Opportunities through remote attestation in regional energy grids

Abstract:
Secondary substations are widely distributed and located in remote areas with limited security mechanisms, making them a vulnerability in the energy network and a potential attack vector for control systems. This research aims to ensure the integrity of secondary substations through Remote Attestation (RA) of their hardware and software state. The trustworthiness of the data being verified is a crucial prerequisite, which can be achieved through hardware-based security (Trusted Computing). Trusted Execution Environments (TEE) offer a flexible, hardware-based solution for implementing RA. Unlike specialized hardware security modules, TEEs – such as ARM TrustZone – are a reliable and already available feature on many hardware platforms and should be utilized [1]. This research started by conducting a threat analysis based on the STRIDE method. The identified threats were used as scenarios to derive 28 requirements. The resulting concept is based on the collected requirements and the architectural approach of Remote ATestation procedureS (RATS) [2]. The evaluation against these requirements confirms that the proposed concept meets most of the defined security requirements, thereby enhancing the overall security of the power grid. However, further research is required to achieve a secure and dynamic attestation of the software integrity of an operating system (Rich Execution Environment, REE).