Browse > Article
http://dx.doi.org/10.13089/JKIISC.2014.24.5.1001

Analysis of Security Requirements on DCU and Development Protection Profile based on Common Criteria Version 3.1  

Cho, Youngjun (The Attached Institute of ETRI)
Kim, Sinkyu (The Attached Institute of ETRI)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.24, no.5, 2014 , pp. 1001-1011 More about this Journal
Abstract
Smart Grid Devices could have security vulnerabilities that have legacy communication networks because of the fact that Smart Grid employs bi-directional communications and adopted a variety of communication interface. Consequently, it is required to build concrete response processes and to minimize the damage of the cyber attacks including security evaluation and certification methods. DCU is designed to collect meter data from numerous smart meter and send to utility's server so DCU installed between smart meter and utility's server. For this reason, If DCU compromised by attacker then attacker could use DCU to launching point for and attack on other devices. However, DCU's security evaluation and certification techniques do not suffice to be deployed in smart grid infrastructure. This work development DCU protection profile based on CC, it is expected that provide some assistance to DCU manufacturer for development of DCU security target and to DCU operator for help safety management of DCU.
Keywords
DCU; Smart Grid; Protection Profile; Common Criteria;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 Gunhee Lee, Jungtaek Seo, and Eungki Park, "Analysis of Security Threats and Security Requirements on Smart Grid," Review of The Korea Institute of Information Security & Cryptology, 21(7), pp. 7-17, Nov. 2011.
2 Jaeduck Choi and Jungtaek Seo, "Seperate Networks and an Authentication Framework in AMI for Secure Smart Grid," Journal of The Korea Institute of Information Security & Cryptology, 22(3), pp. 525-536, Jun. 2012.
3 Chul-Jo Jung, Sun-Ki Eun, Jin-Ho Choi, Soo-Hyun Oh, and HwanKoo Kim, "Protection Profile for Smart Meters: Vulnerability and Security Requirements Analysis," Journal of The Korea Institute of Information Security & Cryptology, 20(6), pp. 111-125, Dec. 2010.   과학기술학회마을
4 BSI, "Protection Profile for the Gateway of a Smart Metering System (Smart Meter Gateway PP)," v1.3, Mar. 2014. (http://www.commoncriteriaportal.org/files/ppfiles/pp0073b_pdf.pdf)
5 BSI, "Protection Profile for the Module of a Smart Meter Gateway(Security Module PP)," v1.02, Oct. 2013. (http://www.commoncriteriaportal.org/files/ppfiles/pp0077b_pdf.pdf)
6 Justin Searle, "Advanced Metering Infrastructure Attack Methodology," BlackHat EU 2011, Mar. 2011.
7 Sinkyu Kim, Yuseok Jeon, and Jungtaek Seo, "Study on Vulnerability test items for Advanced Metering Infrastructure," Review of The Korea Institute of Information Security & Cryptology, 22(5), pp73-78, Aug. 2012.
8 Florian Skopik, Zhendong Ma, Thomas Bleier, and Helmut Gruneis, "A Survey on Threats and Vulnerabilities in Smart Metering Infrastructures," International Journal of Smart Grid and Clean Energy, Vol. 1, No. 1, Sep. 2012.
9 Travis Goodspeed, "Extracting Keys from Second Generation ZigBee Chips," BlackHat USA 2009, Jul. 2009.
10 Kurt Rosenfeld and Ramesh Karri, "Attacks and Defenses for JTAG," Design & Test IEEE, Issue. 99, Mar. 2013.
11 SinSook Yoon, Daesuk Jang, HwanKoo Kim, SooHyun Oh, JaeCheol Ha, and SeokWoo Kim, "A Study of Evaluation Assurance Level Estimation Criteria for Development of Protection Profile," Review of The Korea Institute of Information Security & Cryptology, 17(6), pp57-66, Dec. 2007.