DLMS/COSEM Security Level Enhancement to Construct
Secure Advanced Metering Infrastructure
Jaeduck Choi
The Attached Institute of ETRI
P.O. Box 1
Yuseong, Daejeon
cjduck@ensec.re.kr
ABSTRACT
This paper proposes an authentication and key management
framework to strengthen the security level of the advanced metering
infrastructure based on the DLMS/COSEM standard. The current
DLMS/COSEM standard does not specify detailed secret key
generation and distribution procedures, which induce a critical
issues regarding interoperability in secure communication among
AMI devices. Moreover, the protocol suffers from a key distribution
problem, which can expose a session secret key supposed to be
shared only by two devices to a third party node. The basic ideas are
that smart meters and data collection systems perform the
authentication and key exchange with AMI server using existing
Extensible Authentication Protocol (EAP) standard, and
DLMS/COSEM secret keys are created and shared securely using
pre-formed secure channels. We show how the proposed framework
can be realized in advanced metering infrastructure using existing
standard protocols and provide preliminary security and
performance comparisons with the existing related proposals.
Categories and Subject Descriptors
D.4.6 [Security and Protection]
General Terms
Standardization
Keywords
DLMS/COSEM, AMI, Authentication, Key Management
1. INTRODUCTION
In order to achieve successful Smart Grid construction and
operation, several initiatives to ensure the interoperability and
security issues have been conducted over the past few years,
addressing communication technologies, information sharing, and
cyber security matters. For instance, Fan et al. [1] explore a
landscape of Smart Grid communication in order to address about
the challenges and opportunities of communications research
regarding Smart Grid and smart metering to accommodate the
Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that copies
bear this notice and the full citation on the first page. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior specific
permission and/or a fee. Request permissions from Permissions@acm.org.
SEGS'13, November 8, 2013, Berlin, Germany.
Copyright 2013 ACM 978-1-4503-2492-2/13/11…$15.00.
http://dx.doi.org/10.1145/2516930.2516949
11
Incheol Shin
The Attached Institute of ETRI
P.O. Box 1
Yuseong, Daejeon
icshin@ensec.re.kr
aforementioned areas. However, no fruitful harmonies on these
matters have been obtained yet. Especially, interoperability
problems associated with communication network security would
raise from different security specifications, implementations, and
device manufacturers even though the Smart Grid Interoperability
Panel (SGIP) in the NIST has devoted a significant amount of
efforts to ensure the interoperability including guidelines like [2].
Advanced Metering Infrastructure (AMI) is consisted of several
networks, such as Home Area Network (HAN), Neighborhood Area
Network (NAN), Wide Area Network (WAN) with utilization of
various types of wired or wireless communication technologies,
which enables to design highly flexible network architectures
between devices in the fields and control systems in the operation
center. Traditionally, not only utility companies but also other
nations have been employing own proprietary application level
protocols and standards for their power grid related networks, which
are not typically disclosed to the public or any other parties for
security reasons. Those facts and environments put tremendous
number of difficulties on interoperability issues in Smart Grid
communication. Furthermore, even the existing Smart Gird
standards have not specified the ways of authentication and secret
key management in detail.
Device Language Message Specification/Companion Specification
for Energy Metering (DLMS/COSEM, set as the IEC 62056
standards) protocol described in [3], a well-known AMI protocol in
some of European countries and Korea, has a problem in terms of
securing interoperability and safety in a secret key distribution
procedure. First, in the DLMS/COSEM, there is no detailed
procedure specified about neither how to create a master key to
encrypt global keys nor how to distribute it to a COSEM server.
Moreover, there is no specification about how a Central DCS (Data
Collection System) delivers global keys to a Concentrator. Finally,
there is security vulnerability in the key distribution procedure
because of which other devices in the Central DCS area can find the
dedicated encryption key used only between the DLMS/COSEM
clients and servers
A considerable number of authentication and key management
schemes have been introduced to provide end-to-end security
services between smart meters and AMI servers [4-6]. Kim et al.
proposed an authentication and key exchange protocol in AMI
networks [7]. In addition, there has been a literature designing a
framework for authentication and key management in AMI using
existing authentication protocols [8]. However, there might be a
computational overhead on the authentication procedures from
applying the existing schemes [4-7] to AMI systems employing
DLMS/COSEM, and [8] still embed interoperability issues from the
absences of detailed authentication and key management procedures.
