there are many possibilities for configuration errors.

The generation and distribution of public-key certificates may be error prune. The same is the case for trust anchor information.

Software problems

Denial-of-Service (DoS) attacks

There is much literature on different types of traditional DoS attacks. All these types have to be considered when analysing Smart Grid security. Listing of such attack types may be added in the future with comments on how they relate to Smart Grid, but currently only the types of attacks that are specific for Smart Grid are considered.

  • If a public-key certificate of a device is deleted or replaced with an illegal one, this device cannot any longer communicate with other devices and is thereby put out of service.
  • If a public-key certificate for a device is revoked, this device is out of service.
  • If the revocation service is out of order, it is not possible to validate public-key certificates and the whole network is out of service.
  • Communication overhead may cause delays in the ICT network, which may result in faulty control of the electric grid.
  • Destruction of the private key will put a device out of operation.
  • If the trust anchor information in a device is replaced with illegal information, such a device would accept a public-key certificate from a hostile unit and may get into communication with such a unit.

Trojan horses

  • The large number of devices provides many entry points for Trojan horses. Such a Trojan horse may then propagate to other units.

Collision attack

As discussed in Message digest, an insecure hash algorithm may result in a collision attack.

Bogus public-key certificates

Man-in-the-middle attacks

Page Actions

Recent Changes

Group & Page

Back Links