MODEL-BASED, AMI SECURITY TESTING (MBAST) : A NOVEL MODEL-BASED APPROACH TO TEST SECURITY OF THE ADVANCED METERING INFRASTRUCTURE SYSTEMS

Advanced Metering Infrastructure (AMI) technology offer utilities oppo11unities to enhance customer service and improve their operational efficiency. Opportunities of AMIalso pose challenges for utilities, increasing inherent security risks. System reliability, consumer privacy, network integrity,interconnectivity and the integration with critical back office applications are far more vulnerable now than with traditional metering systems. With proper planning and strategy,theserisks can be effectively mitigated to an acceptable level. One of the best strategy to decrease risk level is security testing.AMI is a vast, complex and highly integrated network of multiple systems and technologies, so we need a suitableapproach to test security of AMI systems. Towards this goalwe present work for systematically testing security-critical systems. The idea is to specify the system (at the abstractdesign level) using a formal specification language and to use this specification to generate test sequences to find securityweaknesses in an imp lementation in a systematic way. Model-based AMI security testing (MBAST) is a relatively new fie ld and especially dedicated to the systematic and efficient specification and documentation of AMI securitytest objectives and AMI security test cases.