This paper addresses security problems and interoperability issues in
the secret key distribution procedure in the DLMS/COSEM. While
in this paper we propose new DLMS/COSEM authentication and
key management schemes based on an Extensible Authentication
Protocol (EAP) framework [9] as solutions to these problems, to the
best of our knowledge, there has not been not only an investigation
extensive enough to point out security correlated interoperability
issues but also a comprehensive solutions to lift the security level of
AMI. The following are the holistic view of the proposed scheme:
(1) smart meters and DCSs perform the authentication and key
exchange processes with an AMI server. (2) DLMS/COSEM secret
keys are generated and distributed by a pre-formed secured channel
among the smart meter, the DCS, and the AMI server. This paper
details a series of secured procedures for generating and exchanging
secret keys in order to ensure interoperability and security on AMI
in which DLMS/COSEM protocol is applied.
The remainder of this paper is organized as follows. Section 2
discusses DLMS/COSEM security problems and the existing
authentication and key management schemes for AMI. We propose
an EAP-based DLMS/COSEM authentication and key management
framework and procedure in Section 3. Section 4 considers about
security and efficiency of the proposed scheme and Section 5
concludes this work.
2. Related Works
2.1 DLMS/COSEM (IEC 62056)
2.1.1 Preliminaries
The DLMS/COSEM protocol [3] is not only a next-generation
power metering communication protocol based on the IEC 62056
international standards, which are being planned to deploy for Smart
Grid in Europe and Korea currently but also a protocol for gas and
water control systems. Especially, the protocol has been expanding
its use gradually as a standard protocol for power metering
communication networks in Europe. The birth background of the
protocol is interoperability for efficient communication among
devices in electrical power systems, so that all devices equipped
with the standard would be able to communicate or exchange
messages without any other additional intermediate overhead
between them even from different manufacturers. The
administration over the DLMS/COSEM protocol has been shifted to
the Device Language Message Specification User Association
(DLMS UA) in which currently (as of March 2013), 258 members
have participated in the DLMS UA actively.
2.1.2 Security Features
DLMS/COSEM protocol provides a wide coverage over
specifications regarding metering communications including
securities on data access and transport. Most of all, data access
security contains the following three authentication modes: Lowest
Level Security (No Security), Low Level Security (LLS), and High
Level Security (HLS) [3].
• The “No Security” authentication mode is a type of mode by
which a client would collect data via accessing a server without
entering any authentication procedures.
• The “LLS” is a password-based one-way authentication mode in
which a server authenticates a client by verifying a password
submitted from a client.
12
• The “HLS” is a mutual authentication mode using a pre-shared
secret key and random value between a client and a server.
Second of all, the data transport security feature provides data
confidentiality and integrity for xDLMS Application Protocol Data
Units (APDU) between a client device and a server during
exchanging or communicating data process over networks as well as
presenting a procedure for secret key distribution used for data
protection.
Figure 1. DLMS/COSEM key sharing and setup
t t
Fig. 1 depicts the DLMS/COSEM key sharing and setup structure
according to the DLMS/COSEM system structure, and a secret key
used in DLMS/COSEM is generated and employed based on a
symmetric key concept. The classification and the definition of the
keys to be accommodated by their purposes are the following:
• A Master Key (MK) is a key to be configured in a COSEM server
and a Central DCS through a secured method in advance. This
key is to be employed for the procedure of encrypting GKs but
not shared by DCS that plays the role of a Concentrator.
• GKs, called Global Unicast Encryption Key, Global Broadcast
Encryption Key, and Authentication Key (Global), are created in
a Central DCS and transferred to a COSEM server after the
encryption through the AES-128 algorithm with the MK. Once
after receiving the GKs encrypted by the MK from the Central
DCS, the Concentrator transfers these GKs to the COSEM servers
associated with the Concentrator.
• DKs, called Dedicated (unicast) encryption keys, are created in the
Central DCS and the Concentrator, and the Application
Association Request (AARQ) APDU user-information field is
encrypted by the Global Unicast Encryption Key. Then, these
keys are transferred to each COSEM server in a corresponding
DCS.
2.2 DLMS/COSEM Security Analysis
The DLMS/COSEM standard does not specify detailed steps
regarding the way to distribute MKs and the GKs in the data
transport security specification. In other words, DLMS/COSEM
does not guide the design of a comprehensive security features or
procedures about how the MKs are to be created in the Central
DCS, how the keys are to be shared with a COSEM server.
