智慧電錶系統在近幾年因智慧電網的推動被廣泛應用，而在智慧電網的資料採集與監控系統中作為溝通橋梁的閘道器，不免需要被連接至開放式網路，因而造成用電數據可能被惡意人士竊取以分析使用者的行為來從事非法活動，例如：觀察房屋主人的生活作息並推測入室竊盜的最佳時機。德國聯邦資訊安全辦公室為確保智慧電錶閘道器能因應其操作環境中的各種潛在威脅，因此定義了相關安全措施的最低要求，並以保護剖繪之形式通過第三方驗證後發布於共同準則的官方網站。然而，在面對網路中日漸難以界定的可信任區域時，對於未經授權的存取行為，就需要設計更細膩的管控措施進行因應，以確保資料僅獲授權者可存取。
本論文基於保護剖繪，設計符合安全保證要求的智慧電錶閘道器，以確保用電數據的機密性、完整性與可用性。進而以實現零信任為目標，將所有閘道器以外的實體皆視為不可信任，設計採用全同態加密演算法對用電數據進行加密，以確保惟有合法的實體才能存取。其中，全同態加密具有在密文狀態下進行加法與乘法運算之能力，可有效避免用電數據在運算過程遭竊取或竄改的風險，也能降低資料存放於第三方時遭到滲透的可能性。最後使用ARM架構的開發板進行原型實作，並整合Modbus協定轉換與保護剖繪所要求的安全功能。經評估測試後，證實本論文所提的方案具備高度可行性，同時也具有通過共同準則驗證之潛力。

Smart metering system has been extensively used in recent years due to the high demand of smart grids, the contemporary smart meter gateway used in Supervisory Control and Data Acquisition system will be connected to open network inevitably, which may lead the electricity usage data obtained by malicious entities to analyze users’ behavior for illegal purposes (e.g., observe the habit and daily life of house owner to speculate the best timing for burglary). Federal Office for Information Security in Germany has defined the minimum requirements for security measures to ensure that smart meter gateway can address various potential threats in its operating environment. These requirements are published in the form of Protection Profiles (PP) after third-party verification on the official website of Common Criteria. However, in the face of increasingly obscured boundary of trust zone in modern network, the access control needs to be enforced as granular as possible, ensuring that data can only be obtained by authorized entities.
This thesis designs a secure smart meter gateway based on PP to meet the Security Assurance Requirements, ensuring the confidentiality, integrity, and availability of electricity usage data. With the goal of achieving Zero Trust, all external entities are considered untrusted. The design utilizes Fully Homomorphic Encryption (FHE) algorithm to encrypt the electricity usage data, ensuring that only legitimate entities can access it. FHE allows addition and multiplication operations be performed on ciphertext to prevent the risk of theft or tampering of the data during computation and reducing the possibility of data compromised when stored by third-party. Finally, this thesis utilizes an ARM architecture development board for prototyping and integrated Modbus protocol conversion along with the security functions required by PP. After evaluation and testing, the proposed scheme has high feasibility and the potential to pass CC verification.

[1] Ur-Rehman, O., Zivic, N., & Ruland, C. (2015). Security issues in smart metering systems. IEEE International Conference on Smart Energy Grid Engineering (SEGE) (pp. 1-7). IEEE. https://doi.org/10.1109/SEGE.2015.7324615
[2] Mármol, F. G., Sorge, C., Ugus, O., & Pérez, G. M. (2012). Do not snoop my habits: preserving privacy in the smart grid. IEEE Communications Magazine, 50(5), 166-172. https://doi.org/10.1109/MCOM.2012.6194398
[3] Pillitteri, V., & Brewer, T. (2014). Guidelines for Smart Grid Cybersecurity (NIST Interagency Report 7628 Revision 1). National Institute of Standards and Technology, Gaithersburg, MD, USA. https://doi.org/10.6028/NIST.IR.7628r1
[4] Liu, J., Xiao, Y., Li, S., Liang, W., & Chen, C. P. (2012). Cyber Security and Privacy Issues in Smart Grids. IEEE Communications Surveys & Tutorials, 14(4), 981-997. https://doi.org/10.1109/SURV.2011.122111.00145
[5] Nieles, M., Dempsey, K., & Pillitteri, V. Y. (2017). An introduction to information security (NIST Special Publication 800-12 Revision 1). National Institute of Standards and Technology, Gaithersburg, MD, USA. https://doi.org/10.6028/NIST.SP.800-12r1
[6] Bundesamt für Sicherheit in der Informationstechnik. (2014). BSI-CC-PP-0073-2014: Protection Profile for the Gateway of a Smart Metering System (Smart Meter Gateway PP)/Schutzprofil für die Kommunikationseinheit eines Intelligenten Messsystems für Stoff- und Energiemengen. https://www.commoncriteriaportal.org/files/ppfiles/pp0073b_pdf.pdf
[7] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture (NIST Special Publication 800-207). National Institute of Standards and Technology, Gaithersburg, MD, USA. https://doi.org/10.6028/NIST.SP.800-207
[8] Pliatsios, D., Sarigiannidis, P., Lagkas, T., & Sarigiannidis, A. G. (2020). A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics. IEEE Communications Surveys & Tutorials, 22(3), 1942-1976. https://doi.org/10.1109/COMST.2020.2987688
[9] Yadav, G., & Paul, K. (2021). Architecture and security of SCADA systems: A review. International Journal of Critical Infrastructure Protection, 34, 100433. https://doi.org/10.1016/j.ijcip.2021.100433
