A Lightweight Scheme to Authenticate and Secure the Communication in Smart Grids

: Self-reconﬁguration in electrical power grids is a signiﬁcant tool for their planning and operation during both normal and abnormal conditions. The increasing in employment of Intelligent Electronic Devices (IEDs), as well as the rapid growth of the new communication technologies have increased the application of Feeder Automation (FA) in Distribution Networks (DNs). In a Smart Grid (SG), automation equipment, such as a Smart Breaker (SB), is used. Using either a wired or a wireless network or even a combination of both, communication between the Control Center (CC) and SBs can be made. Nowadays, wireless technology is widely used in the communication of DNs. This may cause several security vulnerabilities in the power system, such as remote attacks, with the goal of cutting off the electrical power provided to signiﬁcant consumers. Therefore, to preserve the cybersecurity of the system, there is a need for a secure scheme. The available literature investments proposed a heavyweight level in security schemes, while the overhead was not considered. To overcome this drawback, this paper presents an efﬁcient lightweight authentication mechanism with the necessary steps to ensure real-time automatic reconﬁguration during a fault. As a ﬁrst stage, authentication will be made between CC and SB, SB then sends the information about its status. To ensure the integrity of the authentication exchange, a hash function is used, while the symmetric algorithm is used to ensure privacy. The applicability of the suggested scheme has been proved by conducting security performance and analysis. The proposed scheme will be injected on ABB medium voltage breaker with the REF 542 plus controller. Therefore, the probable beneﬁt of the suggested scheme is the contribution to provide more ﬂexibility for electrical utilities in terms of reducing the overall computational overhead and withstanding to various types of attacks, while also opening new prospects in FA of SGs.


Introduction
A topic that is currently being frequently discussed is how the electrical power networks will be designed in the future. Nowadays, many application fields have rapidly grown in their technological evolution, including power systems. With the benefits of IEDs and communication networks, the FA system in DNs can easily be applicable. Therefore, the electrical distribution grid recently witnessed Reference [20] presented several types of schemes and protocols; they proposed a mutual authentication scheme for a Smart Meter (SM) to solve the challenges in SGs. In Reference [21], a scheme to address mutual authentication and to prevent several types of attacks between SG utility networks and SMs was presented. Also, the authors proposed a new protocol for key management to secure data among the utility server and the SMs. The Wide Area Measurement Systems (WAMS) offer a time-synchronized assessment of the situations for electrical power networks over a large geographical area. The WAMS Key management (WAKE) scheme was proposed for securing communications in WAMS [22]. The proposed authentication scheme employed a symmetric key to secure real-time data in the transmission lines. To the best of our knowledge, it is the first study to propose an authentication scheme between CC and SBs in SG. Therefore, the related works are very limited and almost nonexistent.
There is an excessive variability of methods for performing authentication. Unfortunately, much of the available literature investigated SG security, while all the above-mentioned works [18][19][20][21][22][23][24][25][26] lack high computation and long communication sizes and use a complex scheme such as the Public-Key Infrastructure (PKI). Signature generation as well as signature verification are needed for the PKI. Therefore, these actions cause high computation and communication overhead. An excessive amount of authentication steps is sometimes needed to secure communications, which causes additional computation and communication costs. In this paper, all the previous challenges were addressed by proposing a lightweight authentication scheme for securing the communication between the CC and SBs in an SG.
Generally, this paper contributes to providing SE authentication with RE and to the creation of a secure channel between the CC and the SBs. The proposed scheme will use the symmetric system to ensure the integrity of various interactions with the cryptographic hash function. The benefits of the suggested lightweight scheme offer the authentication with low communication and computation costs; thus, the power consumption will be low. Where, the most articles in wireless security such as [27] focus on the energy cost. The scheme offers the identity of SE detection and ends with the Session Key Agreement (SKA) among SE and RE. The suggested scheme also offers SG Mutual Authentication (SGMA) and with a suitable level of security against multiple attacks. The experiments and measurements adopted in: first, theoretical method then, the simulations platform was done using MATLAB R2014a software. Finally, we recommended to apply the proposed scheme (by the help of ABB switchgear companies) on ABB eVD4 SB and REF542plus controller. This work successfully manages the above proposition and is organized as follows.
The discussion of the related works is presented in Section 1. Section 2 deals with the SB in the SG. The network architecture is presented in Section 3, which clarifies the network model and the main goals of this work. Section 4 illustrates the proposed authentication mechanism with all notations and all phases. Section 5 offers the main results and the system performance. The proposed scheme's security analysis for this paper is presented in Section 6 and involves all the necessary safety needs between the CC and the SB. Finally, Section 7 concludes this work.

