diff options
author | jaseg <git@jaseg.net> | 2019-12-28 10:51:58 +0100 |
---|---|---|
committer | jaseg <git@jaseg.net> | 2019-12-28 10:51:58 +0100 |
commit | 6dd75fd080777e6b013f5cd4308c1da9d12f40db (patch) | |
tree | 2e165b7700a8617b4ac164e4fe0b7283df0e548d | |
parent | f2c7387637f705d53ca273a498cb4c1c694edb0b (diff) | |
download | master-thesis-6dd75fd080777e6b013f5cd4308c1da9d12f40db.tar.gz master-thesis-6dd75fd080777e6b013f5cd4308c1da9d12f40db.tar.bz2 master-thesis-6dd75fd080777e6b013f5cd4308c1da9d12f40db.zip |
Initial commit
-rw-r--r-- | ma/Makefile | 19 | ||||
-rw-r--r-- | ma/murks.tex | 160 | ||||
-rw-r--r-- | ma/safety_reset.tex | 336 | ||||
-rw-r--r-- | smart_meter_reset.bib | 461 |
4 files changed, 515 insertions, 461 deletions
diff --git a/ma/Makefile b/ma/Makefile new file mode 100644 index 0000000..3645f5f --- /dev/null +++ b/ma/Makefile @@ -0,0 +1,19 @@ + +SHELL := bash +.ONESHELL: +.SHELLFLAGS := -eu -o pipefail -c +.DELETE_ON_ERROR: +MAKEFLAGS += --warn-undefined-variables +MAKEFLAGS += --no-builtin-rules + +all: safety_reset.pdf + +%.pdf: %.tex %.bib + pdflatex $< + biber $* + pdflatex $< + +.PHONY: clean +clean: + rm -f safety_reset.aux safety_reset.bbl safety_reset.bcf safety_reset.log safety_reset.blg + rm -f safety_reset.out safety_reset.run.xml texput.log diff --git a/ma/murks.tex b/ma/murks.tex new file mode 100644 index 0000000..4c3527e --- /dev/null +++ b/ma/murks.tex @@ -0,0 +1,160 @@ +% LaTeX-Vorlage für die Titelseite und Selbständigkeitserklärung einer Abschlussarbeit +% basierend auf der vorigen Institutsvorlage des Instituts für Informatik +% sowie der Vorlage für Promotionsarbeiten. +% +% erweitert: 2014-06-12 Dennis Schneider <dschneid@informatik.hu-berlin.de> + +% gepunktete Linie unter Objekt: +\newcommand{\TitelPunkte}[1]{% + \tikz[baseline=(todotted.base)]{ + \node[inner sep=1pt,outer sep=0pt] (todotted) {#1}; + \draw[dotted] (todotted.south west) -- (todotted.south east); + }% +}% + +% gepunktete Linie mit gegebener Länge: +\newcommand{\TitelPunktLinie}[1]{\TitelPunkte{\makebox[#1][l]{}}} + +\makeatletter + +\newcommand*{\@titelTitel}{Titel der Arbeit} +\newcommand{\titel}[1]{\renewcommand*{\@titelTitel}{#1}} % Titel der Arbeit +\newcommand*{\@titelArbeit}{Arbeitstyp} +\newcommand{\typ}[1]{\renewcommand*{\@titelArbeit}{#1}} % Typ der Arbeit +\newcommand*{\@titelGrad}{akademischer Grad} +\newcommand{\grad}[1]{\renewcommand*{\@titelGrad}{#1}} % Akademischer Grad +\newcommand*{\@titelAutor}{Autor} +\newcommand{\autor}[1]{\renewcommand*{\@titelAutor}{#1}} % Autor der Arbeit +\newcommand*{\@titelGeburtsdatum}{\TitelPunktLinie{2cm}} +\newcommand{\gebdatum}[1]{\renewcommand*{\@titelGeburtsdatum}{#1}} % Geburtsdatum des Autors +\newcommand*{\@titelGeburtsort}{\TitelPunktLinie{5cm}} +\newcommand{\gebort}[1]{\renewcommand*{\@titelGeburtsort}{#1}} % Geburtsort des Autors +\newcommand*{\@titelGutachterA}{\TitelPunktLinie{5cm}} +\newcommand*{\@titelGutachterB}{\TitelPunktLinie{5cm}} +\newcommand{\gutachter}[2]{\renewcommand*{\@titelGutachterA}{#1}\renewcommand*{\@titelGutachterB}{#2}} % Erst- und Zweitgutachter +\newcommand*{\@titelEinreichungsdatum}{\TitelPunktLinie{3cm}} % Datum der Einreichung, wird nicht vom Studenten ausgefüllt +\newcommand*{\@titelVerteidigungsdatum}{} % Verteidigungstext, wird nicht vom Studenten ausgefüllt +\newcommand{\mitverteidigung}{\renewcommand*{\@titelVerteidigungsdatum}{verteidigt am: \,\,\TitelPunktLinie{3cm}}} % Verteidigungsplatzhalter erzeugen +\newcommand*{\@wastwoside}{} + +% Titelseite erzeugen: +\newcommand{\makeTitel}{% + % Speichere, ob doppelseitiges Layout gewählt wurde: +\if@twoside% + \renewcommand*{\@wastwoside}{twoside} +\else + \renewcommand*{\@wastwoside}{twoside=false} +\fi + \begin{titlepage} + % Ändern der Einrückungen + \newlength{\parindentbak} \setlength{\parindentbak}{\parindent} + \newlength{\parskipbak} \setlength{\parskipbak}{\parskip} + \setlength{\parindent}{0pt} + \setlength{\parskip}{\baselineskip} + + \thispagestyle{empty} + + \begin{minipage}[c][3cm][c]{12cm} + \textsc{% + % optischer Randausgleich per Hand: + \hspace{-0.4mm}\textls*[68]{\Large Humboldt-Universität zu Berlin}\\ + \normalsize \textls*[45]{ + Mathematisch-Naturwissenschaftliche Fakultät\\ + Institut für Informatik + } + } + \end{minipage} + \hfill + + + % Also wenn schon serifenlose Schriften (Titel), dann ganz oder gar nicht + \sffamily + + \vfill + + \begin{center} + \begin{doublespace} + \vspace{\baselineskip} + {\LARGE \textbf{\@titelTitel}}\\ + %\vspace{1\baselineskip} + {\Large + \@titelArbeit\\ + zur Erlangung des akademischen Grades\\ + \@titelGrad + \vspace{\baselineskip} + } + \end{doublespace} + \end{center} + + \vfill +\newcolumntype{L}{>{\raggedright\arraybackslash}X} + {\large \raggedleft + \begin{tabularx}{\textwidth}{l@{\,\,\raggedright~}L} % verbreiterter Abstand zwischen Feldern wurde gewünscht + eingereicht von: & \@titelAutor\\ + geboren am: & {\@titelGeburtsdatum}\\ + geboren in: & \@titelGeburtsort + \vspace{0.5\baselineskip}\\ + Gutachter/innen: & \@titelGutachterA \\ + & \@titelGutachterB + \vspace{0.5\baselineskip}\\ + eingereicht am: & \@titelEinreichungsdatum \hfill \@titelVerteidigungsdatum + \end{tabularx}} + \vspace{-1\baselineskip}\\\phantom{x} % Übler Hack, um eine Warnung wg. einer zu leeren hbox zu verhindern + % Wiederherstellen der Einrückung + \setlength{\parindent}{\parindentbak} + \setlength{\parskip}{\parskipbak} + \end{titlepage} + + % Aufräumen: + \let\@titelTitel\undefined + \let\titel\undefined + \let\@titelArbeit\undefined + \let\typ\undefined + \let\@titelGrad\undefined + \let\grad\undefined + \let\@titelAutor\undefined + \let\autor\undefined + \let\@titelGeburtsdatum\undefined + \let\gebdatum\undefined + \let\@titelGeburtsort\undefined + \let\gebort\undefined + \let\@titelGutachterA\undefined + \let\@titelGutachterB\undefined + \let\gutachter\undefined + \let\@titelEinreichungsdatum\undefined + \let\einreichungsdatum\undefined + \let\@titelVerteidigungsdatum\undefined + \let\verteidigungsdatum\undefined + + \let\@wastwoside\undefined + \cleardoublepage % ganzes Blatt für die Titelseite +} + +% Als Allerallerletztes kommt Selbständigkeitserklärung: +% Aufruf mit dem Datum in deutscher und englischer Form +\newcommand{\selbstaendigkeitserklaerung}[1]{% + \cleardoublepage% Wieder auf eine eigene Doppelseite + {\parindent0cm + \subsection*{Selbständigkeitserklärung} + Ich erkläre hiermit, dass ich die vorliegende Arbeit selbständig verfasst + und noch nicht für andere Prüfungen eingereicht habe. + Sämtliche Quellen einschließlich Internetquellen, die unverändert oder + abgewandelt wiedergegeben werden, insbesondere Quellen für Texte, Grafiken, + Tabellen und Bilder, sind als solche kenntlich gemacht. Mir ist bekannt, + dass bei Verstößen gegen diese Grundsätze ein Verfahren wegen + Täuschungsversuchs bzw. Täuschung eingeleitet wird. + \vspace{3\baselineskip} + + {\raggedright Berlin, den #1 \hfill \TitelPunktLinie{8cm}\\} +% \vspace{3\baselineskip} +% +% \selectlanguage{english} +% \subsection*{Statement of authorship} +% Hier würde die englische Selbständigkeitserklärung folgen, falls gewünscht. Doch es fehlt eine akzeptable Übersetzung. +% \vspace{3\baselineskip} +% +% Berlin, #2 \hfill \TitelPunktLinie{6cm} + } +}% + +\makeatother diff --git a/ma/safety_reset.tex b/ma/safety_reset.tex new file mode 100644 index 0000000..41b511b --- /dev/null +++ b/ma/safety_reset.tex @@ -0,0 +1,336 @@ +\documentclass[12pt,a4paper,notitlepage]{report} +\usepackage[utf8]{inputenc} +\usepackage[a4paper,textwidth=17cm, top=2cm, bottom=3.5cm]{geometry} +\usepackage[T1]{fontenc} +\usepackage[ + backend=biber, + style=numeric, + natbib=true, + url=true, + doi=true, + eprint=false + ]{biblatex} +\addbibresource{safety_reset.bib} +\usepackage{amssymb,amsmath} +\usepackage{listings} +\usepackage{eurosym} +\usepackage{wasysym} +\usepackage{amsthm} +\usepackage{tabularx} +\usepackage{multirow} +\usepackage{multicol} +\usepackage{tikz} + +\usetikzlibrary{arrows} +\usetikzlibrary{backgrounds} +\usetikzlibrary{calc} +\usetikzlibrary{decorations.markings} +\usetikzlibrary{decorations.pathreplacing} +\usetikzlibrary{fit} +\usetikzlibrary{patterns} +\usetikzlibrary{positioning} +\usetikzlibrary{shapes} + +\usepackage{hyperref} +\usepackage{tabularx} +\usepackage{commath} +\usepackage{graphicx,color} +\usepackage{subcaption} +\usepackage{float} +\usepackage{footmisc} +\usepackage{array} +\usepackage[underline=false]{pgf-umlsd} +\usetikzlibrary{calc} +%\usepackage[pdftex]{graphicx,color} +%\usepackage{epstopdf} +% Needed for murks.tex +\usepackage{setspace} +\usepackage[draft=false,babel,tracking=true,kerning=true,spacing=true]{microtype} % optischer Randausgleich etc. +% For german quotation marks + +\newcommand{\foonote}[1]{\footnote{#1}} +\newcommand{\degree}{\ensuremath{^\circ}} +\newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}} + +\begin{document} + +% Beispielhafte Nutzung der Vorlage für die Titelseite (bitte anpassen): +\input{murks} +\titel{FIXME} % Titel der Arbeit +\typ{Masterarbeit} % Typ der Arbeit: Diplomarbeit, Masterarbeit, Bachelorarbeit +\grad{Master of Science (M. Sc.)} % erreichter Akademischer Grad +% z.B.: Master of Science (M. Sc.), Master of Education (M. Ed.), Bachelor of Science (B. Sc.), Bachelor of Arts (B. A.), Diplominformatikerin +\autor{Jan Sebastian Götte} +\gebdatum{Aus datenschutzrechtlichen Gründen nicht abgedruckt} % Geburtsdatum des Autors +\gebort{Aus datenschutzrechtlichen Gründen nicht abgedruckt} % Geburtsort des Autors +\gutachter{Prof. Dr. Björn Scheuermann}{FIXME} % Erst- und Zweitgutachter der Arbeit +\mitverteidigung % entfernen, falls keine Verteidigung erfolgt +\makeTitel +\selbstaendigkeitserklaerung{31.03.2020} +\newpage + +% Hier folgt die eigentliche Arbeit (bei doppelseitigem Druck auf einem neuen Blatt): +\tableofcontents +\newpage + +\chapter{Introduction} +\section{Structure and operation of the electrical grid} +\subsection{Structure of the electrical grid} +\subsubsection{Generators and loads} +\subsubsection{Transformers} +\subsubsection{Tie lines} + +\subsection{Operational concerns} +\subsubsection{Modelling the electrical grid} +\subsubsection{Generator controls} +\subsubsection{Load shedding} +\subsubsection{System stability} +\subsubsection{Power System Stabilizers} + +\subsubsection{Smart metering} + +\section{Regulatory frameworks around the world} +\subsection{International standards} +\subsection{Regulations in Europe} +\subsection{The regulatory situation in Germany} +\subsection{The regulatory situation in France} +\subsection{The regulatory situation in the UK} +\subsection{The regulatory situation in Italy} +\subsection{The regulatory situation in northern America} +\subsection{The regulatory situation in Japan} +\subsection{Common themes} + +\section{Security in smart grids} +The smart grid in practice is nothing more or less than an aggregation of embedded control and measurement devices that +are part of a large control system. This implies that all the same security concerns that apply to embedded systems in +general also apply to most components of a smart grid in some way. Where programmers have been struggling for decades +now with input validation\cite{leveson01}, the same potential issue raises security concerns in smart grid scenarios as +well\cite{mo01, lee01}. Only, in smart grid we have two