SECURE SMART METER INFRASTRUCTURE IN MULTI-DWELLING ENVIRONMENT Binod Vaidya, Dimitrios Makrakis, Hussein Mouftah University of Ottawa, Ottawa,

Canada
ABSTRACT
Smart grid deployment focuses on reliability, cost savings and energy efficiency as well as customer satisfaction. Many utilities are turning to Smart meter infrastructure technology. Smart Energy profile was motivated by requirement to enable personal energy management in Home area networks. In Multidwelling units, wireless networking such as WiFi and ZigBee could be feasible, as range of communications can be extended to communicate with the gateway. In such a network, routing is one of the fundamental components. However, designing secure routing protocols for wireless mesh networks is a challenging task due to various reasons. In this paper, we provide a comprehensive security mechanism for source routing protocol in wireless multi-hop networks, which is particularly suitable for multi-dwelling environment.

mesh networks is a challenging task due to various reasons including resource constraints of nodes, limited capacity of the wireless medium, self-organized form of the network. In this paper, we provide a comprehensive security mechanism for source routing protocol in wireless multi-hop networks, which is particularly suitable for multi-dwelling environment. 2. BACKGROUNDS 2.1. Multi-dwelling Units Mid to high-rise dwellings including condominiums and apartments have a number of neighboring premises area networks operated by different customers residing on the same premises. Such large buildings containing independent dwellings are known as Multi-family dwelling or Multi dwelling units (MDU) [2]. SEP 1.1 refers NAN as possible further use case including MDUs, however, it provides little details regarding NAN implementation. SEP 2.0 includes specifications for MDU deployments. In MDUs, smart meters are located in meter rooms near ground floor or in basements. And they are physically secure with limited access. In such MDUs, sub-meters allow for individual billing to MDU residents. When deploying SMI in MDU, challenge arises due to not only need of seamless wireless connectivity but also security and privacy concerns. 2.2. Secure routing mechanisms In the wireless mesh multi-hop network, routing is one of the fundamental components. For wireless mesh network, several routing protocols such as Ad hoc On-Demand Distance Vector (AODV), Dynamic Source Routing (DSR)[3], and Hybrid Wireless Mesh Protocol (HWMP) can be considered. However, none of above addresses security and anonymity protection mechanisms. Secure routing algorithms are used to protect the route discovery and maintenance phase, which can counter various attacks such as forging, modifying, or dropping of routing messages [4]. For instance, Secure routing protocol (SRP) [5], ARIADNE [6], Secure Dynamic Source Routing (SDSR) [8] and Secure Route Discovery Protocol (SRDP) [7] provide mechanisms to enable route establishment such that malicious nodes cannot cause inappropriate routes. SRP

Index Terms Smart meter infrastructure, Multidwelling unit, wireless muti-hop network, secure routing protocol 1. INTRODUCTION Smart grid deployment focuses on reliability, cost savings and energy efficiency as well as customer satisfaction. As a strategic response, many utilities are turning to smart meter infrastructure (SMI) technology. Smart Energy Profile (SEP) 1.0 was motivated by requirement to enable personal energy management in Home area networks (HANs) and is used in many Smart grid applications. Smart energy (SE) device include energy service interface (ESI), metering device, in-home display (IHD), programmable communicating thermostat (PCT), load control devices (LCD), and other smart appliances. SEP 2.0 is currently under development, which will offer IP-based control for SMI and HANs [1]. For smart energy HAN, both wired and wireless communication protocols can be considered, however, wireless communications have significant advantages over wired ones. While multi-hopping is considered in wireless communications such as low-power (LP) WiFi and ZigBee, range of communications can be extended to communicate with the gateway in larger smart energy HAN, especially in multi-dwelling environment. The wireless mesh networks may be preferred for routing data in Neighborhood area network (NAN). In such a network, routing is one of the fundamental components. However, designing secure routing protocols for wireless