Smart Breaker in Smart Grid
In a smart electrical distribution network, all probable fault locations [6] which can occur in the network were listed in the CC and the SB was designed for online monitoring. The observed electrical network can use the data from the Supervisory Control and Data Acquisition (SCADA) or WAMS. Then, the automatic breakers will isolate the faulty line (during fault occurrence) till the network reconfiguration. The SB sends data about its status to CC, while the CC send commands to the remote switches to connect or disconnect (on or off) [28]. The reconfiguration allows to handover the demand on other lines that have lower loads [29]. The action of the SBs is an automatically process from the CC, which permits the SG to implement the strategies for the continuous process. The CC has fault analysis and application software, where the CC generates an automatic breaker action, while in some situations, directly sends a movement action to the SBs [30]. SG communication mostly uses wireless infrastructure to send the breakers actions. Using wireless technology in parts of SGs causes a delay in the sensitive data and in various types of attacks [18]. Therefore, there is a necessary need to find a secure path or secure scheme.
The smart breaker which will be used is ABB eVD4, the hardware minimum requirements for "Initialization Phase" are: Pentium III, 800 MHz; 128 MB of RAM; 40 MB of available disk space. The software requirements are: Operating system Microsoft Windows 98/2000/XP; PCM600 Version 2.3 Production Build; Microsoft .NET Framework 2.0; and eVD4-RBX615 Connectivity Package. The eVD4 classified as Intelligent Electronic Device (IED) and use the international standard for substation communication and modeling IEC 61850 with GOOSE messaging and Modbus. The controller of the SB will be REF542plus, the block diagram of this controller shown in Figure 1. The ability of REF542plus is extremely powerful in terms of automation. The smart breaker which will be used is ABB eVD4, the hardware minimum requirements for "Initialization Phase" are: Pentium III, 800 MHz; 128 MB of RAM; 40 MB of available disk space. The software requirements are: Operating system Microsoft Windows 98/2000/XP; PCM600 Version 2.3 Production Build; Microsoft .NET Framework 2.0; and eVD4-RBX615 Connectivity Package. The eVD4 classified as Intelligent Electronic Device (IED) and use the international standard for substation communication and modeling IEC 61850 with GOOSE messaging and Modbus. The controller of the SB will be REF542plus, the block diagram of this controller shown in Figure 1. The ability of REF542plus is extremely powerful in terms of automation.

Network Model
The suggested manner is applied to the medium scale system of the standard IEEE 33-bus, which is exceedingly utilized as a network model which is shown in Figure 2. The network includes 33 buses and 37 branches ranging from s1 to s37. It includes 32 branches with normally closed SB pairs, as shown in Figure 2 with solid black lines, and 5 branches with normally opened SB pairs that are shown with the hidden black line. The pairs of breakers shown as red circles denote the beginning and ending of each branch.

Network Model
The suggested manner is applied to the medium scale system of the standard IEEE 33-bus, which is exceedingly utilized as a network model which is shown in . The network includes 33 buses and 37 branches ranging from s1 to s37. It includes 32 branches with normally closed SB pairs, as shown in Figure 2 with solid black lines, and 5 branches with normally opened SB pairs that are shown with the hidden black line. The pairs of breakers shown as red circles denote the beginning and ending of each branch. The network architecture of the proposed approach between the CC and the SBs under a fault via wireless network of the SG is shown in Figure 3. The real physical fault in DN may occur in any branch due to several causes such as: Lightning, tree contact, birds, squirrels, and vandalism. The fault type may be Line to Ground (LG), Line to Line (LL), Line to Line to Ground (LLG) or Line to Line to Line (LLL). The most fault type is LG which constitutes 80% from the total number of faults.
The protection system will manage the fault by physical response to open the SB. The SB is designed to send the information (data) about its status and several measurements such voltage, current, frequency, time and date. The CC is designed to send actions (commands) to open or close the SBs. The wireless communication is widely used where the cyber-attack may be taken place to made a faked fault or disconnect the electricity on a pivotal area.