complicating factors present: Many components are embedded +systems, and as such inherently hard to update. Also, the smart grid and its control algorithms act as a large +(partially-)distributed system, making problems such as input validation or authentication difficult to +implement\cite{blaze01} and adding a host of distributed systems problems on top\cite{lamport01}. + +Given that the electrical grid is a major piece of essential infrastructure in modern civilization, these problems +amount to significant issues in practice. Attacks on the electrical grid may have grave consequences\cite{lee01} all the +while the long maintenance cycles of various components make the system slow to adapt. Thus, components for the smart +grid need to be built to a much higher standard of security than most consumer devices to ensure they live up to +well-funded attackers even decades down the road. This requirement intensifies the challenges of embedded security and +distributed systems security among others that are inherent in any modern complex technological system. + +\subsection{Smart grid components as embedded devices} +A fundamental challenge in smart grid implementations is the central role smart electricity meters play. Smart meters +are used both for highly-granular load measurement and (in some countries) load switching\cite{zheng01}. +Smart electricity meters are effectively consumer devices. They are built down to a certain price point that is +measured by the burden it puts on consumers and that is generally fixed by regulatory authorities. % FIXME cite +This requirement precludes some hardware features such as the use of a standard hardened software environment on a +high-powerded embedded system (such as a hypervirtualized embedded linux setup) that would both increase resilience +against attacks and simplify updates. Combined with the small market sizes in smart grid deployments +\footnote{ + Most vendors of smart electricity meters only serve a handful of markets. For the most part, smart meter development + cost lies in the meter's software % TODO cite? + and most countries use their own home-grown standards, creating a large development burden for new market entrants + \cite{cenelec01}. +} +this produces a high cost pressure on the software development process for smart electricity meters. + +\subsection{The state of the art in embedded security} +Embedded security generally is much harder than security of higher-level systems. This is due to a combination of the +unique constraints of embedded devices (hard to update, usually small quantity) and their lack of capabilities +(processing power, memory protection functions, user interface devices). Even very well-funded companies continue to +have serious problems securing their embedded systems. A spectacular example of this difficulty is the recently-exposed +flaw in Apple's iPhone SoC first-stage ROM bootloader\footnote{ + Modern system-on-chips integrate one or several CPUs with a multitude of peripherals, from memory and DMA + controllers over 3D graphics accelerators down to general-purpose IO modules for controlling things like indicator + LEDs. Most SoCs boot from one of several boot devices such as flash memory, ethernet or USB according to a + configuration set e.g. by connecting some SoC pins a certain way or set by device-internal write-only fuse bits. + + Physically, one of the processing cores of the SoC (usually one of the main CPU cores) is connected such that it is + taken out of reset before all other devices, and is tasked with switching on and configuring all other devices of + the SoC. In order to run later intialization code or more advanced bootloaders, this core on startup runs a very + small piece of code hard-burned into the SoC in the factory. This ROM loader initializes the most basic peripherals + such as internal SRAM memory and selects a boot device for the next bootloader stage. + + Apple's ROM loader performs some authorization checks, to ensure no unauthorized software is loaded. The present + flaw allows an attacker to circumvent these checks, booting code not authorized by Apple on a USB-connected iPhone, + compromising Apple's chain of trust from ROM loader to userland right at its root. +}, that allows a full compromise of any iPhone before the iPhone X. iPhone 8, one of the affected models, is still being +manufactured and sold by Apple today\footnote{ + i.e. at the time this paragraph was written, on %FIXME +}. In another instance, Samsung put a flaw in their secure-world firmware used for protection of sensitive credentials +in their mobile phone SoCs in % FIXME year % . +If both of these very large companies have trouble securing parts of their secure embedded software stacks measuring a +mere few hundred bytes in Apple's case or a few kilobytes in Samsung's, what is a smart electricity meter manufacturer +to do? For their mass-market phones, these two companies have R\&D budgets that dwarf some countries' national budgets. +% FIXME hyperbole? +% FIXME cite + +Since thorough formal verification of code is not yet within reach for either large-scale software development or +code heavy in side-effects such as embedded firmware or industrial control software\cite{pariente01} +the two most effective measures for embedded security is reducing the amount of code on one hand, and labour-intensively +checking and double-checking this code on the other hand. A smart electricity manufacturer does not have a say in the +former since it is bound by the official regulations it has to comply with, and will almost certainly not have sufficient +resources for the latter. +% FIXME expand? +% FIXME cite