Protecting Sensitive Networked Embedded Systems from Aggressive Intrusion
A good illustrative design example makes it easier to identify security requirements and implementation options for networked embedded systems. A pervasive element of the Smart Grid energy management and distribution system is the Smart Energy Meter and Controller. These devices measure energy consumption at the customer (or even equipment level in large installations), so that the distribution control system can determine energy use requirements. Energy delivery can then be optimized, via the attached Smart Energy Controller, based on current and predicted requirements taking into account factors like weather, time of day, day of week or even building occupancy levels. A networked system is necessary to transmit and receive measured data and control information. Unfortunately these types of networked embedded systems can also be the targets of malicious hackers (using advanced attacks like the so-called Stuxnet computer worm). A block diagram of a typical Smart Energy Meter and Controller is shown in Figure 1, below.
Figure 1. Example Smart Energy Meter and Control System
The System and Interface Controller manages the entire Smart Energy Meter and Controller system and communicates to the Energy System Aggregator (a communications hub for the Smart Energy Network) via a wireless module. The System Controller manages the system power supply to monitor and regulate power to the system board. It communicates via a SPI bus to the Power Controller, which modulates power delivery to the variety of equipment in the installation. Typical equipment might include heating, ventilation and air conditioning, lighting, process control or even equipment racks. A SPI bus is also used to communicate to the Power Meter that monitors power use, building sensors and environmental conditions. This information is used by the local controller to manage power but is also sent to a central Energy Grid controller to help optimize energy deliver for the entire grid.