TREA

System and method for grid based cyber security

Follow

Information

  • Patent Grant
  • 10356055
  • Patent Number
    10,356,055
  • Date Filed
    Monday, March 6, 2017
    7 years ago
  • Date Issued
    Tuesday, July 16, 2019
    4 years ago
Information
Abstract
A method and system for providing a secure communication network using an electrical distribution grid is disclosed. A device connected to the electrical distribution grid initiates a request for a secured key token by signaling an intelligent communicating device residing at or near an edge of the grid. The intelligent communicating device forwards the request to a receiver at a distribution substation on the electrical grid. This receiver enhances the properties of the request such that a grid location for the request can be inferred. The enhanced request is forwarded to a server at the distribution substation, which compares the request grid location to a Grid Map and Policies of known secure grid locations. Any inconsistencies between the grid location inferred from the enhanced request and the Grid Map and Policies locations are considered evidence of tampering, and the server rejects the request.
Description
BACKGROUND OF THE INVENTION

1. Field of the Invention


The present invention is directed generally toward the domain of network security, and in particular toward the use of the electrical distribution grid with a system for establishing the schematic location of nodes on the electrical distribution grid, as a key-courier network and as a means for authenticating the key requester.


2. Background of the Invention


The electrical grid in the United States and most other areas of the world is historically divided into two networks: the transmission grid and the distribution grid. The transmission grid originates at a generation point, such as a coal-burning or atomic power plant, or a hydroelectric generator at a dam. DC power is generated, converted to high-voltage AC, and transmitted to distribution points, called distribution substations, via a highly controlled and regulated, redundant, and thoroughly instrumented high-voltage network. This high-voltage network has at its edge a collection of distribution substations. Over the last century, as the use of electrical power became more ubiquitous and more essential, and as a complex market in the trading and sharing of electrical power emerged, the technology of the transmission grid largely kept pace with the technological requirements of the market.


The second network, the distribution grid, is the portion of the electrical grid which originates at the distribution substations and has at its edge a collection of residential, commercial, and industrial consumers of energy. In contrast to the transmission grid, the technology of the distribution grid has remained relatively static since the mid-1930s until very recent years. Today, as concern grows over the environmental effects of fossil fuel usage and the depletion of non-renewable energy sources, interest has increased in augmenting the electrical distribution grid with communication instruments. The primary goals of this activity are energy-related—such as energy conservation, resource conservation, cost containment, and continuity of service. However, a side effect of establishing such networks is the ability to transmit information over an existing network, the distribution grid itself, which has special properties that enhance the security and particularly the authenticity and non-repudiability of transmitted messages.


Binary digital encryption has largely superseded all other forms of ciphers as the means of encoding sensitive communications in this digital age. Encryption and decryption algorithms require three components to work: the data itself (in the clear for encryption, or the encrypted string for decryption), a well-known algorithm, and a binary string called a key which must be known in order to drive the algorithm to produce the proper results.


Two major classes of encryption algorithms are in use and well-known in the art. In one class, the same key is used for both encryption and decryption, so that both the data source and the data destination have a copy of the key. These algorithms, typified by the Advanced Encryption Standard (AES), are known as symmetric key or shared secret methods. Such methods, especially AES itself, are favored for embedded or machine-to-machine applications because the algorithms are relatively low-cost in terms of code space and execution time, and because the keys are relatively short (128 to 256 bits at present). Also, if the data payload is carefully chosen, as little as one bit is added to the message length by the encryption process. This added length is called overhead.


Algorithms of the second major class are known as asymmetric key or public key methods. In these schemes, a different key is used to encrypt the data than is used to decrypt the data. The encryption key is publically known, so that anyone can send an encrypted message. The decryption key must be kept private in order to preserve message security. Public key methods are favored for lower-traffic applications such as client-server or web-service applications, where a broadband network and relatively powerful computers are used at both ends of a secure transaction. The keys are longer, the algorithms are more complex, and the overhead is higher than in symmetric key methods. One well-known method of mitigating the computational and data overhead of public key encryption is to use it only for initially authenticating and establishing a secure session, and exchanging a shared secret. Then longer messages can be exchanged using symmetric-key encryption.