some figures on code size in smart meter firmware? + +\subsection{Attack avenues in the smart grid} +If we model the smart grid as a control system responding to changes in inputs by regulating outputs, on a very high +level we can see two general categories of attacks: Attacks that directly change the state of the outputs, and attacks +that try to influence the outputs indirectly by changing the system's view of its inputs. The former would be an attack +such as one that shuts down a power plant to decrease generation capacity. The latter would be an attack such as one +that forges grid frequency measurements where they enter a power plant's control systems to provoke increasing +oscillation in the amount of power generated by the plant according to the control systems' directions. +% FIXME cite +% FIXME expand + +\subsubsection{Communication channel attacks} +Communication channel attacks are attacks on the communication links between smart grid components. This could be +attacks on IP-connected parts of the core network or attacks on shared busses between smart meters and IP gateways in +substations. Generally, these attacks can be mitigated by securing the aforementioned communication links using modern +cryptography. IP links can be protected using TLS, and more low-level busses can be protected using more lightweight +Noise-based protocols. % FIXME cite +Cryptographic security transforms an attackers ability to manipulate communication contents into a mere denial of +service attack. Thus, in addition to cryptographic security safety under DoS conditions must be ensured to ensure +continued system performance under attacks. This safety property is identical with the safety required to withstand +random outages of components, such as communications link outages due to physical damage from storms, flooding etc. +% FIXME cite papers on attack impact, on coutermeasures and on attack realization + +\subsubsection{Exploiting centralized control systems} +The type of smart grid attack most often cited in popular discourse, and to the author's knowledge % FIXME verify, cite +the only type that has so far been conducted in practice, is a direct attack on centralized control systems. In this +attack, computer components of control systems are compromised by the same techniques used to compromise any other kind +of computer system such as exploiting insecure services running on internet-exposed ports and using one compromised +system to compromised other systems connected with it through an ostensably secure internal network. These attacks are +very powerful as they yield the attacker direct control over whatever outputs the control systems are controlling. If an +attacker manages to compromise a power stations control computers, they may be able to influence generation output or +even cause an emergency shutdown. % FIXME + +Despite their potentially large impact, these attacks are only moderately interesting from a scientific perspective. For +one, their mitigation mostly consists of a straightforward application of security practices well-known for decades. +Though there is room for the implementation of genuinely new, application-specific security systems in this field, the +general state of the art is lacking behind the rest of the computer industry such that the low-hanging fruit should take +priority. % FIXME cite this bold claim very properly + +In addition, given political will these systems can readily be secured since there is only a comparatively small number +of them and driving a technician to every one of them in turn to install some security update is perfectly feasible. + +\subsubsection{Control function exploits} +Control function exploits are attacks on the mathematical control loops used by the centralized control system. One +example of such an attack would be resonance attacks as described in \textcite{wu01}. +In this kind of attack, inputs from peripheral sensors indicating grid load to the centralized control system are +carefully modified to cause a disproportionally large oscillation in control system action. This type of attack relies +on complex resonance effects that arise when mechanical generators are electrically coupled. These resonances, +coloquially called ``modes'' are well-studied in power system engineering\cite{rogers01,grebe01,entsoe01}. +% FIXME: refer to section on stability control above here +Even disregarding modern attack scenarios, for stability electrical grids are designed with measures in place to dampen +any resonances inherent to grid structure. Still, requiring an accurate grid model these resonances are hard to analyze +and unlikely to be noiticed under normal operating conditions. + +Mitigation of these attacks is most easily done by on the one hand ensuring unmodified sensor inputs to the control +systems in the first place, and on the other hand carefully designing control systems not to exhibit exploitable +behavior such as oscillations. +% FIXME cite mitigation approaches + +\subsubsection{Endpoint exploits} +One rather interesting attack on smart grid systems is one exploiting the grid's endpoint devices such as smart +electricity meters\footnote{ + Though potentially this could also aim at other kinds of devices distributed on a large scale such as sensors in + unmanned substations. % FIXME cite verify +} +These meters are deployed on a massive scale, with several thousand meters deployed for every substation. +% FIXME cite (this should be straightforward) +Thus, once compromised restoration to an uncompromised state can be potentially very difficult if it requires physical +access to thousands of devices hidden inaccessible in