Furthermore, DLMS/COSEM protocol has not even defined a set of
detailed key distribution procedures with respect to the GKs that are
to be shared between Central DCSs and Concentrators. This
standard might raise interoperability problems from the aspect of
communication security between device manufacturers producing
smart meters or DCS with implementation of the DLMS/COSEM
standards and power companies, which construct and operate the
AMI systems using the devices.
The procedure for the distribution of the DKs specified in the data
transport security of DLMS/COSEM is not secured but vulnerable.
For example, in DLMS/COSEM, the DKs are defined as ones that
are used for the encryption of unicast xDLMS APDU. That is, the
DKs are unique session secret keys between two communication
devices, which protect xDLMS APDU transmitted between a
COSEM client, Central DCS or Concentrator, and a COSEM server.
However, DKs are transmitted after being encrypted using a Global
Unicast Encryption Key that is shared among the Central DCS,
Concentrator and COSEM servers. It implies the fact that we lost
the role of the DKs as a unique session secret key between the
Central DCS and a COSEM server or between a Concentrator and a
COSEM server. Consequently, there embeds vulnerability that a
Concentrator and other COSEM servers can also decrypt the DKs
between the Central DCS and a COSEM server.
2.3 Existing Authentication Schemes for AMI
and Problem Statements
There are critical issues for employment of existing authentication
and key management techniques to AMI even though many have
been already introduced. Nabeel et al. proposed an approach based
on Physically Unclonable Functions (PUF) technology for
providing strong hardware based authentication of smart meters and
efficient key management between smart meters and the AMI server
[4]. Xia et al. proposed a secure key distribution for the smart grid
[5], and Nicanfar et al. proposed a smart grid authentication and key
management for unicast and multicast communications [6]. These
methods support the authentication and key exchange for
confidentiality and integrity between smart meters and AMI servers.
Although they are addressed a class of authentication techniques for
smart meters and servers in generalized AMI systems, they are not
applicable to the AMI employing DLMS/COSEM protocol. For
instance, it is feasible to use existing authentication technologies in
the network segments, such as smart meters-DCSs, DCSs-servers
and smart meters-servers, in DLMS/COSEM exploring AMI
respectfully. However, there might be computational overhead on
the requirement of performing the same authentication procedures in
each aforementioned network segments due to the duplicate
authentication architectures in each compartment of networks.
There has been literature about designing authentication protocols
with the consideration of overall AMI systems. Kim et al. proposed
a secure smart-metering protocol in which shared keys are
established among a smart meter, a DCS, and AMI server [7].
However, it is difficult to apply this scheme in an AMI system with
multiple different utilities due to their various authentication policies.
For instance, in the case of AMI networks shared by water, gas and
electricity utilities in order to boost the efficiency of resource
utilization, it is inevitable for DCSs to adopt the various
authentication schemes from individual utilities.
Das et al. studied an EAP based authentication and key
management framework for AMI systems in order to not only
simplify authentication procedures but also adopt various
authentication technologies [8]. It explained a unified key
management mechanism based on EAP, Protocol for Carrying
Authentication for Network Access (PANA), and Authentication,
Authorization, and Accounting (AAA) protocols, and integrated it
with an ANSI C12.22 based smart metering application. It is
feasible for AMI systems to adopt various authentication techniques
and minimize their duplicity at smart meters since the framework
facilitates EAP approach. However, a detailed key distribution
architecture that is fitted on the DLMS/COSEM protocol is still
required to resolve the interoperability.
13
Consequently, efficient and detailed authentication and key
management techniques are required to AMI systems employing
DLMS/COSEM.
3. Proposed Scheme
In this section, we propose an EAP-based DLMS/COSEM
authentication and key management procedure, which would
enhance the security level of current version of DLMS/COSEM,
and detailed illustration regarding the secure procedures for secret
key generation and distribution to resolve interoperability and
security issues is to be provided so as to construct the secure AMI
networks. The EAP is an authentication framework frequently
utilized for access authentication in wireless networks as described
in [9]. The proposed scheme can be studied by two different cases:
one in which a DCS, which plays the role of a Concentrator,
presents, and the other in which it does not present.
