Module-OT: A Hardware Security Module for Operational Technology

Will Hupp, Adarsh Hasandka, Ricardo de Carvalho, Danish Saleem

Research output: Contribution to conferencePaperpeer-review

19 Scopus Citations

Abstract

Increased penetration levels of renewable energy and other types of distributed energy resources (DERs) on the modern electric grid-combined with technological advancements for electric system monitoring and control-introduce new cyberattack vectors and increase the cyberattack surface of energy systems. According to the IEEE Std. 1547-2018, DERs must use Modbus, Distributed Network Protocol 3 (DNP3), or Smart Energy Profile 2.0 (SEP2) as their communication protocol. Previous research identified several vulnerabilities and security breaches in each one of these communication protocols; despite this, existing standards for DERs do not recommend cybersecurity measures. In order to reduce vulnerabilities in power distribution systems, this paper presents a novel open-source hardware security module that improves both information and operational security to better protect data and communications on the distribution grid. The security hardware is called 'module for operational technology, ' or simply Module-OT, and it has been validated and tested in an emulated distribution system application. Module-OT is integrated within a communication system in the transport layer of the Open Systems Interconnection (OSI) model. It improves system security through encryption, authentication, authorization, certificate management, and user access control. The main advancement of Module-OT is the addition of hardware cryptographic acceleration that improves the overall communication performance in terms of end-to-end latency.

Original languageAmerican English
Number of pages6
DOIs
StatePublished - Feb 2020
Event2020 IEEE Texas Power and Energy Conference, TPEC 2020 - College Station, United States
Duration: 6 Feb 20207 Feb 2020

Conference

Conference2020 IEEE Texas Power and Energy Conference, TPEC 2020
Country/TerritoryUnited States
CityCollege Station
Period6/02/207/02/20

Bibliographical note

See NREL/CP-5R00-74697 for preprint

NREL Publication Number

  • NREL/CP-5R00-77159

Keywords

  • cryptography
  • data protection
  • distribution networks
  • power grids
  • power system interconnection
  • power system security
  • telecommunication security

Fingerprint

Dive into the research topics of 'Module-OT: A Hardware Security Module for Operational Technology'. Together they form a unique fingerprint.

Cite this