The elements of data security include Privacy, Authentication, Integrity, and Non-repudiation (PAIN). Encryption itself provides only the privacy element, in that it ensures that an agency who is merely intercepting signals on a network cannot extract the information encoded in a signal sequence or message. Authentication is the process of ensuring that an agency initiating or responding to a secure transaction is who it claims to be and not a malicious intruder. Integrity refers to the ability to detect tampering with a message in transit, and either prevent it or make it evident. Non-repudiability means the sender cannot deny having sent the message which was received.


Regardless of the encryption method used, the primary security risks in data communications are not associated with “breaking” the encryption but with other elements of PAIN. Primarily, risks arise from the failure of one of these processes:

    • Authenticating the requestor of a key or a secure transaction
    • Authenticating the key authority (who may or may not be the agency who receives and decrypts the data)
    • Distributing keys in a secure manner
    • Establishing that a message actually originated with the purported sender and not some other party who gained access to the encryption key (including the purported receiver, who may self-generate a message and claim to have received it from the purported sender).


Well-known means of ensuring full PAIN security involve both the use of a secure encryption algorithm and either a secure “out of band” means of exchanging keys, a trusted third party (TTP) responsible for generating and distributing keys, or both. The simplest example of this is the case of two individuals A and B who wish to exchange private messages over a computer network. They meet face to face and agree on a secret encryption key and an encryption algorithm. They then separate and use their shared secret to exchange private messages. Because the nature of (good) shared secret keys is such that the probability someone else will choose the same secret as A and B is very low, as long as neither party breaks the trust (reveals the secret), the digital conversation between A and B is private and authenticated. A and B could ensure integrity by making further agreements about the organization or contents (such as a hash code) of the messages. This method is never non-repudiable, however, because A could generate a message and claim that it came from B, and the message would be indistinguishable from one actually generated by B.


The best-known method for establishing a fully secure channel, known as the Diffie-Hellman method, is based on the existence of asymmetric-key encryption algorithms and is described in U.S. Pat. No. 4,200,770 to Hellman et al. In this method, A and B each begin with a pair of distinct asymmetric keys. B sends his public key to A, and A sends his public key to B. A and B now each employs his own private key and his correspondent's public key to generate a value called the shared secret, which is in itself a pair of asymmetric keys. The essence of the Diffie-Hellman method is the proof that the two mismatched pairs of public and private keys can, in fact, be used to independently generate the same shared secret. B then generates a symmetric key, using the “public” portion of the shared secret to encrypt it, and sends it to A. A uses the “private” portion of the shared secret to decrypt the symmetric key. Now, A and B can send private communications back and forth efficiently using the symmetric key. The last step is only needed because of the inefficiency of asymmetric keys as a bulk encryption method.


The Diffie-Hellman algorithm is known to be vulnerable to a form of security attack known as man-in-the-middle. In such attacks, the initial exchange of public keys is intercepted by the attacker, who substitutes different public keys for those sent by A and B. If the attacker can intercept both sides of the exchange long enough to learn the symmetric key, then the attacker can pretend to be either member of the secure exchange, and can eavesdrop on the conversation and even alter the information in transit. Public Key Infrastructures (PKIs) have been created to correct this. In a PKI, a trusted third party (TTP) is used by A and B to mediate the generation and exchange of keys. The TTP does this by combining the public keys with information that authenticates the party wishing to exchange information and with the digital signature of the TTP in a tamper-evident manner. Today, many widely used programs such as web browsers are pre-programmed to recognize and honor the format of such certificates and the signatures of widely-known TTPs, more commonly called Certificate Authorities or CAs.


In the year 2011, there were at least 2 documented cases where well-established and trusted CAs were hacked and fraudulent certificates were issued, allowing the fraudulent issuer to steal information. To date, the only remedy for this has been to revoke trust for CAs known to have issued fraudulent certificates. Additionally, some specialized security needs exist where it is insufficient to authenticate the requesting user or device. For example, a physician may be authorized to use a mobile device to access electronic patient records from her home or office, but not from an internet café or other public place. In this situation, it is necessary to authenticate not only that the user of the device is the physician, but that the device is not in a public place where a patient's privacy could be compromised. In the most extreme examples of highly-secured operations, it is undesirable for the requesting user's interface device to be connected to a conventional network at all.