3.1 Basic Assumption and Idea
In this paper, we assume that a COSEM server and DCS perform
the Security Association (SA) with an AMI server. Security
association refers to an authentication and key exchange procedure
between two systems/devices. Because a non-repudiation service of
metering data is required in the case of a COSEM server, certificate-
based Transport Layer Security (TLS) authentication in [10] is
performed; on the other hand, a non-repudiation service is not
required in the case of DCS, and hence, pre-shared key-based TLS
in [11] is performed. If there are too many DCSs to be managed,
certificate-based TLS authentication can be conducted between
DCSs and an AMI server. The main idea of our scheme is to
generate and distribute a secret key between two DLMS/COSEM
communication devices using a secure channel built by the
authentication and key exchange processes that smart meters and
DCS conduct with an AMI server. The proposed scheme presents an
authentication and key management procedure, which can be
applied for the generation and sharing of MK, GKs, and DKs in the
DLMS/COSEM standard without any modifications of the
specification as far as possible by using the security association.
We redefine DLMS/COSEM keys and introduce our notations as
following:
• MK: a pre-shared master key between a central DCS (or
Concentrator) and AMI server
• MKTLS: a master key generated as a result of a TLS security
association between a central DCS (or Concentrator) and AMI
server
• SKTLS: a session key derived from MKTLS for encrypting key
materials between a central DCS (or Concentrator) and AMI
server
• EMSK: an extended master session key generated as a result of an
EAP-based security association between a COSEM server and
AMI server
• MKDLMS, GKsDLMS, DKDLMS: a traditional DLMS/COSEM keys
defined IEC 62056-5-3 standard
• EKDLMS: a encryption key for encrypting DKDLMS between a central
DCS (or Concentrator) and COSEM server
• Ek(m): a encryption function with a symmetric key k and a
message m
 COSEM Server Central DCS AMI Server

MKTLS TLS SA MKTLS

EAP-Request(ID)
EAP-Response(ID)

EAP Key EAP Key

EAP based Authentication
Establishment EAP over AAA (Diameter/RADIUS Establishment
(EAP-TLS, EAP-PKMv2 and etc.)
(EMSK) (EMSK)

EAP-Success{ESK_TLS(MKDLMS||EKDLMS)}
Store MKDLMS, EKDLMS
EAP-Success
Generate GKsDLMS, DKDLMS
Store GKsDLMS, {EMK_DLMS(GKsDLMS)||EEK_DLMS(DKDLMS)}
DKDLMS

Figure 2. DLMS/COSEM authentication and key distribution procedure (Case 1).

3.2 DLMS/COSEM Security Association with
Central DCS (Case 1)
The procedure for the authentication and key management of
DLMS/COSEM is shown in Fig. 2 for the case where DCS, which
performs the role of a Concentrator, does not present in the AMI.
First of all, the Central DCS performs authentication with the AMI
server in order to share the master key MKTLS, and the Central DCS
and the AMI server generate a Session Key SKTLS from MKTLS.
Second of all, the COSEM server performs EAP-based
authentication with the AMI server in order to share the Extended
Master Session Key (EMSK) as illustrated in [12]. The COSEM
server and the AMI server generate MKDLMS and EKDLMS from the
EMSK, where EKDLMS is used to encrypt DKDLMS. The master key
MKDLMS and dedicated keys DKDLMS are secret keys defined in the
DLMS/COSEM specification. The generation and the distribution
hierarchy of these secret keys are shown in Fig. 3.
COSEM Server Central DCS AMI Server
MKTLS MKTLS
TLS SA
SKTLS SKTLS
EMSK EMSK
EAP based SA
MKDLMS EKDLMS MKDLMS
MKDLMS, GKsDLMS, MKDLMS, GKsDLMS,
DLMS SA
DKDLMS, EKDLMS DKDLMS, EKDLMS
Figure 3. Hierarchical key structure for Case1.
The following is a detailed description of the procedure for the
DLMS/COSEM authentication and key exchange scheme.
Step 1. Once the EAP authentication procedure with the COSEM
server has completed successfully, the AMI server encrypts MKDLMS
and EKDLMS using SKTLS {ESK_TLS(MKDLMS||EKDLMS)} and sends the
EAP-Success message including the encrypted value to the Central
DCS.
