Smart grid is essentially a cyber-physical system (CPS) integrated with electric distribution supported with bi-directional communication networks. To support the communication and computing requirements, third party service providers are also expected to participate. Consequently, the third party service providers also access customers’ information that is sent through smart meters and backbone networks. As a result, the smart grid system should have appropriate security and privacy policies to secure the smart meters data and other components from unauthorized access. It is a challenging issue to secure the smart grid from cyber attacks in the presence of online connectivity of all components with the Internet [1]. Among different threats that are present in the smart grid in terms of security, energy theft is one of the most important issues to consider. The intruder can access the control point of the smart meters, and thereby, modify real-time information to change energy consumption information reported to utility providers. Therefore, adequate security policies are needed to deal with such issues. In this chapter, we will discuss general security requirements in a communication network. Then specific security issues present in the smart grid and their remedies are discussed.

Security in Data Communication

In data communication, at least two parties (the sender and the receiver) are involved in message exchange. The sender sends a message for an intended receiver. On receiving the message, the receiver takes adequate actions or decisions. In such a scenario, if the sender sends the message directly to the receiver, it may happen that the message is modified or accessed by an attacker. However, the receiver assumes that the received message is the original one sent by the sender. Additionally, it may also happen that an attacker uses the sender's identity to send malicious data to the receiver. Finally, after sending a message, the sender should not be able to repudiate the sent message. Therefore, it is required to implement security mechanisms to prevent such incidents. For example, in banking transactions, appropriate security mechanisms should be in place so that no one other than the actual user can withdraw money. In this chapter, we focus on the cryptography-based security aspects in data communication instead of focusing on other aspects such as intrusion detection and denial-of-service (DoS) attacks. The basic terms used in security are as follows.