2012 25th IEEE Canadian Conference on Electrical and Computer Engineering (CCECE) 978-1-4673-1433-6/12/$31.00 2012 IEEE

uses end-to-end Message authentication codes (MACs) whereas ARIADNE uses accumulation of MACs. Furthermore, SDSR uses digital signatures as well as accumulation of public Diffie-Hellmann and encrypted hashed keys while SRDP uses MACs and aggregate signature schemes of Accountable-Subgroup Multisignature (ASM). Above schemes are not suitable for SMI since either they lack sufficient security measures or they have comparatively higher computational cost. 3. NETWORK CONSIDERSATIONS FOR MULTIDWELLING ENVIRONMENT In many urban areas, MDUs are the norm rather than the exception. These residential dwellings present challenges and often require special planning to assure that wired (i.e. fiber) or wireless networks can efficiently and reliably scale the heights involved across multiple floors. For existing MDU environment, where running fiber to each unit may not be feasible, thus wireless network infrastructure could be viable solution. Cost-effective wireless mesh architecture could deliver real-time services such as voice and video as well as data services to the MDU customers. Following network considerations for multi-dwelling environment have been accounted: A single mesh network covering whole MDU; Range extenders are employed whenever coverage is not sufficient; Intermediate repeaters may not be trust-worthy; they belongs to different dwellers; SE devices (i.e. IHD) may be statics or semi-statics; All devices share same network key and network access is granted by a Coordinator / Trust Center. 4. PROPOSED SECURE ROUTING SCHEME FOR MULTI-DWELLING ENVIRONMENT In this section, we propose secure routing scheme for wireless mesh infrastructure in multi-dwelling environment. Main goal is to furnish lightweight, efficient and secure on-demand source routing protocol based on elliptic curve cryptography (ECC) based public key cryptography. The main intention of this mechanism is to obtain secure route discovery in on-demand routing protocol by utilizing self-certified public keying technique, Schnorr digital signature algorithm, as well as multi-signature scheme. As this framework is based on source routing algorithm, it has three basic operations: initialization, route discovery, and route maintenance. 4.1. Initialization Prior to joining the network, every node has to access the Certificate Authority (CA) in secure manner to obtain an

implicit certificate (i). CA has secret key (xCA) and public key (XCA). The ESI that includes Trust center and Coordinator shall provide common network key to all SE devices, then each SE device can have shared secret keys with other ones. 4.2. Secure Route Discovery and Maintenance In the proposed secure route discovery, we have used Schnorr digital signature algorithm for source node authentication and multi-signatures scheme for intermediate node authentication. The route discovery in wireless multi-hop ad-hoc network performed is as follows. Consider a source node (S) that does not have route to the destination node (D). When S has data packets to be sent to D, it initiates Route Request (RREQ) packet. This RREQ packet is flooded throughout the network. Initially, S will compute Schnorr digital signature (yS) with the help of shared secret key (kSD) and append it to the RREQ packet. When an intermediate node receives RREQ packet with source address S and destination address D, the intermediate node rebroadcasts it as per DSR protocol. Lets suppose the RREQ will transverse through nodes A, B, and C before reaching the destination D. When intermediate node A receives the RREQ from S, it computes partial commitment (A). Then node A appends its own address in the route list and its partial commitment, and then rebroadcasts RREQ. Similarly, intermediate nodes B and C compute joint partial commitments ( 1) and ( 2) respectively, and append their addresses in the route list and respective commitments before rebroadcast RREQ. RREQ algorithm for secure RREQ message flow is shown in Figure 1.
S S* A A* B B* C C* Compute yS = xS.h(kSD, M) + kSD where M = {S, D, Sid} {REQ, M, {S}, yS} Choose A Compute A = A.P {REQ, M, {S, A}, A, yS} Choose B Compute B = B.P and 1 = A + B {REQ, M, {S, A, B}, 1, yS} Choose C Compute C = C.P and 2 = 1 + C {REQ, M, {S, A, B, C}, 2, yS}

Fig 1: Secure RREQ message flow

When D receives RREQ packet from its neighboring nodes, it checks validity of RREQ by verifying Equation 1. If it is true, D will accept RREQ packet; otherwise, D will discard it.

