System and method for grid based cyber security

US 9,059,842 B2
Filed: 06/11/2012
Issued: 06/16/2015
Est. Priority Date: 06/09/2011
Status: Active Grant

First Claim

Patent Images

1. A method for the establishment and maintenance of secure communications paths, comprising the steps of:

providing an intelligent communicating device at or near the edge of an electrical distribution grid, wherein the intelligent communicating device uses the electrical distribution grid as a transmission medium;

providing, at a substation, a receiver capable of inferring a grid location of a device associated with the intelligent communicating device, wherein said inferring uses an electrical phase and an electrical feeder upon which a signal was received by said receiver;

requesting, by the device, a secure communications path, session, or permission to perform a secured operation; and

granting Keys and Key Tokens based upon the grid location of the device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing a secure communication network using an electrical distribution grid is disclosed. A device connected to the electrical distribution grid initiates a request for a secured key token by signaling an intelligent communicating device residing at or near an edge of the grid. The intelligent communicating device forwards the request to a receiver at a distribution substation on the electrical grid. This receiver enhances the properties of the request such that a grid location for the request can be inferred. The enhanced request is forwarded to a server at the distribution substation, which compares the request grid location to a Grid Map and Policies of known secure grid locations. Any inconsistencies between the grid location inferred from the enhanced request and the Grid Map and Policies locations are considered evidence of tampering, and the server rejects the request.

Citations

64 Claims

1. A method for the establishment and maintenance of secure communications paths, comprising the steps of:
- providing an intelligent communicating device at or near the edge of an electrical distribution grid, wherein the intelligent communicating device uses the electrical distribution grid as a transmission medium;
  
  providing, at a substation, a receiver capable of inferring a grid location of a device associated with the intelligent communicating device, wherein said inferring uses an electrical phase and an electrical feeder upon which a signal was received by said receiver;
  
  requesting, by the device, a secure communications path, session, or permission to perform a secured operation; and
  
  granting Keys and Key Tokens based upon the grid location of the device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 2. The method of claim 1, wherein the device granted one or more Keys and Key Tokens is at a fixed location.
  - 3. The method of claim 1, wherein the device granted one or more Keys and Key Tokens is mobile and may be at a different location each time a Key and Key Token is granted.
  - 4. The method of claim 1, wherein the device is required to remain at the location where the Key and Key Token were granted for the duration of the secured communications path, session, or secured operation.
  - 5. The method of claim 4, wherein the secured communications path, session, or secured operation is cancelled, deleted, erased, or otherwise destroyed if the device is detected to have been removed from the location where the Key and Key Token were granted.
  - 6. The method of claim 4, where the continued presence of the device at the required location is established by means of a software program on the device that communicates over the power grid with the intelligent communicating device, wherein the intelligent communicating device is at the location'"'"'s service transformer or electrical meter.
  - 7. The method of claim 1, wherein some sites within a building, structure, or location are authorized locations for the granting of a Key and/or Key Token, and other sites are not authorized.
  - 8. The method of claim 7, wherein a single intelligent communicating device communicates with both authorized and unauthorized sites within a Building, Structure, or Location, or with a plurality of Buildings, Structures, or Locations, wherein some of the plurality of buildings, structures, or locations are authorized and some are not.
  - 9. The method of claim 8, wherein the intelligent communicating device distinguishes between authorized and unauthorized sites by means of a grid-location-aware addressing mechanism associated with individual electrical outlets or jacks with the Building, Structure, or Location.
  - 10. The method of claim 1, further comprising establishing and supporting multiple simultaneous secure communications paths, sessions, or permissions for secured operations.
  - 11. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a single intelligent communicating device.
  - 12. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of intelligent communicating devices.
  - 13. The method of claim 10, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of Servers and Receivers at a multiplicity of substations.
  - 14. The method of claim 1, wherein the Key and the Key Token are distributed to the requesting devices over distinct communication paths.
  - 15. The method of claim 14, wherein the Key required to decrypt the Key Token reaches the requesting device by means of a combined communications path comprising multiple segments, wherein at least one segment of said path is the electrical distribution grid.
  - 16. The method of claim 14, wherein the Key required to decrypt the Key Token reaches the requesting device by means of a combined communications path comprising multiple segments, wherein at least one segment of said path is a medium-voltage (>
    - 1 KV) or high-voltage segment of the electrical distribution grid.
  - 17. The method of claim 1 wherein the request by the device for a Key Token travels over a combined communication path comprising multiple segments, wherein at least one segment is a medium-voltage (>
    - 1 KV) or high voltage segment of the electrical distribution grid.
  - 18. The method of claim 1 wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the request for the Key Token traveled from the device to the Key Distribution Server.
  - 19. The method of claim 1 wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the decryption Key reached the device.
  - 20. The method of claim 1 wherein the Key Token contains an encryption key, authorizes the encryption of data residing on the server, and authorizes the writing of the encrypted data onto a removable storage medium attached to the device.
  - 21. The method of claim 13 where the multiplicity of Servers and Receivers process requests from devices located in buildings serviced by a multiplicity of utilities.
  - 22. The method of claim 20, where the resulting encrypted medium can only be read at the encryption site.
  - 23. The method of claim 20, where the device reading the encrypted medium can be a device other than the device that wrote the encrypted medium.
  - 24. The method of claim 20, wherein the resulting encrypted media can be read at other locations than the encryption site.
  - 25. The method of claim 20, wherein the resulting encrypted media can be read at locations other than the encryption site, provided that the other locations contain an intelligent communicating device capable of forwarding a request to the key distribution server which holds the secret to decrypting the media, and where said key distribution server grants said request and provides the decryption secret to the requesting device based on grid location.
  - 26. The method of claim 20, wherein the device that writes the encrypted medium is not attached to any conventional network, but is attached to the electrical distribution grid.
  - 27. The method of claim 1, further comprising requiring the device carrying out a secured session or operation to remain connected to a power source for the duration of said session or operation.
  - 28. The method of claim 1, further comprising requiring the device carrying out a secured session or operation to remain in communication with its authorizing intelligent communicating device for the duration of said session or operation.
  - 29. The method of claim 1, further comprising invalidating the outcome of the secured session or operation and declaring the secured session or operation to be untrustworthy if a device carrying out a secured session or operation is disconnected from its power source and/or loses communication with its authorizing intelligent communicating device.
  - 30. The method of claim 1, further comprising, if the intelligent communicating device loses electrical power while authorization requests or timed secured sessions or operations which it has authorized are incomplete, invalidating and declaring to be untrustworthy all incomplete requests, sessions, or operations upon recovery.
  - 31. The method of claim 1 further comprising, if an inferred Grid Location of a requesting intelligent communicating device is inconsistent with a Grid Map, refusing the request as invalid or untrustworthy.
  - 32. The method of claim 8, further comprising the intelligent communicating device distinguishing between authorized and unauthorized sites by means of a grid-location addressing mechanism associated with a communicating device attached to an electrical meter at each site.