Step 2. The Central DCS that received the EAP-Success message
decrypts MKDLMS and EKDLMS using SKTLS and stores. Further, the
Central DCS creates GKsDLMS and DKDLMS defined in the
DLMS/COSEM standards using a key generation function such as a
Pseudorandom Function (PRF). Then, GKsDLMS is encrypted using
MKDLMS, and DKDLMS is encrypted using EKDLMS, followed by
transferring them along with the EAP-Success message to the
COSEM server.
Step 3. The COSEM server decrypts GKsDLMS and DKDLMS using
MKDLMS and EKDLMS derived from the EMSK and stores them.
Once the authentication and key management procedure of
DLMS/COSEM has completed, the COSEM server and the Central
DCS can provide integrity and confidentiality with respect to
metering data according for the DLMS/COSEM standards
specification.
3.3 DLMS/COSEM Security Association with
Concentrator (Case 2)
Fig. 4 shows the authentication and key exchange procedure of
DLMS/COSEM when a DCS, which performs the role of a
Concentrator, presents in the AMI. TLS authentication is performed
between the Central DCS and the AMI server, and the Concentrator
and the AMI server, respectively, to generate MKTLS1 and MKTLS2.
Moreover, session keys SKs are generated from MKTLS1 and MKTLS2
as shown in Fig. 5. The COSEM server performs the EAP-based
authentication with the AMI server as shown in Case 1 to share the
EMSK, and generate MKDLMS and EKDLMS from the EMSK. The
EKDLMS
generation and distribution hierarchy of these secret keys are shown
in Fig. 5.
The following is a detailed illustration regarding a procedure for the
authentication and key exchange of DLMS/COSEM.
Step 1. Once the EAP authentication procedure with the COSEM
server has completed successfully, the AMI server encrypts MKDLMS
and EKDLMS using SK1TLS2 shared with the Concentrator and
encrypts SK2TLS2 using SKTLS1 shared with the Central DCS
{ESK1_TLS2(MKDLMS||EKDLMS)||ESK_TLS1(SK2TLS2)}. And then, the AMI
server sends the EAP-Success message including the encrypted key
materials to the Central DCS. Note that SK2TLS2 is used as a secret
key to deliver GKsDLMS, which is defined in the DLMS/COSEM
standards specification, between the Central DCS and the
Concentrator.
Step 2. The Central DCS that received the EAP-Success message
decrypts SK2TLS2 using SKTLS1. Then, the Central DCS generates
GKsDLMS, and the EAP-Success message including
ESK1_TLS2(MKDLMS||EKDLMS) and ESK2_TLS2(GKsDLMS) is transmitted to
the Concentrator.

14
 COSEM Server DCS(Concentrator)
MKTLS2
EAP-Request(ID)
EAP-Response(ID)
EAP Key
EAP based Authentication
Establishment
(EAP-TLS, EAP-PKMv2 and etc.)
(EMSK)
EAP-Success
{EMK_DLMS(GKsDLMS)||EEK_DLMS(DKDLMS)} Generate DKDLMS,
Store GKsDLMS,
DKDLMS
Figure 4. DLMS/COSEM authentication and key distribution procedure (Case 2).
Step 3. The Concentrator decrypts MKDLMS, EKDLMS, and GKsDLMS
using SK1TLS2 and SK2TLS2 and stores them. Then, the Concentrator
generates DKDLMS shared with the COSEM server, and encrypts
GKsDLMS and DKDLMS using MKDLMS and EKDLMS, respectively,
followed by transferring them along with the EAP-Success message
to the COSEM server.
Step 4. The COSEM server decrypts GKsDLMS and DKDLMS using
MKDLMS and EKDLMS derived from the EMSK and stores them as
shown in Case 1.
Figure 5. Hierarchical key structure for Case2.
4. Security and Performance Considerations
4.1 Security Considerations
The proposed scheme provides integrity, confidentiality, and a non-
repudiation service essentially required for metering data. For
instance, our approach to enhance the distributes GKsDLMS and
DKDLMS securely between the COSEM server and the DCS in order
to guarantee the integrity and confidentiality of the DLMS APDU
by using the EMSK generated between the COSEM server and the
AMI server. Further, a signature value for metering data was
generated in the COSEM server and verified at the AMI server by
providing a certificate-based authentication procedure between the
COSEM server and the AMI server. This can solve billing-related
disputes between power consumers and providers when the power
bill is issued on the basis of a metering value generated in the
COSEM server.
