Skip navigation

KEF: a Key Exchange Framework for operational technology security standards and guidelines

KEF: a Key Exchange Framework for operational technology security standards and guidelines

Sani, Abubakar Sadiq, Yuan, Dong, Meng, Ke and Dong, Zhao Yang (2022) KEF: a Key Exchange Framework for operational technology security standards and guidelines. In: Thirteenth Conference on Innovative Smart Grid Technologies (ISGT 2022) is “Moving to a 3-D Energy Landscape: Decarbonized, Democratized, Decentralized”, sponsored by the IEEE Power & Energy Society (PES). February 21 – 24, 2022. IEEExplore . Institute of Electrical and Electronics Engineers (IEEE), Piscataway, NJ. (Unpublished)

[img]
Preview
PDF (Author's Accepted Manuscript)
34309_SANI_ KEF_A_key_exchange_framework.pdf - Accepted Version

Download (211kB) | Preview

Abstract

Recent findings show that many security standards and guidelines for Operational Technology (OT) in smart grids do not satisfy all key exchange properties such as mutual authentication, key secrecy, and key confirmation. As accepted best practices are undergoing tailoring due to increase in remote grid operations that have also led to an increase in cyber attacks against smart grids, we propose to enhance key exchange in the OT security standards and guidelines via KEF, a key exchange framework for satisfying and enforcing the key exchange security properties to mitigate cyber attacks. KEF comprises a set of cryptographic operations and a set of key exchange states for key exchange operations. We analyse the security of KEF using Automated Validation of Internet of Security Protocols and Applications (AVISPA) tool and demonstrate its security benefits by applying it to a real-world key establishment scheme, Special Publication (SP) 800-56A Revision 3, of the National Institute of Standards and Technology (NIST).

Item Type: Conference Proceedings
Title of Proceedings: Thirteenth Conference on Innovative Smart Grid Technologies (ISGT 2022) is “Moving to a 3-D Energy Landscape: Decarbonized, Democratized, Decentralized”, sponsored by the IEEE Power & Energy Society (PES). February 21 – 24, 2022
Uncontrolled Keywords: Operational Technology, security, key exchange, standards, guidelines
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
T Technology > T Technology (General)
Faculty / School / Research Centre / Research Group: Faculty of Engineering & Science
Faculty of Engineering & Science > Internet of Things and Security Research Centre (ISEC)
Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Related URLs:
Last Modified: 17 Oct 2022 09:50
URI: http://gala.gre.ac.uk/id/eprint/34309

Actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics