Smart metering and smart monitoring systems Chapter  2 87


                Authorization enables users, customers and devices to get right to access
             specific resources and applications. The authorization control ensures pre-
             vention of intentional attacks targeting system security and unauthorized
             intrusions to the system. The authorization process is accomplished by
             assigning specified roles to user types, devices, and several different privi-
             leges are set. The AMI infrastructure will be exposed to violating attacks in
             case of authorization control lacks. The digital certificates, PKI, and AES
             algorithms can be used for authorizing users and devices through AMI sys-
             tem [5, 18, 19].
                The major vulnerabilities of AMI system are listed as unencrypted area net-
             work traffic, bus sniffing, tampering, improper cryptography, denial-of-service
             (DoS) attacks, and authentication weakness.


             2.4.2.2  Security threats of AMI networks
             The security threats targeting AMI networks are investigated regarding to each
             network layer in seven-layer OSI model as a communication network. There-
             fore, the layer attacks are listed as physical layer attacks, link layer attacks, net-
             work layer attacks, transport layer attacks, application layer attacks besides IP
             based and other specific attacks. PHY attacks include tampering, damaging or
             breaking down of metering device and AMI infrastructure. These threats can be
             coped with tamper resistant and damage-free devices transmitting alerts and
             alarms during intrusion detection.
                The link layer enables multicasting by allowing nodes to connect and dis-
             connect to network, and security is enhanced by this way. MAC protocols
             are in charge for channel allocating and deploying available resources to nodes.
             The MAC layer attacks and intrusions are prevented by specified protocols that
             are operating identification filtering. The network layer attacks mostly target
             traffic flow by changing routing tables that are required to deliver transmitted
             message to destinations. The attacker changes routing table to change original
             traffic flow to a specific route and then generates modified message or informa-
             tion to cause traffic jam. The major network layer attacks include DoS attacks,
             routing black holes, and wormholes. The DoS attacks aim to cause disturbances
             on network traffic and eavesdropping on transmitted data. The routing black
             holes are based on hacking a single node and then directing all network traffic
             to hacked node. The wormholes target to create tunneling to change network
             direction to enable attacker to monitor network traffic. The IP is responsible
             to sustain confidentiality and authorization in smart grid communication net-
             works. Therefore, cyber-attacks against confidentiality target IP stacks for
             spoofing, convergence and spying. Transport layer attacks are like IP attacks
             since it is managed by TCP and UDP protocols. The security of AMI networks
             can be ensured by use of data encryption methods as discussed earlier. The data
             encryption is performed by using symmetric or asymmetric key cryptography
             that transmitter and receiver uses the same key in symmetric cryptography