The proposed key management scheme provides a secure DKDLMS
distribution method, which should be shared uniquely between the
COSEM server and the Concentrator or the COSEM server and the
Central DCS AMI Server
MKTLS1 TLS1 SA MKTLS1
TLS2 SA MKTLS2
EAP Key
EAP over AAA (Diameter/RADIUS Establishment
(EMSK)
EAP-Success
{ESK1_TLS2(MKDLMS||EKDLMS)||ESK_TLS1(SK2TLS2)}
EAP-Success Decrypt SK2TLS2
{ESK1_TLS2(MKDLMS||EKDLMS)||ESK2_TLS2(GKsDLMS)} Generate GKsDLMS
Store MKDLMS, EKDLMS, GKsDLMS
Central DCS. In the conventional DLMS/COSEM standards,
DKDLMS might be exposed to third party devices located in the
Central DCS domain. However, the proposed scheme generated
EKDLMS to be delivered by encrypting DKDLMS using the EMSK
generated by the result of the EAP authentication process between
the COSEM server and the AMI server. The EMSK is a unique
cryptographic key generated between the COSEM server and the
AMI server. Hence, EKDLMS derived from the EMSK is also a unique
key between the COSEM server and the AMI server. That is, since
each COSEM server generates a unique EKDLMS from EMSK, the
DKDLMS can be securely distributed between the COSEM server and
DCS.
The DCS in the proposed scheme can carry out a network access
control function because the proposed scheme also applies the EAP
framework. In Case 1 of the proposed scheme, the COSEM server
acts as an EAP Peer and the Central DCS acts as an EAP
Authenticator while the AMI server performs the role of an
Authentication Server. In Case 2 of the proposed scheme, the
Concentrator acts as an EAP Authenticator while the Central DCS
plays the role of Relay. The COSEM server and the AMI server act
as the EAP Peer and the Authentication Server, respectively, as in
Case 1. Therefore, the Concentrator or the Central DCS can block
non-authorized traffic introduced to the AMI and the AMI access
attempts by the non-authorized nodes, thereby contributing to secure
AMI construction and operation.
4.2 Performance Considerations
The proposed scheme simplifies the security association procedure
that is performed between the COSEM server and a DCS. The
COSEM server needs not only a security association (DLMS SA)
with a DCS for protection of DLMS APDU but also a security
association (EAP SA) for managed object registered in power
operation companies. A security association (TLS SA) between
DCS and the AMI server is also required to protect a power-related
monitoring and control services. The proposed scheme assumes that
the security association between the AMI server and the COSEM
server, or the AMI server and the DCS, is the minimum security
association procedure (EAP SA and TLS SA). On the basis of this
assumption, security association is formed between the COSEM
server and the DCS (Concentrator or Central DCS) or between
DCSs. This can reduce the burden of a security association
procedure in the COSEM server and the DCS, thereby contributing
to the efficient AMI construction.
15
The proposed EAP-based framework is a structure that can accept
various authentication protocols including those that are currently
used and those that will be developed in the future for the AMI relay
system, such as the DCS. AMI can be used for a communication
network shared by various power companies for power metering
data monitoring. It can be also used for a communication network
for collecting gas and water metering data in gas and water
companies. For such cases, the DCS, which is an AMI relay system,
should take authentication policies of various power, gas, and water
companies into consideration. The proposed EAP-based
authentication framework can bring about a reduction in cost
because of the application of various authentication protocols in the
DCS for smart meters, gas meters, and water meters.
The proposed scheme employed an EAP-based authentication
framework, thereby presenting an authentication and key
management procedure for not only the sections between the smart
meters and he DCS but also the entire AMI section, including the
AMI servers. This paper described in detail reliable authentication
and key management procedures required for an AMI environment
where DLMS/COSEM was applied as well as the minimizing of the
authentication and key exchange procedure.
6. ACKNOWLEDGMENTS
This work was supported by the Power Generation & Electricity
Delivery of the KETEP grant funded by the Korea government
Ministry of Trade, Industry and Energy (No. 2012101050004A).

