Journal of Digital Contents Society (디지털콘텐츠학회 논문지)

Digital Contents Society (한국디지털콘텐츠학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on Security Vulnerability Management in Electric Power Industry IoT

전력 산업 IoT에서의 보안 취약점 관리에 관한 연구

  • Received : 2016.11.25
  • Accepted : 2016.12.30
  • Published : 2016.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

The era of IoT, which figures exchanging data from the internet between things is coming. Recently, former electric power energy policy paradigm, namely Supply side paradigm, is changing, because electric power energy consumption is rapidly increasing. As new paradigm for this limit, convergence of existing electric power grid and ICT(Information and Communication Technology) will accelerate intellectualization of electric power device, its operation system. This change brought opened electric power grid. Consequently, attacks to the national electric power grid are increasing. On this paper, we will analyze security threats of existing IoT, discuss security weakness on electric power industry IoT and suggest needed security requirements, security technology.

사물 간의 인터넷을 통하여 정보를 주고받는 사물인터넷 시대가 열리고 있다. 최근 전력 수요가 급증하면서 기존 공급 위주의 전력에너지 정책 패러다임이 변화하고 있다. 사물인터넷 기술이 발전함에 따라 기존 전력망에 ICT를 융합시켜, 전력 디바이스 및 운영 시스템의 지능화를 가속화시킬 것이다. 전력망에 사물인터넷이 접목되어 개방화함에 따라 국가 전력망에 대한 사이버 위협 및 공격에 대한 우려가 증대되고 있다. 본 논문에서는 기존 사물인터넷에서의 보안 위협을 분석하고 전력산업 사물인터넷에서의 보안 취약점과 보안 요구사항 및 보안 기술을 제시하고자 한다.

Keywords

References

  1. https://isms.islearning.kr/mik_lib/file_down.php?bf_idx=16
  2. https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_Sep2014-Feb2015.pdf
  3. Jin-Young Kim and Sun-Myung Hwang, "Outlook and Challenges of Security System for the Activation of IoT", Korea Computer Congress, Korea Information Science Society, Jeju, 2015, pp. 1037-1039.
  4. http://www.ahnlab.com/kr/site/securityinfo/secunews/secuNewsView.do?curPage=1&menu_dist=1&seq=21742
  5. http://kashi.or.kr/board/index.html?action=view&board_id=pds2&seq=13032
  6. http://datanet.co.kr/news/articleView.html?idxno=69944
  7. http://www.washingtonpost.com/wp-dyn/content/article/2008/06/05/AR2008060501858.html
  8. http://online.wsj.com/article/SB123914805204099085.html
  9. J. Daemen, V. Rijmen, "AES proposal: Rijndael", NISTAES Proposal, 1998, pp. 1-45.
  10. NIST, "FIPS PUB 46-3 Data Encryption Standard (DES)", Federal Information Processing Standards Publications, 1999, pp. 1-22.
  11. NIST, "FIPS PUB 180-4 Secure Hash Standard", Federal Information Processing Standards Publications, 2012, pp. 1-39.
  12. IETF, "RFC-1321 The MD5 Message-Digest Algorithm", Network Working Group, 1992, pp. 1-22.
  13. G. Bertoni, J. Daemen, M. Peeters and G. Van Assche, "The Keccak reference", round 3 submission to NIST SHA-3, 2011, pp. 1-69.
  14. R. L. Rivest, A. Shamir, and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems", Communications of the ACM, Vol.21, No. 2, 1978, pp. 120-126. https://doi.org/10.1145/359340.359342
  15. ITU-T, "Framework of Web of Things", Inernational Telecommunication Union, 2012, pp. 1-22.
  16. A. Bogdanov, L. R. Knudsen, G. Le, C. Paar, A.Poschmann, M. J. B. Robshaw, Y. Seurin, and C.Vikkelsoe, "Present: An ultra-lightweight block cipher", In Proceedings of the International Conferenceon Cryptographic Hardware and Embedded Systems(CHES07), Vol. 4727, 2007, pp. 405-466.
  17. C. Canniere, O. Dunkelman, M. Knezevic, Katan, and Ktantan, "A family of small and efficient hardware-oriented block ciphers", In Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems(CHES 09), Vol. 5747, 2009, pp.272-288.
  18. D. Engels, M. J. O. Saarinen, P. Schweitzer, and E. M. Smith, "The hummingbird-2 lightweight authenticated encryption algorithm", In Proceedings of the 7th International Conference on RFID Security and Privacy(RFIDSec'11), Vol. 7055, 2011, pp. 19-31.
  19. D. Hong, J. Sung, S. Hong, J. Lim, S. Lee, B.Koo, C. Lee, D. Chang, J. Lee, K. Jeong, H. Kim,J. Kim, and S. Chee, "Hight: a new block cipher suitable for low-resource device", In Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems(CHES 06), Vol. 4269, 2006, pp. 46-59.
  20. J. Guo, T. Peyrin, and A. Poschmann, "The photon family of lightweight hash functions", in Crypto2011, Lncs, Vol. 6841, 2011, pp. 222-239.
  21. A. Bogdanov, M. Knezevic, G. Leander, D. Toz,K. Varici, I. Verbauwhede, and Spongent: "The design space of lightweight cryptographic hashing", http://sites.google.com/site/spongenthash, 2012.
  22. Donghee Kim, Seokung Yoon, Yongpil Lee, "Security for the IoT Service", The Korean Institute of Communications and Information Sciences, Vol.30, No.8, 2013, pp.53-59.
  23. http://www.zigbee.org
  24. http://www.wi-fi.org

Cited by

  1. IoT기반 저수지/사방댐 담수량 및 토사량 모니터링 시스템 설계 및 구현 vol.18, pp.4, 2016, https://doi.org/10.9728/dcs.2017.18.4.787
  2. 산업제어시스템(ICS) 암호모듈 적용방안 연구 vol.18, pp.5, 2017, https://doi.org/10.9728/dcs.2017.18.5.1001
  3. 사물 인터넷 기반의 1인 가구를 위한 스마트 콘센트 시스템 vol.18, pp.5, 2017, https://doi.org/10.9728/dcs.2017.18.5.895