SUMMARY OF THE INVENTION

The present invention comprises a system of intelligent communicating devices (ICDs) residing at or near the edge of the electrical distribution grid. The electrical distribution grid comprises at least one central collection point. The ICDs transmit messages to at least one of the central collection points on the electrical distribution grid, using the distribution grid as the transmission medium. At the central collection point, a server is connected to a receiver for on-grid transmissions from the ICD to a gateway to a conventional wide-area network such as the Internet. On the wide-area network resides a central server which is the owner of a conventional Public Key Infrastructure (PKI) certificate, so that communications between the central server and the at least one collection point servers are secured by conventional secure protocols such as Transport Layer Security (TLS) or Secure Socket Layer (SSL). The central server runs a software program, the Authority, which is responsible for granting temporary authorizations for remote users to perform certain secured actions. The receiver at any of the at least one central collection points is capable of inferring the schematic location on the electrical distribution grid of any of the distributed ICDs from characteristics of the signal received from the ICD. On each of the ICDs resides a stored program which acts as the agent of the Authority in relaying requests and grants between remote users and the Authority. This system and method incorporates means of authenticating requestors, authorizing grants, ensuring that the receiver of the grant is the same agency as the requestor, and exchanging encryption keys which are more secure and more constrained to a location in time and space than conventional means alone can accomplish. Multiple embodiments of the invention are described, where in some embodiments all communication between the at least one collection point server and the requestor take place over the electrical distribution grid, and where in other embodiments a conventional network is employed to return the grant to the requestor, but the security benefits of the invention still apply.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 illustrates a bi-directional on-grid long range communications system according to the present invention.



FIG. 2 illustrates an on-grid, mixed mode communications system where no on-grid long-range transmitter is available at the central collection points. A conventional network connection is substituted to permit communication from the central collection points to the ICDs.



FIG. 3 illustrates the communication system of the present invention where bi-directional on-grid long range communication is available, but where the Device, PC, or Server has no connection to any conventional bi-directional network.





DETAILED DESCRIPTION OF THE INVENTION

The present invention is directed generally toward the domain of network security, and in particular, toward the use of the electrical distribution grid enhanced with a system for establishing the schematic location of nodes on the electrical distribution grid, as a key-courier network and as a means for authenticating the key requestor.


The invention comprises a system for using an electrical distribution grid as a communication medium, wherein the system may be connected at one or more nodes to a conventional data communications network. The invention further includes a method whereby the electrical distribution grid, used as a communication medium, can be used to distribute encryption keys and to authenticate, authorize, and secure a time-and-space limited operation to be performed on a computing Device, PC, or Server or a time-and-space limited communications session to be conducted over a conventional data communications network. Application software resides on the Device, PC or Server, and engages in high-security operations and/or transactions. These high-security operations and/or transactions must be conducted in a secure location, and must be concluded within a limited space of time in order to minimize the probability of a security breach occurring. The present invention allows for secure distribution of limited permissions, or Key Tokens, which the applications require when initiating the secure operations and/or transactions. Client software, which communicates with various other component nodes of the present invention as described in more detail below, also resides on the Device, PC, or Server. All or part of the client software may be embodied as circuitry or firmware on a specialized networking interface card (NIC) for using the power path (such as from a wall plug) as a communication channel.


In some embodiments, the client software application secures limited permission to engage in the secure operations and/or transaction provided that the Device, PC or Server is not removed from the locale in which the secure operations and/or transactions were initiated, while the operations are in progress. In such embodiments, the software client running on the Device, PC, or Server cancels the secure operations and/or transactions if the Device, PC, or Server is disconnected from the power source or if evidence of a breach of the power path is detected either by the Device, PC, or Server, or the CD, or the ICD or the Server at the substation.