private homes. + +By compromising smart electricity meters, an attacker can trivially forge the distributed energy measurements these +devices perform. In a best-case scenario, this might only affect billing and lead to customers being under- or +over-charged if the attack is not noticed in time. However, in a less ideal scenario the energy measurements taken by +these devices migth be used to inform the grid centralized control systems % FIXME cite (straightforward) +and a falsification of these measurements might lead to inefficiency or even instability. + +In some countries and for some customers, these smart meters have one additional function that is highly useful to an +attacker: They contain high-current load switches to disconnect the entire household or business in case electricity +bills are left unpaid for a certain period. In countries that use these kinds of systems, the load disconnect is often +simply hooked up to one of the smart merter's central microcontroller's general-purpose IO pins, allowing anyone +compromising this microcontroller's firmware to actuate the load switch at will. % FIXME validate cite add pictures + +Given control over a large number of network-connected smart meters, an attacker might thus be able to cause large-scale +disruptions of power consumption by repeatedly disconnecting and re-connecting a large number of consumers. +% FIXME cite some analysis of this +Combined with an attack method such as the resonance attack from \textcite{wu01} +that was mentioned above, this scenario poses a serious danger to grid stability. + +% FIXME add small-scale load shedding for heaters etc. + +\subsection{Attacker models in the smart grid} +\subsection{Practical attacks} +\subsection{Practical threats} +\subsection{Conclusion, or why we are doomed} + +\chapter{Restoring endpoint safety in an age of smart devices} +\section{The theory of endpoint safety} +\subsection{Attack characteristics} +\subsection{Complex microcontroller firmware} +\subsection{Modern microcontroller hardware} +\subsection{Regulatory and economical constraints} +\subsection{Safety vs. Security: Opting for restoration instead of prevention} +\subsection{Technical outline of a safety reset} + +\section{Communication channels on the grid} +\subsection{Powerline communication systems and their use} +\subsection{Proprietary wireless systems} +\subsection{Landline IP} +\subsection{IP-based wireless systems} +\subsection{Frequency modulation as a communication channel} +\subsubsection{The frequency dependance of grid frequency} +\subsubsection{Control systems coupled to grid frequency} +\subsubsection{Avoiding dangerous modes} +\subsubsection{Overall system parameters} +\subsubsection{An outline of practical implementation} + +\section{From grid frequency to a reliable communications channel} +\subsection{Channel properties} +\subsection{Modulation and its parameters} +\subsection{Error-correcting codes} +\subsection{Cryptographic security} + +\chapter{Practical implementation} +\section{Cryptographic validation} + +\section{Data collection for channel validation} +\subsection{Frequency sensor hardware design} +\subsection{Frequency sensor measurement results} + +\section{Channel simulation and parameter validation} + +\section{Implementation of a demonstrator unit} + +\section{Experimental results} + +\section{Lessons learned} + +\chapter{Future work} +\section{Technical standardization} +\section{Regulatory adoption} +\section{Practical implementation} + +\newpage +\appendix +\chapter{Acknowledgements} +\newpage + +\chapter{References} +\nocite{*} +\printbibliography +\newpage + +\chapter{Demonstrator schematics and code} + +\chapter{Economic viability of countermeasures} +\section{Attack cost} +\section{Countermeasure cost} +\section{Conclusion} + +\chapter{The ethics and security implications of centralized crackdown on energy theft} + +\end{document} diff --git a/smart_meter_reset.bib b/smart_meter_reset.bib deleted file mode 100644 index d1e1e7d..0000000 --- a/smart_meter_reset.bib +++ /dev/null @@ -1,461 +0,0 @@ -@online{bnetza1, - author = {Bundesnetzagentur}, - publisher = {Bundesnetzagentur}, - title = {Smart Meter}, - url = {https://web.archive.org/web/20190919100204/https://www.bundesnetzagentur.de/DE/Sachgebiete/ElektrizitaetundGas/Verbraucher/NetzanschlussUndMessung/SmartMetering/SmartMeter_node.html}, - urldate = {2019-09-19}, - year = {2019} -} - -@online{bmwi1, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik} and {Bundesministerium f{\"u}r Wirtschaft und Energie}}, - month = jan, - publisher = {Bundesministerium f{\"u}r Wirtschaft und Energie}, - title = {Standardisierungsstrategie zur sektor{\"u}bergreifenden Digitalisierung nach dem Gesetz zur Digitalisierung der Energiewende}, - url = {https://web.archive.org/web/20190919100713/https://www.bmwi.de/Redaktion/DE/Downloads/S-T/standardisierungsstrategie.pdf?__blob=publicationFile&v=4}, - urldate = {2019-09-19}, - year = {2019} -} - -@online{bsi-tr-03109, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = nov, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {Technische Richtlinie BSI TR-03109}, - url = {https://web.archive.org/web/20190919102010/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR03109.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=3}, - urldate = 2019-09-19, - year = {2015} -} - -@online{bsi-tr-03109-1, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = jan, - number = {v1.0.1}, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-1: Anforderungen an die Interoperabilit{\"a}t der Kommunikationseinheit eines intelligenten Messsystems}, - url = {https://web.archive.org/web/20190919102217/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR03109-1.