Improving the Security of Management Software of Smart Meters Networks

Mirsharifi, Mahdiyehsadat; Rezaei, Fatemeh

doi:10.61186/itrc.15.4.32

Volume 15, Issue 4 (10-2023) itrc 2023, 15(4): 32-40 | Back to browse issues page

‎ 10.61186/itrc.15.4.32

Mendeley

Zotero

RefWorks

Mirsharifi M, Rezaei F. Improving the Security of Management Software of Smart Meters Networks. itrc 2023; 15 (4) : 40
URL: http://ijict.itrc.ac.ir/article-1-558-en.html

Improving the Security of Management Software of Smart Meters Networks

Mahdiyehsadat Mirsharifi¹

, Fatemeh Rezaei

1- Computer Engineering Department, K. N. Toosi University of Technology, Tehran, Iran
2- Computer Engineering Department, K. N. Toosi University of Technology, Tehran, Iran , frezaei@kntu.ac.ir

Abstract: (1009 Views)

— Reading traditional meters is always time-consuming and expensive. Using smart meters solves most of the problems existing in the traditional meter network. Smart meters are an advanced form of traditional electro-mechanical devices that can measure energy consumption in real-time and communicate through one or more wired or wireless networks. These devices can communicate from long distances and get changed, making them an easy target for attacks. This paper studies the security mechanisms in smart meters networks and suggests some security solutions in such networks. We have developed software for managing the information of smart meters and controlling them remotely. In this paper, we present the implemented security mechanisms in the developed smart meter management software. The proposed solutions for enhancing the security of this software include implementing the authentication system, enabling user management, and defining different access levels to prevent users from connecting without proper authentication and access control in the developed software. Moreover, hashing the password with a random salt technique is implemented for securing the database. Furthermore, we have secured the software platform to prevent web attacks such as Clickjacking and CSRF attacks.

Article number: 40

Keywords: Internet of Things, Smart Meters, Management, Security, Authentication.

Full-Text [PDF 823 kb] (371 Downloads)

Type of Study: Applicable | Subject: Network

References

1. [1] C. C. Sobin, "A Survey on Architecture, Protocols and Challenges in IoT", Wireless Pers Commun 112, 1383-1429 (2020). https://doi.org/10.1007/s11277-020-07108-5 [DOI:10.1007/s11277-020-07108-5.]

2. [2] S. Vashi, J. Ram, J. Modi, S. Verma and C. Prakash, "Internet of Things (IoT): A vision, architectural elements, and security issues," 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), 2017, pp.492-496, doi: 10.1109/I-SMAC.2017.8058399. [DOI:10.1109/I-SMAC.2017.8058399]

3. [3] G. Choudhary and A. K. Jain, "Internet of Things: A survey on architecture, technologies, protocols and challenges," 2016 International Conference on Recent Advances and Innovations in Engineering (ICRAIE), 2016, pp. 1-8, doi:10.1109/ICRAIE.2016.7939537. [DOI:10.1109/ICRAIE.2016.7939537] [PMID]

4. [4] Y. Yan, Y. Qian, H. Sharif and D. Tipper, "A Survey on Smart Grid Communication Infrastructures: Motivations, Requirements and Challenges," in IEEE Communications Surveys & Tutorials, vol. 15, no. 1, pp. 5-20, First Quarter 2013, doi: 10.1109/SURV.2012.021312.00034. [DOI:10.1109/SURV.2012.021312.00034]

5. [5] S. Janardhana and M. S. Deekshit Shashikala, "Challenges of smart meter systems," 2016 International Conference on Electrical, Electronics, Communication, Computer and Optimization Techniques (ICEECCOT), 2016, pp. 78-82, doi: 10.1109/ICEECCOT.2016.7955189. [DOI:10.1109/ICEECCOT.2016.7955189]

6. [6] O. Ur-Rehman, N. Zivic and C. Ruland, "Security issues in smart metering systems," 2015 IEEE International Conference on Smart Energy Grid Engineering (SEGE), 2015, pp. 1-7, doi: 10.1109/SEGE.2015.7324615. [DOI:10.1109/SEGE.2015.7324615] [PMID]

