To address the above cyber security threats

To address the above cyber security threats, the general requirements for AMI security can be summarized as follows:

\item \textbf{Confidentiality:} Confidentiality as from the perspective of AMI is perceived protecting the privacy of consumer’s information and consumption pattern. Therefore, the system must provide for keeping the consumption information confidential. Also, the physical tampering of smart meter to illegally access the stored data as well as using other means of unauthorized access to the data by other mechanisms should be prevented~\cite{Anzalchi2015}. At AMI head end, confidentiality of customer information should be maintained by allowing only authorized access to specific data sets.
\item \textbf{Integrity:} Integrity with respect to AMI is applicable for data transmission from meter to the utility and control commands from utility to the meter. Integrity refers to the mechanisms involved for preventing alterations in the data received from meter, and in the commands sent to the meter~\cite{Yan13}. The hackers possess a threat to the system integrity as they can launch attacks by pretending to be authorized entities. Smart meters are robust against cyber or physical attacks, compared to electromechanical meters. Smart meters must have the capability of ignoring the control commands raised due to cyber attacks and preserve the system integrity.
\item \textbf{Availability:} The availability issue in AMI changes, depending on the type of information communicated in the system. The non-critical data can be collected keeping the time intervals longer, and instead of using actual data, estimated ones are used. In some scenarios, necessitates the collection of actual values in minimum time. The prime factor for data unavailability in AMI is failure of the component. The causes of component failure may be from software problem, physical damage or human tampering with the meter. Another reason for unavailability in AMI can be communication failure. The reasons for communication failure include, path degeneration, interference, loss of bandwidth, network traffic, etc.
\item \textbf{Accountability:} refers to the fact that data receivers will not deny receiving of data and vice versa. Thus, entities not receiving any data, cannot claim that they have done so. In AMI, accountability is significantly important from the view point of finance and control signal responses. The primary concern for accountability requirement is due to the components in AMI being manufactured by different vendors and owned by different entities. Synchronizing the time and precise time stamping of information are also necessary in the AMI network for ensuring accountability. The most common method of accountability maintenance is through audit logs. For accountability with respect to smart meters, all metered values, modifications in tariffs should be made accountable as they are form the basis for billing.

\subsubsection{Power Theft Prevention}
Occurrence of electrical losses can be in any of the stages of generation, transmission, distribution, and utilization. Losses that take place during generation are technically more easily justifiable, than those that occur during transmission and distribution. Losses can also be categorized as technical loss and non-technical loss. Technical loss occurs due to power dissipation in lines and components and is considered natural. On the other hand, detection and prevention of non-technical loss during transmission and distribution of electricity is difficult, thereby, leading to a major utility problem. The use of electro-mechanical meters in traditional systems have minimum security features and are prone to manipulation. Electro-mechanical meter thefts are detected using the methods of direct connection to distribution lines and grounding the neutral wire~\cite{Anas2012}. The use of smart meters in advanced grids resulted in elimination or reduction in the above mentioned issues of electro-mechanical meters.

Certain techniques for power theft are not associated with the direct intervention with the meter. One example of such technique is tampering of the current transformer. Current transformers perform the matching operation of grid current rating with the meter rating for meters of large loads. Though the secondary side wires of current transformers are generally insulated, but still there is a possibility of harming the insulation and wire tapping. The tapping of the wires lead to erroneous meter readings. Another indirect method of power theft, is by exchanging the position of damaged wires, resulting in phase shift and modifications in the meter reading.

Some of the stealing techniques used in electro-mechanical meters is also applicable in systems with smart meters and AMI too. One such technique is data tampering. The tampering of data can happen at three different stages of data collection, data storage in the meter and during data transition across the network. Data tampering that occurs during collection is applicable for both conventional and smart meters. Data interference during storage and transition is only applicable for smart meters. Compared to conventional electrical systems, the use of data loggers in AMI results in difficulty in tampering meters. The loggers record the power outages to the meter as well power flow inversion. Thus, attack techniques involving inversion or disconnection, also need to remove logged events in the meter. The smart meter stores data of various types, such as, time of use tariffs, event logs, executed or received commands and the firmware. Attackers that are able to access the smart meter data, get all the vital information from the stored data. Data manipulation in another way can take place during its transmission over the network. Adversaries may launch attacks by injecting false data or by communication interception while the data is in transit.

\subsection{Role of Key Management Systems in AMI}
As mentioned in Section I, AMI is a new emerging technology for smart grid, and is defined as the system used to measure, collect, store, analyze, and use energy usage data~\cite{Xia12}. It also facilitates in building a bridge between consumers and electric power utilities. For providing the widest possible platform for delivering a wide range of applications in the future, open network and information techniques introduced to the smart grid increases the chances of cyber security threats. Generally, the cyber security requirements of AMI include confidentiality, integrity, and availability. Before AMI can be deployed, the confidentiality for customer privacy and customer behavior, as well as message authentication for meter reading, DR and load control messages, are the major security requirements that need to be provided. Confidentiality and integrity are solved by encryption and authentication protocols, that depend on the security of cryptographic keys. To ensure the security, the key management for large amounts of devices in AMI systems is very important. The key management system always comprises of a key organizational framework, key generating, refreshing, distribution, storage policies, etc~\cite{Liu13}.
\subsubsection{Key Management in Different Transmission Modes}
Messages in AMI can be classified into three classes based on their mode of transmission: unicast, broadcast and multicast.