4.3 Comparisons 7. REFERENCES

This section illustrates the comparison between the proposed
[1] Fan, Z., Kulkarni, P., Gormus, S., Efthymiou, C., Kalogridis,
scheme and existing approaches in the AMIs facilitating
G., Sooriyabandara, M., Zhu, Z., Lambotharan, S., and Chin,
DLMS/COSEM protocol in the viewpoint of security, the number of
W. 2013. Smart Grid Communications: Overview of Research
authentication procedure, and scalability. The dedicated key
Challenges, Solutions, and Standardization Activites. IEEE
exposure problem in the DLMS/COSEM protocol might be
Communications Surveys & Tutorials. 15, 1 (First Quarter
prevented using existing and our approach. The interoperability
2013), 21-38.
issues of the DLMS/COSEM security could be resolved from the
detailed key distribution methods designed by [4-7] and our scheme, [2] NIST. 2012. NIST Framework and Roadmap for Smart Grid
but Das’s scheme [8] still embeds the issues due to the absence of Interoperability Standards Release 2.0.
detailed one. There is computational overhead for the duplicate [3] IEC 62056-5-3 Electricity Metering Data Exchange-
authentication procedures in terms of performance, but Das’s and DLMS/COSEM Suite Part 5-3: DLMS/COSEM Application
our scheme maintain the reduced number of authentication Layer. 2011.
procedures by the employment of EAP based authentication
framework. Moreover, they are beneficial to adopt various [4] Nabeel, M., Kerr, S., Ding, X., and Bertino, E. 2012.
authentication policies. Authentication and Key Management for Advanced Metering
Infrastructures Utilizing Physically Unclonable Functions. In
Table 1. Comparisons of security and performance Proceedings of the IEEE SmartGridComm (Tainan, Taiwan,
Security Performance November 5-8, 2012).
No detailed key - SM: 1, DCS: 1, AMI [5] Xia, J. and Wang, Y. 2012. Secure Key Distribution for the
DLMS
distribution procedures, server: N/A (# of Smart Grid, IEEE Transactions on Smart Grid, 3, 3
Security
Dedicated key exposure authentication (September 2012), 1437-1443.
[3]
problem procedure) [6] Nicanfar, H., Jokar, P., and Leung, Victor C.M. 2011. Smart
- SM: 2, DCS: 2, AMI Grid Authentication and Key Management for Unicast and
DLMS
Secure and detailed key server: 2 Multicast Communications. In Proceedings of the IEEE PES
Security
management procedures - Hard to adopt various Innovative Smart Grid Technologies - Asia, (Perth, Australia,
+ [4,5,6]
authentication policies November 13-16, 2011). 1-8.
- SM: 1, DCS: 2, AMI
DLMS [7] Kim, S., Kwon, E. Y., Kim, M., Cheon, J. H., Ju, S., Lim, Y.,
Secure and detailed key Server: 2
Security and Choi, M. 2011. A Secure Smart-Metering Protocol over
management procedures - Hard to adopt various
+ [7] Power-Line Communication, IEEE Transactions on Power
authentication policies
- SM: 1, DCS: 1 , AMI Delivery, 26, 4 (October 2011), 2370-2379.
Secure key management
DLMS server: 1 [8] Das, S., Ohba, Y., Kanda, M., Famolari, D., and Das, S. K.
framework without
Security - Feasible to adopt 2012. A Key Management Framework for AMI Networks in
detailed management
+ [8] various authentication Smart Grid, IEEE Communications Magazine, 50, 8 (August
procedures
policies 2012), 30-37.
- SM: 1, DCS: 1 , AMI [9] Aboba, B., Blunk, L. K., Vollbrecht, J. R., Carlson, J., and
DLMS
server: 1 Levkowetz, H. Extensible Authentication Protocol (EAP),
Security Secure and detailed key
- Feasible to adopt IETF RFC 3748.
+ our management procedures
various authentication
scheme [10] Dierks, T. and Rescorla, E. Transport Layer Security Protocol
policies
Version 1.2, IETF RFC 5246.
[11] Eronen, P. and Tschofenig, H. Pre-shared Key Ciphersuites for
5. Conclusion Transport Layer Security (PSK-TLS). IETF RFC 4279.
In this paper, concerns related to interoperability and key
distribution problem with respect to the communication security of [12] Aboba, B., Simon, D., and Eronen, P. EAP Key Management
DLMS/COSEM were raised, and an authentication and key Framework, IETF RFC 5247.
management framework was proposed to address these concerns.

16