Internet Smart Grid with Smart Breakers
Control Center where, Li represents the load at the node i, SBj represents the smart breaker of the jth branches.

Design Goals
The SB can disconnect the power line in case of a fault in its line, in which case, the SB tries to communicate with the CC to hand over the load to another line as fast as possible. The goals of this design are as follows: • Secure the communication channel between the CC and the SBs to avoid cyber-attacks.  The network architecture of the proposed approach between the CC and the SBs under a fault via wireless network of the SG is shown in Figure 3. The real physical fault in DN may occur in any branch due to several causes such as: Lightning, tree contact, birds, squirrels, and vandalism. The fault type may be Line to Ground (LG), Line to Line (LL), Line to Line to Ground (LLG) or Line to Line to Line (LLL). The most fault type is LG which constitutes 80% from the total number of faults. The protection system will manage the fault by physical response to open the SB. The SB is designed to send the information (data) about its status and several measurements such voltage, current, frequency, time and date. The CC is designed to send actions (commands) to open or close the SBs. The wireless communication is widely used where the cyber-attack may be taken place to made a faked fault or disconnect the electricity on a pivotal area. The network architecture of the proposed approach between the CC and the SBs under a fault via wireless network of the SG is shown in Figure 3. The real physical fault in DN may occur in any branch due to several causes such as: Lightning, tree contact, birds, squirrels, and vandalism. The fault type may be Line to Ground (LG), Line to Line (LL), Line to Line to Ground (LLG) or Line to Line to Line (LLL). The most fault type is LG which constitutes 80% from the total number of faults.
The protection system will manage the fault by physical response to open the SB. The SB is designed to send the information (data) about its status and several measurements such voltage, current, frequency, time and date. The CC is designed to send actions (commands) to open or close the SBs. The wireless communication is widely used where the cyber-attack may be taken place to made a faked fault or disconnect the electricity on a pivotal area.

Internet Smart Grid with Smart Breakers
Control Center where, Li represents the load at the node i, SBj represents the smart breaker of the jth branches.

Design Goals
The SB can disconnect the power line in case of a fault in its line, in which case, the SB tries to communicate with the CC to hand over the load to another line as fast as possible. The goals of this design are as follows: • Secure the communication channel between the CC and the SBs to avoid cyber-attacks.  where, L i represents the load at the node i, SB j represents the smart breaker of the jth branches.

Design Goals
The SB can disconnect the power line in case of a fault in its line, in which case, the SB tries to communicate with the CC to hand over the load to another line as fast as possible. The goals of this design are as follows: • Secure the communication channel between the CC and the SBs to avoid cyber-attacks.

The Proposed Authentication Mechanism
This section presents the proposed scheme, which involves two scenarios to secure the communication between the SBs and the CC. In the first scenario, an SB will be SE, and the CC will be RE. While in the second scenario, the CC will be SE and the SBs will be REs. The notations used in this study (first scenario) are given in Table 1. While, the notations of the second scenario are similar to the first one. The suggested scheme offers SGMA, authorization and information privacy between the SB and the CC. The proposed scheme is involved in the following phases.

•
Initialization Phase: the SBs in this phase are recorded in the CC with unique identity numbers. • Authentication Phase: from the SB to the CC to authenticate each other. • Key Session Phase: is the mutual key creation, which is utilized as a session key and forwards data from the SB and the CC.

Initialization Phase
This is like a registration process among the SBs and the CC; it is very important to run the proposed scheme. The SBs are connected to the CC, where the CC is assumed to be a trusted entity. The applied suites cypher, such as a type of hash function, and the cryptography procedure are defined. In addition, an off-line supplier defined the SB identity IDsb j and the corresponding parameters p j and p c for each recorded SB as shown in Figure 4.

