Cyber-Physical Device Authentication for the Smart Grid Electric Vehicle Ecosystem

Entity authentication and related key management is an active research topic in smart grid security. However, existing works seem to have overlooked the significance that the smart grid is a cyber-physical system, which entails more considerations in the integration of its cyber and physical domains. Ignoring this could possibly undermine security since the effects of cyber authorization in the smart grid are usually extended into the physical domain. The substitution attack, a kind of the man-in-the-middle attack, has been demonstrated using this gap. This paper proposes a two-factor cyber-physical device authentication protocol to defend against coordinated cyber-physical attacks in the smart grid. The idea is to combine a novel contextual factor based on physical connectivity in the power grid with the conventional authentication factor in the challenge-response protocol, widely used in cybersecurity. The resulting protocol provides assurance on not only the digital identity of a device but also the device's controllability in the physical domain. While the design is for the electric vehicle ecosystem, the framework could be readily extended to other smart grid subsystems.