Field
Embodiments of the present invention generally relate to event reporting and more specifically, to a method and apparatus for secure aggregated event reporting.
Description of the Related Art
In the utility delivery space, there have been numerous technological advances in efforts to provide improved methods and systems for monitoring and controlling the delivery and use of various utility products (e.g., electricity, water, gas, street lighting, etc.). For example, Smart Grid systems, Advanced Metering Infrastructure (AMI) systems and the like have been developed, which incorporate system devices (e.g. meters) or existing system devices retrofitted with modules that include at least a communication interface, configurable microprocessor, and storage capacity. These devices are configured to communicate using predetermined protocols with other nodes in the network, Wide Area Network (WAN), and/or the Neighborhood Area Network (NAN) access points (e.g., collectors, bridges, mesh gates) in the utility's network.
A utility network may be employed to monitor utility devices, and perform tasks such as reporting meter readings to head end systems. For example, meters within the AMI system may determine if delivery of power is occurring or if there is a power outage, and may report power readings to a data collection process in the head end system. The ability to achieve this monitoring automatically is an important advancement over the wired, drive-by or house-to-house meter reading methodologies of the past.
The timely reporting of power outages and restoration across a NAN is critical to maintaining utility access for all customers. Currently, power outage and restoration reports are aggregated before they are sent to a back-end system as described in U.S. Pat. No. 8,970,394, titled “Aggregated Real-time Power Outages/Restoration Reporting (RTPOR) in a Secure Mesh Network,” which is incorporated herein by reference in its entirety. Briefly, power outage or restoration reports are aggregated as they are transmitted through the network to the head end system. Aggregating the reports reduces message volume when there is a large outage event. A complete and accurate set of power event reports is important for the utility to efficiently deploy its resources in order to restore the service. A complete and accurate record is also important for the utility to document its regulatory service level requirements.
Networks that connect devices to a monitoring process are also being deployed in Distribution Automation (DA) systems for the Smart Grid, in smart cities systems, in Internet of Things systems, and in industrial plant process and control systems. All of these systems have event reports that may need to be secure and scalable when an event is widespread. The types of widespread event that might be reported are power outage and restorations, pipe line pressure events, temperature events, seismic events, gunshot detection events, signal light failures, street light failures, flooding, and the like.
Secure aggregated event reporting may also be utilized for acknowledging multicast and broadcast message delivery. Typically, broadcast and multicast messages sent to large numbers of devices are not acknowledged by the receiving devices because the quantity of acknowledgements would overwhelm the system. The aggregated event reporting may be used to securely acknowledge receipt of the broadcast and multicast messages.
However, aggregate event reports have no end-to-end security because each device that the aggregate report passes through must be able to modify the report. As such, the aggregated reports are subject to malicious hackers. The hacked device can falsely report large numbers of power outage events from a plurality of devices. This type of scaled attack is costly to a utility because resources may be deployed to address a large outage where no outage exists.
The current state-of-the-art for end-to-end security uses either transport layer security such as the Internet Engineering Task Force Transport Layer Security (IETF TLS) or Datagram Transport Layer Security (DTLS) protocols or application sub-layer security which protects the entire application protocol data unit, but cannot protect the individual data records. Therefore, there is a need for a method and apparatus for secure aggregated event reporting.