Authentication Phase
In traditional power distribution networks, when a fault occurs in any medium voltage power line, a portion of the load will be unsupplied. Therefore, in the SG, to use the property of self-healing, the SB will disconnect automatically and start to inform the CC about its existing status. This needs particular authentication steps between the SB and the CC. Each remote SB that requires communication with the CC must implement and pass the authentication steps. The suggested authentication scheme can be seen in Figure 5. After confirming the sureness of the information from the SB, the CC will send actions to other SBs. This action, which is achieved through the software, is already saved in the CC and has the ability to deal with fault issues automatically. The CC will make its decisions for specific SBs to handover the network branches to maximize the service within acceptable power losses and the voltage profile. Therefore, the CC will send actions to SBs.

Smart Breaker
Control Center

Authentication Phase
In traditional power distribution networks, when a fault occurs in any medium voltage power line, a portion of the load will be unsupplied. Therefore, in the SG, to use the property of self-healing, the SB will disconnect automatically and start to inform the CC about its existing status. This needs particular authentication steps between the SB and the CC. Each remote SB that requires communication with the CC must implement and pass the authentication steps. The suggested authentication scheme can be seen in Figure 5. After confirming the sureness of the information from the SB, the CC will send actions to other SBs. This action, which is achieved through the software, is already saved in the CC and has the ability to deal with fault issues automatically. The CC will make its decisions for specific SBs to handover the network branches to maximize the service within acceptable power losses and the voltage profile. Therefore, the CC will send actions to SBs.

Authentication Phase
In traditional power distribution networks, when a fault occurs in any medium voltage power line, a portion of the load will be unsupplied. Therefore, in the SG, to use the property of self-healing, the SB will disconnect automatically and start to inform the CC about its existing status. This needs particular authentication steps between the SB and the CC. Each remote SB that requires communication with the CC must implement and pass the authentication steps. The suggested authentication scheme can be seen in Figure 5. After confirming the sureness of the information from the SB, the CC will send actions to other SBs. This action, which is achieved through the software, is already saved in the CC and has the ability to deal with fault issues automatically. The CC will make its decisions for specific SBs to handover the network branches to maximize the service within acceptable power losses and the voltage profile. Therefore, the CC will send actions to SBs.

Calculation 1
Step 1 the SB generates an unknown random number α j ← Z* then it computes IDsbwj: Step 2 the SB computes Msbwj by coding the IDsbwj via the unknown parameter p j as the secure key: Step 3 the SB computes the hash function IDsbwj and concatenates it with α j : Sending 1, the SB forwards a message authentication to the CC, the message includes (Hsb j ; Msbw j ; IDsb j ).

Calculation 2
Step 1 after receiving the message authentication, the CC decrypts Msbw j to get IDsbwj: Step 2 the CC extracts α j from IDsbw j : Step 3 to confirm the value of α j , the CC calculates the OHsb j of the IDsbwj and concatenates it with α j : If OHsb j = Hsbj, then the resulting value of α j is right. Else, Failure Sending 1, the CC forwards a message of failure to the SB.
Step 4 the CC creates a random number β j ← Z * and then calculates the replay control ID shadow IDcrw j : Step 5 the CC computes Mcrw j by encrypting IDcrw j using p j as the unknown key: Step 6 the CC calculates the hash value of IDcrw j and concatenates it with α j and β j : Sending 2, the CC forwards a message of authentication to the SB, which involves (Hcrj; Mcrw j ).

Calculation 3
Step 1 after getting the message of authentication from the CC, the SB decrypts Mcrw j to obtain IDcrw j : Step 2 the SB extracts β j from IDcrw j through: Step 3 to confirm the value of β j , the SB calculates the hash value of IDcrw j and concatenates it with α j and β j : If OHcr j = Hcrj, then the resulting value of β j is corrected. Else, Failure Sending 2, the SB sends a message of failure to the CC.

Key Session Phase
As soon as the authentication phase is successfully passed, a mutual symmetric key K j is generated to give the channel of communication its security. K j can be computed as: The key K j is used in data privacy of the existing session. After the ending of this session, the value of the secret parameters α j and β j are deleted from the system. The key session from the SB to the CC is shown in Figure 6.
Appl. Sci. 2018, 8, x FOR PEER REVIEW 9 of 13 Step 3 to confirm the value of βj, the SB calculates the hash value of IDcrwj and concatenates it with αj and βj: If OHcrj = Hcrj, then the resulting value of βj is corrected. Else, Failure Sending 2, the SB sends a message of failure to the CC.