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=3}, - urldate = 2019-09-19, - year = {2019} -} - -@online{bsi-tr-03109-6, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = nov, - number = {v1.0}, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-6: Smart Meter Gateway Administration}, - url = {https://web.archive.org/web/20190919102651/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-6-Smart_Meter_Gateway_Administration.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=4}, - urldate = 2019-09-19, - year = {2015} -} - -@online{bsi-tr-03109-4, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = aug, - number = {v1.2.1}, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-4: Public Key Infrastruktur f{\"u}r Smart Meter Gateways}, - url = {https://web.archive.org/web/20190919102649/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-4_PKI.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=3}, - urldate = 2019-09-19, - year = {2017} -} - -@online{bsi-tr-03109-2, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = dec, - number = {v1.1}, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-2: Smart Meter Gateway - Anforderungen an die Funktionalit{\"a}t und Interoperabilit{\"a}t des Sicherheitsmoduls}, - url = {https://web.archive.org/web/20190919102644/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-2-Anforderungen_an_die_Funktionalitaet.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=3}, - urldate = 2019-09-19, - year = {2014} -} - -@online{bsi-tr-03109-3, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - month = apr, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-3: Kryptographische Vorgaben f{\"u}r die Infrastruktur von intelligenten Messsystemen}, - url = {https://web.archive.org/web/20190919102648/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-3_Kryptographische_Vorgaben.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=1}, - urldate = 2019-09-19, - year = {2014} -} - -@online{bsi-tr-03109-1-I, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {TR-03109-1 Anlage I: CMS-Datenformat f{\"u}r die Inhaltsdatenverschl{\"u}sselung und -signatur}, - url = {https://web.archive.org/web/20190919104234/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1\_Anlage\_CMS.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2\_cid351?\_\_blob=publicationFile\&v=2}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-II, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage II: COSEM/HTTP Webservices}, - url = {https://web.archive.org/web/20190919104234/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1\_Anlage\_CMS.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2\_cid351?\_\_blob=publicationFile\&v=2}, - urldate = 2019-09-19, - year = {2012} -} - -@online{bsi-tr-03109-1-IIIb, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage III: Feinspezifikation {\glqq}Drahtlose LMN-Schnittstelle`` Teil b: {\glqq}OMS Technical Report Security``}, - url = {https://web.archive.org/web/20190919110101/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1_Anlage_Feinspezifikation_Drahtlose_LMN-Schnittstelle-Teil2.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=2}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-IIIa, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage III: Feinspezifikation {\glqq}Drahtlose LMN-Schnittstelle`` Teil a: {\glqq}OMS Specification Volume 2, Primary Communication``}, - url = {https://web.archive.org/web/20190919110054/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1_Anlage_Feinspezifikation_Drahtlose_LMN-Schnittstelle.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=2}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-IVa, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage IV: Feinspezifikation {\glqq}Drahtgebundene LMN-Schnittstelle`` Teil a: {\glqq}HDLC f{\"u}r LMN``}, - url = {https://web.archive.org/web/20190919110101/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1_Anlage_Feinspezifikation_Drahtlose_LMN-Schnittstelle-Teil2.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=2}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-IVb, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage IV: Feinspezifikation {\glqq}Drahtgebundene LMN-Schnittstelle`` Teil b: {\glqq}SML Smart Message Language``}, - url = {https://web.archive.org/web/20190919110756/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1\_Anlage\_Feinspezifikation\_Drahtgebundene\_LMN-Schnittstelle\_Teilb.pdf jsessionid=BD197BE4CB44C76EE7945640B8703844.2\_cid351?\_\_blob=publicationFile\&v=2}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-VI, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = mar, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage VI: Betriebsprozesse}, - url = {https://web.archive.org/web/20190919111203/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1_Anlage_Betriebsprozesse.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=1}, - urldate = 2019-09-19, - year = {2013} -} - -@online{bsi-tr-03109-1-VII, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = jan, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-1 Anlage VII: Interoperabilit{\"a}tsmodell und Ger{\"a}teprofile f{\"u}r Smart-Meter- Gateways}, - url = {https://web.archive.org/web/20190919111350/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-1_Anlage_Interop-Modell-Geraeteprofile.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=2}, - urldate = 2019-09-19, - year = {2019} -} - -@online{bsi-tr-03109-2-a, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.1}, - month = dec, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-2 Anhang A: Smart Meter Gateway Sicherheitsmodul Use Cases}, - url = {https://web.archive.org/web/20190919111540/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-2-Sicherheitsmodul_Use_Cases.