(完整word版)关于PLC英文文献

SecurityinOPERASpecificationbasedPLCSystemsGuiomarCorral,JosepM.Selga,AgustínZaballos,DavidGonzález-TarragóEnginyeriaiArquitecturaLaSalle-UniversitatRamonLlull(URL)Barcelona-Spain{jmselga,guiomar,zaballos,dgonzalez}@salle.url.eduLuisM.TorresDesignofSystemsonSilicon(DS2)SAValencia,SpainBertholdHaberlerLinzStromGmbhLinz,AustriaAbstract—PowerLineCommunication(PLC)isabroadbandtelecommunicationtechnologythatenablestheuseoftheexistingelectricitynetworksforhighspeeddatatransmissionpurposes.EuropeanprojectOPERA(OpenPLCEuropeanResearchAlliance)isaprojectwhosestrategicobjectiveistopushPLCtechnologyinallthedifferentandrelevantaspects.Withinthisframework,securityisanimportantaspectthatshouldbetakenintoaccountandintegratedintothespecificationsfromtheverybeginning.Theprojectwasscheduledintwophaseswithadurationoftwoyearseach.Phase1producedafirstPLCspecification,includingsecurity.Phase2producedanimprovedspecificationwhichwassubmittedtotheIEEEastheOPERAPLCproposalwithinthecontestorganizedbyWGP1901.ThepaperpresentsthestudiesrelatedtosecurityinthePLCaccesstechnologymadewithinthisprocessthatledtothesecondsecurityspecificationofOPERA.Finally,ananalysisofthisspecificationisperformed.Keywords-accesstechnologies;PLC;communicationsnetworksecurity;OPERAproject.I.INTRODUCTIONPowerLineCommunication(PLC)isabroadbandtelecommunicationtechnologyabletousetheexistingelectricitynetworksfordatatransmissionpurposes,allowinganyuserconnectedtothepowergridtobenefitfromInformationTechnologybasedserviceseasily.ThestrategicobjectiveofprojectOPERA(OpenPLCEuropeanResearchAlliance)[1]istopushPLCtechnologyinallthedifferentandrelevantaspects(standardization,technologyimprovement,installationtoolsandprocesses,telecomservices,dissemination,..)soastoallowthetechnologytobecomeacompetitivealternativetoofferbroadbandaccessservicetoallEuropeancitizensusingthemostubiquitousinfrastructure,theelectricalgrid,whichcoversnotonlythelastmilebutalsoin-buildingandin-homespaces.Securityhasbeensometimesneglectedwhendefiningstandards.Infact,theinitialspecificationsofmanyexistingstandardsinrelatedareassuchaswireless[2]havebeenshowntohavemanyvulnerabilitiesthathavehadtobefixedinfurtherspecifications,notwithouttroubleforthemarket.UnfortunatelyOPERAisnotdifferent.ThespecificationproducedinOPERAPhase1[1][3]presentedalsoseveralvulnerabilitiesthathavebeenfixedinOPERAPhase2specification[4].ThewritingofthissecondspecificationbyOPERAwasinscribedinsomewayintheprocesscreatedbytheIEEEWGP1901withtheintentionofproducinganIEEEstandardforPLCaccessandin-homenetworks.Infact,deliverableD27[4]istheproposalsubmittedbyOPERAtotheIEEEwithinthementionedprocess.ThepresentationoftheOPERAPhase2specificationandtherelatedsecurityanalysisaretheobjectivesofthispaper.Thecontentsofthepresentpaperisorganizedasfollows.SectionIIintroducesthesecurityrequirementstobecompliedbythespecification;SectionIIIsuccinctlydescribestheOPERAPhase1specification;SectionIVanalyzesthelevelofcomplianceofthisspecification;SectionVoutlinesthebasicideasforcreatinganewspecification;SectionVIcontainsasecurityanalysisofthenewspecificationand,finally,thereisaconclusionssection.II.SECURITYREQUIREMENTSThebasicobjectivesofanysecurityspecificationaretoachieveconfidentiality,integrity,mutualauthenticationandavailability.Theseobjectivescanbethreatenedbyaseriesofattacks.Confidentialityisinterpretedastheprivacyoftransactionsbetweentwonodesfromallothernodes.Itismadepossiblebythetechniquesofcryptography.Themostrelevantknownattacksagainstconfidentialityare[5]:bruteforceattack,dictionaryattack,eavesdroppingattackandprecomputationattack.Dataintegrityreferstoensuringthatdatahasnotbeenalteredduringthetransmissionprocess.Maliciousmanipulationandforgingofmessagesaredifferentattacksagainstdataintegrity.ItcanbepreventedbytheuseofMessageIntegrityChecks(MIC).Thefunctionofadmissioncontrolistoguaranteethatnetworkresourcesareonlyaccessedbyauthorizeddeviceswhicharewhoclaimtobe.Thus,itcontainstwoaspects,oneisauthenticationofthestationsandtheotherisauthorizationtoaccesstheresources.Normallybothfunctionsarecombinedinasingleaccessprotocol.Differentattacksagainstadmissioncontrolarethefollowing:identityusurpation,replayattacks,man-in-the-middleattacks,hijackofMACaddresses,sessionhijacking,masquerading,maliciousdeviceandmessageinterception.Availabilityreferstothepreventionfromaccessingandusingthenetworkbysomeunauthorizedparty.AttackstoavailabilityarecalledDenialofService(DoS)attacks.Thesecurityrequirementdemandsthatthespecificationmustberobustagainsttheseattacksaswellastoanyotherpossibleattack.III.SUCCINCTDESCRIPTIONOFOPERAPHASE1SECURITYSPECIFICATIONOPERA1Specification[2][3]isaimedforPLCaccessnetworksanddefinesthreetypesofdevices,Head-End(HE),Repeaters(TDR,TimeDivisionRepeaters)andCustomerPremisesEquipment(CPE).Theytypicallyformamulti-hopsystemliketheonedepictedinFigure1.ConfidentialityinOPERA1isachievedbytheuseofDES[6]and3DES[7]encryptionsystems.Theadmissioncontrolprocessinvolvesthreemessages:anAccessFramethatinvitesnodestojointhenetwork,acontentionAccessReplyFrameth