Key Session Phase
As soon as the authentication phase is successfully passed, a mutual symmetric key Kj is generated to give the channel of communication its security. Kj can be computed as: The key Kj is used in data privacy of the existing session. After the ending of this session, the value of the secret parameters αj and βj are deleted from the system. The key session from the SB to the CC is shown in Figure 6.

Results and System Performance
In this section, a comparison in the performance of the proposed scheme with References [18,31,32] is discussed. The initialization phase will only be implemented one time. Therefore, the required comparison will be in the authentication phase of performance. Where, the standard costs regarding to authentication which are computational and communication cost as shown in Tables 2  and 3, are considered. Such these costs are well known and common in most authentication researches.
The experiments are conducted on a 2.5 GHz Intel i3-M380 processor, with a Windows 7 operating system of 64-bits, and 4 GB RAM (Lenovo PC HK limited, Hong Kong, China). Where, MATLAB R2014a is used to implement our experiments. While, Java class is used to implement the cryptosystem.
In Table 2, a comparison is made among References [18,31,32] with the proposed scheme in terms of their computational costs. The total computational cost of our proposed scheme for the authentication phase is 14.1 milliseconds, which is deemed the lowest. The other mentioned papers have respective computational costs of 23.13, 34.65 and 34.65 milliseconds. In addition, another comparison of the communication costs, as shown in Table 3, is the total communication cost, which is 510 bits for the proposed scheme and 800, 1040 and 1040 bits for the other schemes respectively. In our proposed scheme, three considerations are involved with the key requirements of authentication phase (Hsbj; Msbwj; IDsbj). The full length of the communication requirement is 3 × 128 = 354 bits. In

Results and System Performance
In this section, a comparison in the performance of the proposed scheme with References [18,31,32] is discussed. The initialization phase will only be implemented one time. Therefore, the required comparison will be in the authentication phase of performance. Where, the standard costs regarding to authentication which are computational and communication cost as shown in Tables 2 and 3, are considered. Such these costs are well known and common in most authentication researches.
The experiments are conducted on a 2.5 GHz Intel i3-M380 processor, with a Windows 7 operating system of 64-bits, and 4 GB RAM (Lenovo PC HK limited, Hong Kong, China). Where, MATLAB R2014a is used to implement our experiments. While, Java class is used to implement the cryptosystem.
In Table 2, a comparison is made among References [18,31,32] with the proposed scheme in terms of their computational costs. The total computational cost of our proposed scheme for the authentication phase is 14.1 milliseconds, which is deemed the lowest. The other mentioned papers have respective computational costs of 23.13, 34.65 and 34.65 milliseconds. In addition, another comparison of the communication costs, as shown in Table 3, is the total communication cost, which is 510 bits for the proposed scheme and 800, 1040 and 1040 bits for the other schemes respectively. In our proposed scheme, three considerations are involved with the key requirements of authentication phase (Hsbj; Msbwj; IDsbj). The full length of the communication requirement is 3 × 128 = 354 bits. In the upcoming requirement, two considerations are elated, which are 2 × 128 = 256 bits. Thus, we proved that the suggested scheme is the best and overcomes the others, that is References [18,31,32] in terms of computational cost and communication costs.

Security Analysis
This part primarily offers a discussion of the proposed scheme, which can meet all of the necessary safety needs between the SB and the CC. The subsequent condition is identical to the initial one.
As mentioned earlier, the components of data security include data integrity, privacy and confidentiality. Considering the broadcast nature of wireless and internet communications, the SG data may be interfered with and substituted by the adversary; such a system is considered quite risky in the event of a system outage. Therefore, the present model decrypts the data by utilizing a one-time session key. This unique random key is generated after the authentication stage and is altered periodically. This method of data encryption (one-time key-based) may meet all three data security properties, whereby any data alteration or adversary's replay attempt may simply be identified using a tag that is highly resistant to falsification.

