Abstract
Hydropower facilities are often remotely monitored or controlled from a centralized remote control room. Additionally, major component manufacturers monitor the performance of installed components, increasingly via public communication infrastructures. While these communications enable efficiencies and increased reliability, they also expand the cyber-attack surface. Communications may use the internet to remote control a facility’s control systems, or it may involve sending control commands over a network from a control room to a machine. The content could be encrypted and decrypted using a public key to protect the communicated information. These cryptographic encoding and decoding schemes become vulnerable as more advances are made in computer technologies, such as quantum computing. In contrast, quantum key distribution (QKD) and other quantum cryptographic protocols are not based upon a computational problem, and offer an alternative to symmetric cryptography in some scenarios. Although the underlying mechanism of quantum cryptogrpahic protocols such as QKD ensure that any attempt by an adversary to observe the quantum part of the protocol will result in a detectable signature as an increased error rate, potentially even preventing key generation, it serves as a warning for further investigation. In QKD, when the error rate is low enough and enough photons have been detected, a shared private key can be generated known only to the sender and receiver. We describe how this novel technology and its several modalities could benefit the critical infrastructures of dams or hydropower facilities. The presented discussions may be viewed as a precursor to a quantum cybersecurity roadmap for the identification of relevant threats and mitigation.
| Original language | English |
|---|---|
| Article number | 9818 |
| Journal | Sensors (Switzerland) |
| Volume | 23 |
| Issue number | 24 |
| DOIs | |
| State | Published - Dec 2023 |
Funding
Funding for this work was provided in part by the U.S. Department of Energy (DOE), Office of Cybersecurity Energy Security and Emergency Response (CESER) through the Risk Management Tools and Technologies (RMT) Program, and in part by the Laboratory Directed Research and Development Program at Oak Ridge National Laboratory (ORNL) under US DOE Grant No. DE-FG2-13ER41967. A.G. and G.S acknowledge support from the Army Research Office under award W911NF-19-1-0397, and NSF under grant DGE-2152168. We thank P.G. Evans for helpful discussions and feedback. ORNL is managed by UT-Battelle, LLC, for the US DOE under Contract No. DE-AC05-00OR22725. The publisher, by accepting the article for publication, acknowledges that the US Government retains a nonexclusive, paid-up, irrevocable, worldwide license to publish or reproduce the published form of this manuscript or allow others to do so for US Government purposes.
Keywords
- QKD
- QKD post-processing
- critical infrastructure
- cyber-physical security
- dams
- hydropower
- quantum key distribution
- quantum security