[10] Deb, D., Chakraborty, S. R., Lagineni, M., & Singh, K. (2020). Security Analysis of MITM Attack on SCADA Network. In: Bhattacharjee, A., Borgohain, S., Soni, B., Verma, G., Gao, XZ. (eds) Machine Learning, Image Processing, Network Security and Data Sciences. MIND 2020. Communications in Computer and Information Science, vol 1241. Springer, Singapore. https://doi.org/10.1007/978-981-15-6318-8_41
[11] Modbus Organization. (2012). MODBUS Application Protocol Specification: V1. 1b3. http://www.modbus.org/docs/Modbus_Application_Protocol_V1_1b3.pdf
[12] Liu, C. R. (2021). Design and Implementation of a Protocol Conversion IoT Gateway Supporting Modbus Command Priority (Unpublished master’s thesis). National Cheng Kung University, Tainan, Taiwan (R.O.C.). https://thesis.lib.ncku.edu.tw/thesis/detail/535a60eaa2986ae5bdfe709c2e06e29a/
[13] Acar, A., Aksu, H., Uluagac, A. S., & Conti, M. (2018). A Survey on Homomorphic Encryption Schemes: Theory and Implementation. ACM Computing Surveys (Csur), 51(4), 1-35. https://doi.org/10.1145/3214303
[14] Paillier, P. (1999). Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (eds) Advances in Cryptology — EUROCRYPT ’99. EUROCRYPT 1999. Lecture Notes in Computer Science, vol 1592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48910-X_16
[15] ElGamal, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE transactions on information theory, 31(4), 469-472. https://doi.org/10.1109/TIT.1985.1057074
[16] Rivest, R. L., Adleman, L., & Dertouzos, M. L. (1978). On Data Banks and Privacy Homomorphisms. Foundations of secure computation, 4(11), 169-180. https://people.csail.mit.edu/rivest/pubs/RAD78.pdf
[17] Gentry, C. (2009, May). Fully homomorphic encryption using ideal lattices. In Proceedings of the forty-first annual ACM symposium on Theory of computing (pp. 169-178). https://doi.org/10.1145/1536414.1536440
[18] Van Dijk, M., Gentry, C., Halevi, S., & Vaikuntanathan, V. (2010). Fully Homomorphic Encryption over the Integers. In Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30–June 3, 2010. Proceedings 29 (pp. 24-43). Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-13190-5_2
[19] Li, J., Song, D., Chen, S., & Lu, X. (2012, October). A simple fully homomorphic encryption scheme available in cloud computing. In 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems (Vol. 1, pp. 214-217). IEEE. https://doi.org/10.1109/CCIS.2012.6664399
[20] Shihab, H. S., & Makki, S. A. (2018). Design of fully homomorphic encryption by prime modular operation. Telfor Journal, 10(2), 118-122. https://doi.org/10.5937/telfor1802118S
[21] Barker, E. (2020). Recommendation for Key Management: Part 1 - General (NIST Special Publication 800-57 Part 1 Revision 5). National Institute of Standards and Technology, Gaithersburg, MD, USA. https://doi.org/10.6028/NIST.SP.800-57pt1r5
[22] Barker, E., & Kelsey, J. (2015). Recommendation for Random Number Generation Using Deterministic Random Bit Generators (NIST Special Publication 800-90A Revision 1). National Institute of Standards and Technology, Gaithersburg, MD, USA. https://doi.org/10.6028/NIST.SP.800-90Ar1
[23] Hur, J. B., Koo, D. Y., & Shin, Y. J. (2015). Privacy-Preserving Smart Metering with Authentication in a Smart Grid. Applied Sciences, 5(4), 1503-1527. https://doi.org/10.3390/app5041503
[24] Busom, N., Petrlic, R., Sebé, F., Sorge, C., & Valls, M. (2016). Efficient smart metering based on homomorphic encryption. Computer Communications, 82, 95-101. https://doi.org/10.1016/j.comcom.2015.08.016
[25] Chen, Y., Martínez-Ortega, J. F., Castillejo, P., & López, L. (2019). A Homomorphic-Based Multiple Data Aggregation Scheme for Smart Grid. IEEE Sensors Journal, 19(10), 3921-3929. https://doi.org/10.1109/JSEN.2019.2895769
[26] Nuvoton Technology Corporation. (2020). NuMaker NUC980 IIoT User Manual. https://www.nuvoton.com/export/resource-files/NuMaker_NUC980_IIoT_User_Manual.pdf
[27] ARM Limited. (2008), ARM926EJ-S Technical Reference Manual r0p5. https://developer.arm.com/documentation/ddi0198/e/
[28] OpenSSL Software Foundation. (2021). OpenSSL (Version 3.0.0) [Computer software]. https://www.openssl.org/
[29] Netfilter Core Team. (2018). Netfilter/iptables (Version 1.6.2) [Computer software]. https://www.netfilter.org/
[30] Network Time Protocol Project. (2023). NTP (Version 4.2.8) [Computer software]. https://www.ntp.org/
[31] DAE Instrument Corp. (2020). DEM752 Modbus Reference (Version 1.3).
[32] Castelluccia, C., Mykletun, E., & Tsudik, G. (2005). Efficient aggregation of encrypted data in wireless sensor networks. In The second annual international conference on mobile and ubiquitous systems: networking and services (pp. 109-117). IEEE. https://doi.org/10.1109/MOBIQUITOUS.2005.25
[33] Common Criteria: CC Portal. (2024). Common Criteria. https://www.commoncriteriaportal.org/index.cfm