KEF: a Key Exchange Framework for operational technology security standards and guidelines
Sani, Abubakar Sadiq, Yuan, Dong, Meng, Ke and Dong, Zhao Yang (2022) KEF: a Key Exchange Framework for operational technology security standards and guidelines. In: Thirteenth Conference on Innovative Smart Grid Technologies (ISGT 2022) is “Moving to a 3-D Energy Landscape: Decarbonized, Democratized, Decentralized”, sponsored by the IEEE Power & Energy Society (PES). February 21 – 24, 2022. IEEExplore . Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ. (Unpublished)
Preview |
PDF (Author's Accepted Manuscript)
34309_SANI_ KEF_A_key_exchange_framework.pdf - Accepted Version Download (211kB) | Preview |
Abstract
Recent findings show that many security standards and guidelines for Operational Technology (OT) in smart grids do not satisfy all key exchange properties such as mutual authentication, key secrecy, and key confirmation. As accepted best practices are undergoing tailoring due to increase in remote grid operations that have also led to an increase in cyber attacks against smart grids, we propose to enhance key exchange in the OT security standards and guidelines via KEF, a key exchange framework for satisfying and enforcing the key exchange security properties to mitigate cyber attacks. KEF comprises a set of cryptographic operations and a set of key exchange states for key exchange operations. We analyse the security of KEF using Automated Validation of Internet of Security Protocols and Applications (AVISPA) tool and demonstrate its security benefits by applying it to a real-world key establishment scheme, Special Publication (SP) 800-56A Revision 3, of the National Institute of Standards and Technology (NIST).
Item Type: | Conference Proceedings |
---|---|
Title of Proceedings: | Thirteenth Conference on Innovative Smart Grid Technologies (ISGT 2022) is “Moving to a 3-D Energy Landscape: Decarbonized, Democratized, Decentralized”, sponsored by the IEEE Power & Energy Society (PES). February 21 – 24, 2022 |
Uncontrolled Keywords: | Operational Technology, security, key exchange, standards, guidelines |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science T Technology > T Technology (General) |
Faculty / School / Research Centre / Research Group: | Faculty of Engineering & Science Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC) Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS) |
Related URLs: | |
Last Modified: | 17 Oct 2022 09:50 |
URI: | http://gala.gre.ac.uk/id/eprint/34309 |
Actions (login required)
View Item |
Downloads
Downloads per month over past year