Preventing the Replay Attack
The process of conducting a replay attack requires the attacker to tap into the authentication message that is normally transferred to the CC from the SB. After the SB-CC interchange, the attacker's attempts to have the same message replayed surpasses the system's verification process. In the present authentication procedure, it is only practical to transfer the secret parameter in the authentication message to the CC from the SB only once. Therefore, in case the attacker attempts to have the same request message intercepted or resent, the CC is then able to easily identify it by using the ID shadow's hash function of the SB's Hsb j . In the same method, if an attacker tries to copy an authentication message and resends it to the SS, then this action can be easily detected by the CC. For this approach, the suggested unidentified authentication protocol may hold against the replay attacks.

Resistance to Forgery Attacks
Interception and modification of existing legal data for the SB to pass the CC's authentication procedure may be targeted by the attacker as well. In such a situation, the attacker is expected to build a useable authentication message using a useable secret parameter to meet the SGMA. Therefore, to achieve this, it is important for the attacker to get rid of the ID shadow's function of the SB and to understand the unknown parameter (p j ). The attacker finds it quite hard to determine this parameter (secret parameter p j ) as its insertion into the SB is done in its offline mode, while the α j value is random and is utilized only one time. Contrary to this, the attacker may disguise attempts as the CC to acquire the benefits. If this happens to be the case, then the attacker is required to create a valid message of authentication and to equally understand the random value (α j ; β j ) and the secret parameter p j . In doing this, the proposed scheme will be able to offer resistance against forgery attacks.

Sustaining Mutual Authentication
In the present proposal, the SB is authenticated by the CC via having the random value α j and the ID shadow's hash function of the SS verified in the message of authentication, where a genuine SB creates a valid message of authentication. Nonetheless, a random value of α j is considered in the authentication of the SS by the CC, where this value is computed from IDsbw j (α j = IDsbw j ⊕ IDsb j ). The resulting hash is OHsb j = h (IDsbw j || α j ) and is expected to correspond to the ID shadow's hash function of the SB in the message of authentication OHsb j = Hsb j . On the other hand, the CC's legitimacy can be authenticated by the SB using the random values of β j and α j , as well as the hash value Hcc j = h (IDccw c || α j || β j ), which are expected to correspond to the resulting hash value of OHcc j . By doing this, the proposed scheme suits the mutual authentication property.

Supporting Anonymity Authentication
For the proposed design, both the random values (α j ; β j ) and the secure number p j may offer solution issues like intractability and anonymity, nonetheless, the idea that the secure number p is integrated into the SB while being in offline status. For this study, this concept is considered during the ID shadow's encryption and decryption. The ID shadow is used in hiding the one-time random value (α j ; β j ), whereby a secret parameter p j is considered for encrypting it. Authentication is achieved as a courtesy of this random value; therefore, the scheme in the present study promotes anonymous authentication. Nonetheless, while executing the process of anonymous authentication in the present study, the parameters in the authentication message are not allowed to be sent at one time. For the purposes of acquiring PAE (Privacy Against Eavesdroppers), it is imperative to employ an effective approach such as the proposed scheme.

Conclusions
The SG is likely to be the most reasonable key for forthcoming energy problems. With proper security, the SG can play a vital role in solving these energy management issues. The security and privacy of communication between the SB and the CC are important to prevent partial system outages that may lead to large-scale blackouts, damage of the electrical equipment or serious consequences in the power grid. Pursuing higher security by sacrificing communication and computation costs is unfair to the utility. The main contributions of this paper are highlighted as follows: Firstly, the authentication between the CC and the SBs in SG is introduced in this paper, which is presently missing in the literature of this field. Second, in the field of performance, a lightweight authentication scheme for SG communication using the crypto hash function with masked identity, as well as symmetric cryptography for various exchanges, is proposed. Third, upon its comparison with other schemes, the proposed scheme is the best regarding the computation and communication costs. For future work, the proposed scheme can be injected to the REF542plus controller using manufacturing software such as CAN Open digital fieldbus, which can be applied by the help of ABB switchgear companies. Thus, the suggested scheme can be appropriate for real-time SG applications. Therefore, the importance of this article is that the proposed scheme can provide a suitable industry-security level with low computation and communication costs.