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=2}, - urldate = 2019-09-19, - year = {2014} -} - -@online{bsi-tr-03109-2-b, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {v1.0}, - month = jun, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-2 Anhang B: Smart Meter Mini-HSM Anforderungen an die Funktionalit{\"a}t und Interoperabilit{\"a}t des Sicherheitsmoduls}, - url = {https://web.archive.org/web/20190919111832/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-2_Anhang_B_Smart_Meter_Mini_HSM.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=3}, - urldate = 2019-09-19, - year = {2017} -} - -@online{bsi-tr-03116-3, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03116 Kryptographische Vorgaben f{\"u}r Projekte der Bundesregierung}, - month = jan, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03116-3: Intelligente Messsysteme}, - url = {https://web.archive.org/web/20190919112052/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03116/BSI-TR-03116-3.pdf; jsessionid=CB56FC0D3137C5624CA697AB9E57671F.1_cid360?__blob=publicationFile&v=9}, - urldate = 2019-09-19, - year = {2019} -} - -@online{bsi-tr-03109-ts-1, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - booktitle = {Technische Richtlinie BSI TR-03109}, - edition = {00.91}, - month = jan, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-03109-TS-1: Testkonzept zu BSI TR-03109-1}, - url = {https://web.archive.org/web/20190919112310/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR03109/TR-03109-TS-1_Testkonzept.pdf; jsessionid=BD197BE4CB44C76EE7945640B8703844.2_cid351?__blob=publicationFile&v=1}, - urldate = 2019-09-19, - year = {2015} -} - -@online{bsi-tr-pruefstellen, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - edition = {v1.5}, - month = jan, - organization = {Bundesamt f{\"u}r Sicherheit in der Informationstechnik}, - title = {TR-Pr{\"u}fstellen: Anforderungen an Antragsteller zur Anerkennung als Pr{\"u}fstelle im Bereich Technischer Richtlinien}, - url = {https://web.archive.org/web/20190919112552/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/TR-Pruefstellen.pdf; jsessionid=A6B4CB8AD2C038741C656276CE874B61.2_cid369?__blob=publicationFile&v=10}, - urldate = 2019-09-19, - year = {2019} -} - -@article{mo01, - author = {Yilin Mo and Tiffany Hyun-Jin Kim and Kenneth Brancik and Dona Dickinson and Heejo Lee and Adrian Perrig and Bruno Sinopoli}, - journaltitle = {Proceedings of the IEEE}, - month = jan, - number = {1}, - pages = {195--209}, - publisher = {IEEE}, - title = {Cyber-Physical Security of a Smart Grid Infrastructure}, - url = {http://ieeexplore.ieee.org.sci-hub.tw/abstract/document/6016202; https://ieeexplore.ieee.org/abstract/document/6016202; https://www.researchgate.net/profile/Yilin_Mo/publication/224257991_Cyber-Physical_Security_of_a_Smart_Grid_Infrastructure/links/004635395d2f66a584000000.pdf}, - urldate = 2019-09-19, - volume = {100}, - year = {2012} -} - -@article{gungor01, - author = {Vehbi C. G{\"u}ng{\"o}r and Dilan Sahin and Taskin Kocak and Concettina Buccella and Carlo Cecati and Gerhard P. Hancke and Salih Erg{\"u}t}, - journaltitle = {IEEE Transactions on Industrial Informatics}, - month = nov, - number = {4}, - organization = {IEEE}, - pages = {529--539}, - title = {Smart Grid Technologies: Communication Technologies and Standards}, - url = {https://www.researchgate.net/profile/Salih_Ergut/publication/224257498_Smart_Grid_Technologies_Communication_Technologies_and_Standards/links/56ccb4e508ae85c8233bc062/Smart-Grid-Technologies-Communication-Technologies-and-Standards.pdf}, - volume = {7}, - year = {2011} -} - -@article{yan01, - author = {Ye Yan and Yi Qian and Hamid Sharif and David Tipper}, - doi = {10.1109/SURV.2012.021312.00034}, - journaltitle = {IEEE Communications Surveys \& Tutorials}, - organization = {IEEE}, - title = {A Survey on Smart Grid Communication Infrastructures: Motivations, Requirements and Challenges}, - url = {http://d-scholarship.pitt.edu/12508/1/Smart_Grid_Infrastructure_Final.pdf}, - year = {2012} -} - -@article{kabalci01, - author = {Yasin Kabalci}, - doi = {10.1016/j.rser.2015.12.114}, - journaltitle = {Renewable and Sustainable Energy Reviews}, - pages = {302--318}, - publisher = {Elsevier}, - title = {A survey on smart metering and smart grid communication}, - url = {https://www.researchgate.net/profile/Yasin_Kabalci/publication/289504234_A_survey_on_smart_metering_and_smart_grid_communication/links/5a6105aaaca272a1581745c1/A-survey-on-smart-metering-and-smart-grid-communication.pdf}, - volume = {57}, - year = {2016} -} - -@article{zhou01, - author = {Bin Zhou and Wentao Li and Ka Wing Chan and Yijia Cao and Yonghong Kuang and Xi Liu and Xiong Wang}, - journaltitle = {Renewable and Sustainable Energy Reviews}, - pages = {30--40}, - publisher = {Elsevier}, - title = {Smart home energy management systems: Concept, configurations, and scheduling strategies}, - url = {http://www.sciencedirect.com.sci-hub.tw/science/article/abs/pii/S1364032116002823}, - volume = {61}, - x-color = {#009966}, - year = {2016} -} - -@journal{lloret01, - author = {Jaime Lloret and Jesus Tomas and Alejandro Canovas and Lorena Parra}, - journaltitle = {IEEE Communications Magazine}, - organization = {IEEE}, - pages = {50--57}, - title = {An Integrated IoT Architecture for Smart Metering}, - urldate = 2019-09-19, - volume = {54}, - x-color = {#7a783b}, - year = {2016} -} - -@article{sharma01, - author = {Konark Sharma and Lalit Mohan