yS.P = XS.h(kSD, M) + kSD.P

(1)

Then, D generates route reply (RREP) packet, which includes the accumulated route as obtained from RREQ, and partial multi-signature. The RREP is then sent back on the reverse route as given by the accumulated route found in the corresponding RREQ. Intermediate nodes compute joint partial signature parameter (s i). After appending this partial signature parameter in RREP, intermediate nodes will pass it to the next node on route path. Upon receiving RREP, S will compute necessary parameters. RREP algorithm for secure RREP message flow is shown in Figure 2.
D Choose D Compute D = D.P Compute Compute sD = xD.h(M1) + D, where M1 = {S, D, Sid, {S, A, B, C, D}, T} {REP, M1, sD} Compute sC = xC.h(M1) + C, and s 1 = sD + sC {REP, M1, s 1} Compute sB = xB.h(M1) + B, and s 2 = s 1 + sB {REP, M1, s 2} Compute sA = xA.h(M1) + A, and s T = s 2 + sA {REP, M1, s T} Compute

wireless multi-hop networks that could threaten the security of the network. We will evaluate the proposed scheme for several active attacks. Due to lack of space, we have not compared with existing schemes. 5.1.1. Resistance to modification attacks Malicious nodes can modify the protocol fields of messages passed among nodes. Such attacks compromise the integrity of routing computation. By altering routing information such as the hop count and the destination sequence number, an attacker can cause network traffic to be dropped, redirected to a different destination or take a long route to the destination increasing communication delays, in turn, could cause a denial of service attack. In this scheme, the multi-signature scheme provides authentication during route discovery while Schnorr signature scheme provides source node authentication during RREQ process. 5.1.2. Resistance to Man-In-The-Middle attacks In active attacks, an attacker actively participates in disrupting the normal operation of the network services. A malicious host can create an active attack by modifying packets or by introducing false information in the ad hoc network. It confuses routing procedures and degrades network performance. In this scheme, every intermediate node participates while constructing multi-signatures, which will be verified by the source at the end of the route discovery process. Since all nodes use self-certified public keys, it would be difficult for malicious nodes to participate in the route discovery process. 5.1.3. Resistance to Invisible node attacks In the case of ad hoc network, a malicious node simply relays unaltered messages during route discovery, resulting in invalid routes being returned by the routing protocol to the requesting node. In this mechanism, RREQ packet carries joint commitments contributed by intermediate nodes through which RREQ packet passes. Also while a RREP packet travels towards the source, every intermediate node it passes through participates in the construction of a multisignature. Thus the source can easily detect possible invisible node attack. 5.2. Performance Evaluation We have used OPNET as a simulator for performance evaluation of the secure on-demand routing protocol used in multi-dwelling environment. The simulation includes a network having 50 nodes, each having radio power range of 300m and channel capacity of 1 Mbps. For this purpose, 10 source and destination pairs are randomly selected among the 50 nodes. Continuous bit rate (CBR) traffic sources are used. Each run executes 300 seconds of simulation time.

DC C CB B CB A AS S

Fig 2: Secure RREP message flow

Then S will check Equation 2 to verify the multisignature. If it holds, S will accept received RREP packet from the destination D; otherwise, S will discard it. s T.P = XCA.eT.h(M1) + RT.h(M1) + T (2)

With this algorithm, source S can be assure that it has authenticated destination D and all intermediary nodes, in turn, the source route is authentic and trustworthy. In case of route maintenance, whenever a route breaks because of node mobility, the neighbor of the node will send route error to the source. In order to authenticate the packet and ensure freshness, this scheme uses digital signature along with nonce in route error messages. 5. ANALYSIS OF PROPOSED MECHANISM 5.1. Security Analysis Numerous attacks such as modification attack, man-in-themiddle (MiTM) attack, invisible node attack may be possible in existing on-demand source routing protocol in