33. A system for the establishment and maintenance of secure communications paths, comprising:
- an electrical distribution grid comprising at least one distribution substation;
  
  an intelligent communicating device located at or near the edge of an electrical distribution grid, wherein the intelligent communicating device uses the electrical distribution grid as a transmission medium;
  
  a server located at the distribution substation;
  
  a receiver connected to the server at the substation;
  
  a Key distribution server in bidirectional communication with the server located at the distribution substation; and
  
  a device associated with the intelligent communicating device, wherein a location of the device on the electrical distribution grid is inferred by a receiver at the distribution substation wherein said inferred uses an electrical phase and an electrical feeder upon which a signal was received by said receiver, and wherein the requesting device requests a secure communications path, session, or permission to perform a secured operation; and
  
  wherein the Key distribution server grants Keys and Key Tokens to the device based upon the grid location of the device.
- View Dependent Claims (34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64)
- - 34. The system of claim 33, wherein the device granted one or more Keys and Key Tokens is at a fixed location.
  - 35. The system of claim 33, wherein the device granted one or more Keys and Key Tokens is mobile and is at a different location each time a Key and Key Token is granted.
  - 36. The system of claim 33, wherein the device is required to remain at the location where the Key and Key Token were granted for the duration of the secured communications path, session, or secured operation.
  - 37. The system of claim 36, wherein the secured communications path, session, or secured operation is cancelled, deleted, erased, or otherwise destroyed if the device is detected to have been removed from the location where the Key and Key Token were granted.
  - 38. The system of claim 36, further comprising a software program residing on a computer readable medium of the device and a communications interface at the device, wherein the software program communicates with the intelligent communicating device over the power grid through the communication interface to establish the continued presence of the device at the required location.
  - 39. The system of claim 33, wherein the device is present at a building, structure, or location, and wherein some sites within the building, structure, or location are authorized locations for the granting of a Key and/or Key Token, and other sites are not authorized.
  - 40. The system of claim 39, wherein a single intelligent communicating device communicates with both authorized and unauthorized sites within a Building, Structure, or Location, or with a plurality of Buildings, Structures, or Locations, wherein some of the plurality of buildings, structures, or locations are authorized and some are not.
  - 41. The system of claim 40, wherein the intelligent communicating device distinguishes between authorized and unauthorized sites by means of a grid-location-aware addressing mechanism associated with individual electrical outlets or jacks with the Building, Structure, or Location.
  - 42. The system of claim 33, further comprising multiple secure communications paths, sessions, or permissions for secured operations.
  - 43. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a single intelligent communicating device.
  - 44. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of intelligent communicating devices.
  - 45. The system of claim 42, wherein the multiple secure communications paths, sessions, or permissions for secured operations are established for a multiplicity of different devices communicating via a multiplicity of Servers and Receivers at a multiplicity of substations.
  - 46. The system of claim 33, further comprising distinct communication paths over which the Key and the Key Token are distributed to the requesting devices.
  - 47. The system of claim 46, wherein the distinct communication paths comprise a combined communication path of multiple segments, and wherein at least one segment of said combined communication path is the electrical distribution grid.
  - 48. The system of claim 46, wherein the distinct communication paths comprise a combined communication path of multiple segments, and wherein at least one segment of said combined communication path is a medium-voltage (>
    - 1 KV) or high-voltage segment of the electrical distribution grid.
  - 49. The system of claim 33, further comprising a combined communication path comprising multiple segments over which the request from the device travels, wherein at least one segment is a medium-voltage (>
    - 1 KV) or high voltage segment of the electrical distribution grid.