Saini}, - doi = {10.1016/j.rser.2015.04.170}, - journaltitle = {Renewable and Sustainable Energy Reviews}, - pages = {720--735}, - publisher = {Elsevier}, - title = {Performance analysis of smart metering for smart grid: An overview}, - url = {http://www.sciencedirect.com.sci-hub.tw/science/article/abs/pii/S1364032115004402}, - urldate = 2019-09-19, - volume = {49}, - x-color = {#7a783b}, - year = {2015} -} - -@article{leiva01, - author = {Javier Leiva and Alfonso Palacios and Jos{\'e} A. Aguado}, - journaltitle = {Renewable and Sustainable Energy Reviews}, - pages = {227--233}, - publisher = {Elsevier}, - title = {Smart metering trends, implications and necessities: A policy review}, - url = {http://kchbi.chtf.stuba.sk/upload_new/file/Miro/Proc%20problemy%20odovzdane%20zadania/Cyprichov%C3%A1/SmartMetering.pdf; http://dx.doi.org/10.1016/j.rser.2015.11.002}, - urldate = 2019-09-19, - volume = {55}, - x-color = {#009966}, - year = {2016} -} - -@article{lopez01, - author = {G. Lopez and J.I. Moreno and H. Amar\'{\i}s and F. Salazar}, - doi = {10.1016/j.epsr.2014.05.006}, - journaltitle = {Electric Power Systems Research}, - publisher = {Elsevier}, - title = {Paving the road toward Smart Grids through large-scale advanced metering infrastructures}, - url = {http://www.sciencedirect.com.sci-hub.tw/science/article/abs/pii/S0378779614001862}, - urldate = 2019-09-19, - x-color = {#009966}, - year = {2014} -} - -@article{alahakoon01, - author = {Damminda Alahakoon and Xinghuo Yu}, - doi = {10.1109/TII.2015.2414355}, - journaltitle = {IEEE Transactions on Industrial Informatics}, - organization = {IEEE}, - title = {Smart Electricity Meter Data Intelligence for Future Energy Systems: A Survey}, - url = {http://ieeexplore.ieee.org.sci-hub.tw/abstract/document/7063262}, - urldate = 2019-09-19, - x-color = {#009966}, - year = {2015} -} - -@book{borlase01, - editor = {Stuart Borlase}, - isbn = {978-1-4987-9955-3}, - publisher = {CRC Press}, - series = {Electric Power and Energy Engineering}, - title = {Smart Grids: Advanced Technologies and Solutions}, - url = {http://libgen.is/book/index.php?md5=54E49C790BF4ABE66857D6A86E60A196}, - urldate = 2019-09-19, - x-color = {#cc3300}, - year = {2017} -} - -@article{amin01, - author = {Saurabh Amin and Galina A. Schwartz and Alvaro A. C{\'a}rdenas and S. Shankar Sastry}, - doi = {10.1109/MCS.2014.2364711}, - journaltitle = {IEEE Control Systems Magazine}, - month = feb, - organization = {IEEE}, - part = {1}, - title = {Game-Theoretic Models of Electricity Theft Detection in Smart Utility Networks}, - url = {https://cloudfront.escholarship.org/dist/prd/content/qt3658w184/qt3658w184.pdf}, - urldate = 2019-09-19, - volume = {35}, - x-color = {#7a783b}, - year = {2015} -} - -@article{mahmood01, - author = {Anzar Mahmood and Nadeem Javaid and Sohail Razzaq}, - doi = {10.1016/j.rser.2014.08.036}, - journaltitle = {Renewable and Sustainable Energy Reviews}, - pages = {248--260}, - publisher = {Elsevier}, - title = {A review of wireless communications for smart grid}, - url = {http://www.sciencedirect.com.sci-hub.tw/science/article/abs/pii/S1364032114007126}, - urldate = 2019-09-19, - volume = {41}, - x-color = {#7a783b}, - year = {2015} -} - -@techreport{bsi01, - author = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - edition = {v1.0}, - month = jan, - organization = {{Bundesamt f{\"u}r Sicherheit in der Informationstechnik}}, - title = {Marktanalyse zur Feststellung der technischen M{\"o}glichkeit zum Einbau intelligenter Messsysteme nach {\S} 30 MsbG}, - url = {https://web.archive.org/web/20190919124052/https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/SmartMeter/Marktanalysen/Marktanalyse_nach_Para_30_MsbG.pdf?__blob=publicationFile&v=8}, - urldate = 2019-09-19, - x-color = {#009966}, - year = {2019} -} - -@inproceedings{czechowski01, - author = {R. {Czechowski} and A. M. {Kosek}}, - booktitle = {2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG)}, - doi = {10.1109/CPSRSG.2016.7684098}, - issn = {}, - keywords = {power consumption; power engineering computing; power system measurement; power system security; security of data; smart meters; energy theft techniques; power energy consumption; electric energy distribution; electricity theft detection; energy consumers; cyber security; smart metering; low voltage network; Energy consumption; Security; Energy measurement; Companies; Power systems; Wheels; Smart Grid; energy theft; cyber-physical security; digital data flow; energy hacking}, - month = {April}, - organization = {IEEE}, - pages = {1--7}, - title = {The most frequent energy theft techniques and hazards in present power energy consumption}, - url = {https://project-sparks.eu/wp-content/uploads/2016/04/czechowski-cpsr-sg-paper-four.pdf}, - x-color = {#009966}, - year = {2016} -} - -@datasheet{st-db3636, - author = {{ST Microelectronics}}, - edition = {r1}, - month = {jun}, - organization = {ST Microelectronics}, - subtitle = {Security module of a smart meter gateway as defined by the BSI}, - title = {STSAFE-J100-BS Data brief}, - url = {https://www.st.com/resource/en/data_brief/stsafe-j100-bs.pdf}, - urldate = 2019-09-20, - x-color = {#009966}, - year = {2018} -} - -@slides{dalheimer01, - author = {Mathias Dalheimer}, - eventtitle = {Gulaschprogrammiernacht 2014}, - title = {Smartin Meter-Einf{\"u}hrung Deutschland}, - url = {https://entropia.de/images/2/2c/GPN14-SmartMeterEinf%C3%BChrung.pdf} -} - -@online resource{heise01, - author = {Heise Medien}, - title = {checkm8: Boot-Exploit soll neuere iPhones knacken}, - url = {https://www.heise.de/mac-and-i/meldung/checkm8-Boot-Exploit-soll-neuere-iPhones-knacken-4542075.html} -} - |