DOI QR코드

DOI QR Code

AMI의 보안 취약성 및 기술 현황

Security Vulnerability and Technology Status of AMI

  • 발행 : 2017.12.30

초록

최근 국내의 한전을 비롯한 해외 여러 전력회사에서 스마트 그리드라는 개념의 전력망 구축을 위한 활동이 활발하게 이루어지고 있다. 스마트 그리드는 전력망에 정보통신망을 융합하여 전력의 효율성을 증대시키는 기술로, 전력 사업자와 소비자가 양방향 통신을 통해 에너지 효율을 극대화 시킬 수 있다. 그러나 전력망이 정보통신망과 융합되면서 기존 전력망보다 보안의 위협이 증대되고 있다. 전력망 특성상 보안의 위협으로 인한 피해는 개인의 사생활뿐만 아니라 사회의 경제적 손실까지 이어져 그 피해규모가 크므로, 스마트 그리드는 여러 해커 집단의 공격 대상이 되고 있다. 본 논문에서는 스마트 그리드의 보안 피해를 예방하기 위해, 스마트 그리드 구축의 핵심 기술이라 할 수 있는 Advanced Metering Infrastructure (AMI)의 보안 취약점과 그에 대응하는 보안 기술 현황을 살펴보도록 한다.

Recently, a number of foreign electric power companies including domestic Korea Electric Power Corporation (KEPCO) have actively engaged in the construction of a power grid with the concept of a smart grid. The Smart grid is a technology that increases the efficiency of the power by converging the information network with the power grid. It can maximize the energy efficiency through the two-way communication between the utility and the consumer. However, as the power grid converges with the information and communication network, security threats are increasing more than existing power grids. Due to the nature of the power grid, the damage caused by security threats is not only personal privacy but also economic loss of society. So smart grid becomes the target of hackers. In this paper, we discuss security vulnerabilities of Advanced Metering Infrastructure (AMI), which is a core technology of smart grid construction, and the corresponding security technologies to prevent security damage of smart grid.

키워드

참고문헌

  1. Farhangi, Hassan. "The path of the smart grid." IEEE power and energy magazine 8.1 (2010).
  2. McDaniel, Patrick, and Stephen McLaughlin. "Security and privacy challenges in the smart grid." IEEE Security & Privacy 7.3 (2009).
  3. Khurana, Himanshu, et al. "Smart-grid security issues." IEEE Security & Privacy 8.1 (2010).
  4. Anderson, Ross, and Shailendra Fuloria. "Smart meter security: a survey." University of Cambridge Computer Laboratory, United Kingdom (2011).
  5. Available: http://www.najunews.kr/news/articleView.html?idxno=213258. Accessed on June. 2017.
  6. 이재환, and 조성선. "스마트그리드의 기반 스마트미터 추진 동향 및 시사점, 정보통신산업진흥원." (2011).
  7. Choi, Tae-Seop, et al. "Analysis of energy savings using smart metering system and IHD (in-home display)." Transmission & Distribution Conference & Exposition: Asia and Pacific, 2009. IEEE, 2009.
  8. Prakash, Punya. "Data concentrators: The core of energy and data management." White paper, Texas Instruments (2013).
  9. 윤성국, "스마트그리드 통신 네트워크 구성과 전력선 통신의 역할." 한국통신학회지 (정보와통신) 31.11 (2014): 95-101.
  10. Hossain, Ekram, Zhu Han, and H. Vincent Poor. Smart grid communications and networking. Cambridge University Press, 2012.
  11. Yu, Rong, et al. "Cognitive radio based hierarchical communications infrastructure for smart grid." IEEE network 25.5 (2011).
  12. Available: http://blogs.gartner.com/it-glossary/home-areanetwork-han/. Accesed on June. 2017.
  13. Balakrishnan, Meera. "Smart Energy Solutions for Home Area Networks and Grid-End Applications." Proc. Smart Energy (2012): 67-73.
  14. Carpenter, M., et al. "Advanced metering infrastructure attack methodology." InGuardians white paper (2009).
  15. 남궁완, et al. "스마트미터 보안 연구." 정보보호학회지 20.5 (2010): 20-30.
  16. 김신규, 전유석, and 서정택. "AMI 보안 취약점 점검 항목에 관한 연구." 정보보호학회지 22.5 (2012): 73-78.
  17. Available: http://news.chosun.com/site/data/html_dir/2011/01/17/2011011700132.html. Accessed on June. 2017.
  18. Available: http://www.boannews.com/media/view.asp?idx=23041. Accessed on June. 2017.
  19. Available: http://thehackernews.com/2016/01/Ukraine-power-system-hacked.html. Accessed on June. 2017.
  20. Available: https://krebsonsecurity.com/2012/04/fbi-smartmeter-hacks-likely-to-spread/.Accessed on June. 2017.
  21. Available: https://phys.org/news/2009-11-brazil-blackouts-result-cyber-hacking.html. Accessed on June. 2017.
  22. Available: http://www.boannews.com/plan/plan_view.asp?idx=20523. Accessed on June. 2017.
  23. Available: http://www.koreatimes.com/article/20090409/515926. Accessed on June. 2017.
  24. Travis Goodspeed, "AMI Hacking Demonstration", Control System Cyber Security Conference 2009, Oct. 2009.
  25. Available: http://www.blackhat.com/html/bh-us-10/bh-us-10-home.html. Accessed on June. 2017
  26. Available: https://www.cyberscoop.com/blackout-ukraineprobably-bigger-deal-think/. Accessed on June. 2017.
  27. Telecontrol equipment and systems-Part 5-104:Transmission protocols-Network access for KS C IEC 60870-5-101 using standard transport profiles. KS C IEC 60870-5-104. 2012.
  28. Information technology - Security techniques - Information security management systems - Requirements. KS X ISO/IEC 27001. 2014.
  29. The Smart Meter-Part 1:Function requirements. KS C 1231-1. 2016
  30. Security Requirements for Smart Grid. TTAK.KO-12.0182. 2011.
  31. Security Mechanism of HAN Devices for Smart Grid. TTAK. KO-12.0258. 2014.
  32. Security functional architecture for smart grid services using telecommunication networks. TTAE.IT-X.1111sup26. 2016.
  33. Available: http://www.koit.co.kr/news/articleView.html?idxno=60595. Accessed on June. 2017.
  34. Available: http://www.etnews.com/20170328000244. Accessed on June. 2017.
  35. Security Standards for the Power System Information Infrastructure. IEC 62351. 2012.
  36. IEEE Standards for Intelligent Electronic Devices Cyber Security Capabilities. IEEE Std 1686-2013. 2014.
  37. Security and Privacy Controls for Federal Information Systems and Organizations. NIST SP 800-53. 2013.
  38. Guide to Industrial Control Systems (ICS) Security. NIST SP 800-82. 2011.
  39. Guidelines for Smart Grid Cybersecurity. NISTIR 7628. 2014.
  40. Protection Profile for the Security Module of a Smart Metering System. BSI-CC-PP-0077-2013. 2013.