The Transactions of The Korean Institute of Electrical Engineers (전기학회논문지)

The Korean Institute of Electrical Engineers (대한전기학회)
권호 표지
DOI QR코드

DOI QR Code

A Design for a Zigbee Security System in the Customer Side Environment of Jeju Smart Grid Field Test

제주 스마트그리드 실증단지 수용가 환경에서 Zigbee 보안 체계 설계

  • Received : 2012.02.21
  • Accepted : 2012.06.25
  • Published : 2012.08.01
Download PDF
⟨ Previous Next ⟩

Abstract

In Jeju Smart Grid field test, Zigbee technology is being used as one of customer side solutions for AMI. Although Zigbee networks that provides effective connectivity and control among devices are advantages in ease of implementation and use, the data can be exposed to cyber attacks such as eavesdrop, unauthorized data dissemination and forgery. Currently authentication and confidentiality services are provided with the network and link keys generated based on public key pairs that are pre-installed in offline. However, the network is vulnerable once a hacker intrudes into a local network because operation and management policies for the generated keys are not well-established yet. In this paper, the vulnerability of the Zigbee security system in the customer side environment of Jeju Smart Grid field test is analyzed. Then, two-way authentication with the unique identifiers of devices and user-specific group management policies are proposed to resolve the vulnerability.

Keywords

References

  1. UCAIUG:AMI-SEC-ASAP, AMI System Security Requirements, Dec. 2008.
  2. Zigbee Alliance Document, "Zigbee Specification Pro/2007", 2007.
  3. No-Gil Myung, Young-Hyun Kim, Sang-Yeum Lee, "A study on AMI system of KEPCO," the journal of Korea information and communication society, vol. 35 No. 8, pp. 1251-1258, Aug. 2010.
  4. FIPS pub 197, "Advanced Encryption Stadard(AES)", NIST Springfield, Virginia, November 2001.
  5. IEEE Std 802.15.4, "Wireless Medium Access Control(MAC) and Physical Layer(PHY) Specifictions for Low-Rate Wireless Personal Area Networks (LR-WPANs)," 2003.
  6. ANSI X9.63-2001, "Public Key Cryptography for the Financial Services I
  7. FIPS pub 198, The Keyed-Hash Message Authentication Code(HMAC), NIST Springfield, Virginia, March 2002.
  8. 김태호, 김창훈, 권순학, 홍춘표, "타원곡선 키 교환 프로토콜 응용을 위한 마이크로소프트 COM 소프트웨어 모듈 구현", 한국통신학회 하계종합학술발표회, 2006.
  9. "암호 알고리즘 및 키길이 이용안내서", 한국인터넷진흥원, 2010.