We have assumed that an adversarial node forwards a routing packet without appending its address on RREQ packet and can drop some of the data packets later. While assessing the performance of the routing scheme, we have considered packet delivery ratio (PDR) and Average end-to-end delay (ETED). PDR is the ratio of number of data packet successfully delivered to destinations to number of data packets generated by CBR sources. The ETED indicates how long it took for a packet successfully delivery from the CBR source to the application layer of the destination.

with the increase in percentage of adversaries. For higher percentage of adversaries, say 10%, the ETED for SRP and SDSR are much higher than that for proposed scheme. 6. CONCLUSIONS AND FUTURE WORKS In this paper, we provide comprehensive security framework for wireless multi-hop SMI network, capable of providing end-to-end security. The proposed scheme deploys selfcertified public keying technique along with multi-signature scheme and Schnorr digital signature scheme to achieve secure route discovery. We have analyzed its robustness to various attacks. The simulation results show that the proposed scheme is not only robust against misbehaving activities but also better than existing protocols. In future, we will conduct more detailed security analysis as well as performance evaluation of the proposed protocol. 7. ACKNOWLEDGMENTS This work was supported by the Government of Ontario under the ORF-RE WISENSE project as well as by NSERC under the Discovery Grants program 2011 - 2016.

Fig 3: Effect of adversaries on PDR for various schemes

8. REFERENCES
[1] ZigBee Smart Energy Profile 2.0 Technical Requirements, M.G. Stuber (Ed.), Mar 2010. <http://www.zigbee.org/Standards/ZigBeeSmartEnergy/Version20 Documents.aspx> [2] L. Negri, A ZigBee Smart Energy based Metering Solution for Multi Dwelling Units, 5th European ZigBee Developers Conference, Munich, Germany, May 2011. [3] D.B. Johnson et. al., The Dynamic Source Routing Protocol (DSR) for Mobile Ad Hoc Networks for IPv4, IETF RFC 4728, 2007. [4] Y.C. Hu and A. Perrig, A survey of secure wireless ad hoc routing, IEEE Security & Privacy 2(3): 2839, 2004. [5] P. Papadimitratos and Z.J. Haas, Secure Routing for Mobile Ad hoc Networks, In Proc. of CNDS 2002, San Antonio, TX, USA, 2002. [6] Y.C. Hu, et. al., ARIADNE: A Secure On-demand Routing Protocol for Ad hoc Networks, In Proc. of MobiCom 2002, Atlanta, Georgia, USA, 2002. [7] J. Kim and G. Tsudik, SRDP: Secure route discovery for dynamic source routing in MANETs, Ad Hoc Networks, 7(6): 1097-1109, 2009. [8] F. Kargl, et. al., Secure Dynamic Source Routing, In Proc. of HICSS 2005, Hawaii, 2005.

Figure 3 illustrates the effect of adversaries on PDR for proposed scheme and existing schemes on applying abovementioned attack. It can be seen that with the increase of misbehaving nodes, PDR for SRP scheme decreases dramatically because it is susceptible to such an attack. And similar result is observed in SDSR scheme. In the case of proposed scheme, PDR remains above 80% even for higher percentage of misbehaving nodes. It is clear that proposed scheme is affected in much lesser extent because it can resist the invisible man attack and tends to prevent from such an attack.

Fig 4: Effect of adversaries on ETE delay for various schemes

[9] M. Girault, Self-certified public keys, In Proc of Advances in Cryptology: Eurocrypt'91, Springer, pp. 490-497, 1991. [10] N. Koblitz, et. al., The state of elliptic curve cryptography, Designs, Codes and Cryptography, 19(2-3), pp. 173-193, 2000. [11] P. Schnorr, Efficient Signature Generation by Smart Cards, Journal of Cryptology 4(3): 161174, 1991. [12] S. Micali, et. al., Accountable-subgroup multi-signatures, In Proc. ACM CCS 2001, Philadelphia, PA, USA, pp. 245-254, 2001.

Figure 4 shows the ETE delay for proposed scheme and other schemes. It is plotted against percentage of adversarial nodes applying above-mentioned attack scenario. In this figure, we can observe that the ETED in network increases