7. [7] F. Farahani and F. Rezaei, "Implementing a Scalable Data Management System for Collected Data by Smart Meters,"2021 26th International Computer Conference, Computer Society of Iran (CSICC), 2021, pp. 1-5, doi: 10.1109/CSICC52343.2021.9420619. [DOI:10.1109/CSICC52343.2021.9420619] []

8. [8] X. Li, X. Liang, R. Lu, X. Shen, X. Lin and H. Zhu, "Securing smart grid: cyber attacks, countermeasures, and challenges," IEEE Communications Magazine, vol. 50, no. 8, pp. 38-45, August 2012, doi: 10.1109/MCOM.2012.6257525. [DOI:10.1109/MCOM.2012.6257525]

9. [9] B. Herzberg, D. Bekerman, and I. Zifman, "Breaking down mirai: An iot ddos botnet analysis," https://www.incapsula.com/blog/malware- analysis-miraiddos-botnet.html, october, 2016.

10. [10] Fortinet. 2021. What is the CIA Triad and Why is it important? [online] Available at: [Accessed 11 December 2021].

11. [11] K. Lounis and M. Zulkernine, "Attacks and Defenses in ShortRange Wireless Technologies for IoT," IEEE Access, vol. 8, pp. 88892-88932, 2020, doi: 10.1109/ACCESS.2020.2993553. [DOI:10.1109/ACCESS.2020.2993553]

12. [12] N. Mishra and S. Pandya, "Internet of Things Applications, Security Challenges, Attacks, Intrusion Detection, and Future Visions: A Systematic Review," IEEE Access, vol. 9, pp. 59353-59377, 2021, doi: 10.1109/ACCESS.2021.3073408. [DOI:10.1109/ACCESS.2021.3073408]

13. [13] O. Ur-Rehman and N. Zivic, "Secure Design Patterns for Security in Smart Metering Systems," 2015 IEEE European Modelling Symposium (EMS), 2015, pp. 278-283, doi:10.1109/EMS.2015.49. [DOI:10.1109/EMS.2015.49]

14. [14] Kaspersky (2019). What Is a Replay Attack? [online] Available at: https://www.kaspersky.com/resourcecenter/definitions/replay-attack [Accessed 3 Feb. 2022].

15. [15] W. Wang and Z. Lu, "Cyber security in the Smart Grid: Survey and challenges", Computer Networks, 57, 1344-1371.10.1016/j.comnet.2012.12.017. [DOI:10.1016/j.comnet.2012.12.017]

16. [16] F. Aloul, A. R. Al-Ali, R. Al-Dalky, M. Al-Mardini, and W. El-Hajj, "Smart Grid Security: Threats, Vulnerabilities and Solutions," International Journal of Smart Grid and Clean Energy, 1, 1-6. 10.12720/sgce.1.1.1-6. Volume 15- Number 4 - 2023 (32 -40) 39 [DOI:10.12720/sgce.1.1.1-6]

17. [17] Y. Lee, E. Hwang and J. Choi, "A Unified Approach for Compression and Authentication of Smart Meter Reading in AMI," IEEE Access, vol. 7, pp. 34383-34394, 2019, doi:10.1109/ACCESS.2019.2903574. [DOI:10.1109/ACCESS.2019.2903574]

18. [18] Security guide for Industrial Protocols Smart Grid. (n.d.). [online] Available at: https://www.incibecert.es/sites/default/files/contenidos/guias/doc/incibecert_guide_protocols_smart_grid_2017_v2.pdf.

19. [19] Django, L. (n.d.). Django Best Practices: Security. [online] learndjango.com. Available at: https://learndjango.com/tutorials/django-best-practicessecurity [Accessed 8 Feb. 2022].

20. [20] Hamza Khan (2014). What is SSL? - SSL.com. [online] Available at: https://www.ssl.com/faqs/faq-what-is-ssl/.

Send email to the article author

Rights and permissions
	This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

Principal Contact