Applying a Security Kernel Framework to Smart Meter Gateways

Michael Gröne, Marcel Winandy

ISSE 2012 Securing Electronic Business Processes, Highlights of the Information Security Solutions Europe 2012 Conference, pp. 252-259, Springer Vieweg, 2012.


New challenges for the electrical grid need complex IT systems and networking of most of all entities in today’s power grid. Smart grids are a heavily discussed topic in the European Union and many other countries. Smart Meter Systems are going to be deployed worldwide. However, due to their complex- ity and interconnectivity, they have to deal with strict security and privacy requirements. As a result, German regulatory bodies decided a proactive approach and developed a protection profile for Com- mon Criteria evaluation, i.e., specifying explicitly security requirements for gateway components. We describe the challenges and requirements that have to be fulfilled to build a smart meter gateway according to the BSI protection profile in Germany. Moreover, we present and discuss a modular secu- rity framework approach that can be used to realize such gateways in order to fulfill the requirements of the protection profile. This security framework is based on a security kernel approach that has been developed within various other projects. The proposed security kernel framework offers a solution to meet these security requirements while keeping the architecture modular and flexible to be used for other implementations as well. As it can be used to realize various security architectures – ranging from desktops to mobile devices – our framework may also be suitable to be adapted to other smart meter gateway designs, not only for Germany.

tags: security architecture, Security Kernel, smart meter gateway