  - 50. The system of claim 33, wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the request for the Key Token traveled from the device to the Key Distribution Server.
  - 51. The system of claim 33, wherein, if the Key Token authorizes the creation of a secure communications path or session, said secure communications path or session uses a distinct communication path from the path over which the decryption Key reached the device.
  - 52. The system of claim 33, wherein the Key Token contains an encryption key, authorizes the encryption of data residing on the server, and authorizes the writing of the encrypted data onto a removable storage medium attached to the device.
  - 53. The system of claim 45, wherein the multiplicity of Servers and Receivers process requests from devices located in buildings serviced by a multiplicity of utilities.
  - 54. The system of claim 52, wherein the resulting encrypted medium can only be read at the encryption site.
  - 55. The system of claim 52, wherein the device reading the encrypted medium can be a device other than the device that wrote the encrypted medium.
  - 56. The system of claim 52, wherein the resulting encrypted media can be read at other locations than the encryption site.
  - 57. The system of claim 52, wherein the resulting encrypted media can be read at locations other than the encryption site, provided that the other locations contain an intelligent communicating device capable of forwarding a request to the key distribution server which holds the secret to decrypting the media, and where said key distribution server grants said request and provides the decryption secret to the requesting device based on grid location.
  - 58. The system of claim 52, wherein the device that writes the encrypted medium is not attached to any conventional network, but is attached to the electrical distribution grid.
  - 59. The system of claim 33, wherein the device carrying out a secured session or operation remains connected to a power source for the duration of said session or operation.
  - 60. The system of claim 33, wherein the device carrying out a secured session or operation remains in communication with its authorizing intelligent communicating device for the duration of said session or operation.
  - 61. The system of claim 33, wherein the outcome of the secured session or operation and is invalidated and declared untrustworthy if a device carrying out a secured session or operation is disconnected from its power source and/or loses communication with its authorizing intelligent communicating device.
  - 62. The system of claim 33, wherein, if the intelligent communicating device loses electrical power while authorization requests or timed secured sessions or operations which it has authorized are incomplete, invalidating and declaring to be untrustworthy all incomplete requests, sessions, or operations upon recovery.
  - 63. The system of claim 33, further comprising a Grid Map, and wherein, if an inferred Grid Location of a requesting intelligent communicating device is inconsistent with the Grid Map, refusing the request as invalid or untrustworthy.
  - 64. The system of claim 33, further comprising the intelligent communicating device distinguishing between authorized and unauthorized sites through a grid-location addressing mechanism associated with a communicating device attached to an electrical meter at each site.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dominion Enterprises (Landmark Media Enterprises LLC), TRC Companies Incorporated
Original Assignee
Dominion Enterprises (Landmark Media Enterprises LLC), Astrolink International Llc (Qurate Retail Group (f/k/a Liberty Interactive Corporation))
Inventors
Bernheim, Henrik F., Martin, Marcia Reid, Berens, Steven J., Loporto, John J., Niemann, Theodore V.
Primary Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US13/493,983
Publication Number

US 20120314868A1
Time in Patent Office

1,100 Days
Field of Search

None
US Class Current

1/1
CPC Class Codes

G05F 1/66   Regulating electric power

H04B 2203/5433   Remote metering

H04B 3/54   Systems for transmission vi...

H04L 63/0428   wherein the data content is...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/107   wherein the security polici...

H04L 9/006   involving public key infras...

H04L 9/0827   involving distinctive inter...

H04L 9/083   involving central third par...

H04L 9/0844   with user authentication or...

H04L 9/0861   Generation of secret inform...

H04L 9/0872   using geo-location informat...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3234   involving additional secure...

H04L 9/3247   involving digital signatures

Y04S 40/20   Information technology spec...

System and method for grid based cyber security

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

64 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for grid based cyber security

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

64 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links