Embodiment 1


Referring to FIG. 1, the System may comprise: a Key Distribution Server (KDS) 11, a Device, PC, or Server 112 operated at a Building, Structure, or Location 111, where electrical power is provided to Building, Structure, or Location 111 by a distribution grid. The distribution grid may comprise at least one Distribution Substation 15 and at least one Service Transformer 115, wherein a Phase of a Feeder 19 of the at least one Substation supplies power to the Service Transformer 115, which in turn supplies power to Building, Structure, or Location 111. The Phase of a Feeder 19 from the Substation 15 to the Service Transformer 115 is a medium voltage or high voltage line, where medium voltage is defined to be equal to or in excess of 1 kilovolts (KV). The Key Distribution Server 11 is connected to the Internet or private Wide Area Network 117 via network interface 14, but is not required to be served by the same electrical distribution grid as the Building, Structure, or Location 111. The Internet or Wide Area Network 117 provides a bidirectional communication path. An intelligent communicating device (ICD) 110 is installed on the low-voltage side of Service Transformer 115. A Communicating Device (CD) 120, which is capable of local-only bidirectional on-grid communications with the ICD 110, is installed at an electrical meter serving Building, Structure, or Location 111. Said Device, PC, or Server 112 can attach directly to the CD via a direct connection such as serial or Ethernet, or can communicate with the CD via an on-grid home area protocol such as Homeplug. Such protocols are well-known in the art. The Device, PC, or Server 112 is also capable of using the local-only bidirectional on-grid communications method to communicate directly with the ICD, in which case the CD 120 is not required to be present but is permitted to be present for other purposes. Regardless of how the Device, PC, or Server 112 accesses it, there exists a local-only on-grid bidirectional communication path 113 between the ICD 110 and Building, Structure, or Location 111 which can be accessed only by a Device, PC, or Server 112 either plugged into wall-socket power at the Building, Structure, or Location 111 or connected directly by other physical means to the CD 120.


A Server 17 controlling a Receiver 16 and a Transmitter 18 is installed at the Distribution Substation 15. Server 17 has a bidirectional connection 116 to the Internet or private Wide Area Network 117. The Electrical Distribution Grid provides a unidirectional on-grid communications path 114 from the ICD 110 to the Server 17 via the Receiver 16 and Interface 118 to the Receiver, and a unidirectional on-grid communications path 13 from the Server 17 to the ICD 110 via the Transmitter 18 and Interface to the Transmitter 119. A conventional network communications path 12 provides an alternate route of connectivity between the Device, PC, or Server 112 and the Key Distribution Server (KDS) 11. Said bidirectional communication paths 12 and 117 can be any form supporting the TCP/IP protocol and can include, but are not limited to, wireless, leased lines, fiber, and Ethernet. In this and other embodiments, the KDS is the owner of a standard Public Key Infrastructure certificate and a trust relationship with the KDS has already been independently established by the Server 17 and the Device, PC, or Server 112.


In the method of Embodiment 1, the Device, PC, or Server 112 will initiate a request for a time-and-place secured Key Token by signaling the ICD 110 over local bidirectional on-grid communication path 113. The Device, PC, or Server's access to the communication path 113 is via the Device, PC, or Server's power cord or charger plugged into a standard wall socket in the Building, Structure, or Location 111, or by a direct physical connection to the CD 120. Upon sending the request, a software program stored on the Device, PC, or Server starts a Unique Request Timer for time window verification. Upon receiving the request, a software program stored on the ICD 110 is activated. The activated software program on the ICD 110 records a unique Requestor ID of the requesting Device, PC, or Server 112 and the time the request was received. The ICD 110 then selects a random time within the pre-determined interval of the Device, PC, or Server's Unique Request Timer at which to forward said request, together with the Requestor ID of the requesting Device, PC, or Server 112 and a unique Local ID of the ICD over the power grid by means of the on-grid unidirectional communications path 114 to Server 17. Upon transmitting said forwarded request, the ICD 110 starts a different, random Unique ICD Timer for time window verification, again within the pre-determined interval of the Unique Request Timer, associating the Unique ICD Timer with the ID of the requesting Device, PC, or Server 112.


When the forwarded request is received at the Receiver 16, the Receiver enhances the request to include at least the electrical phase and feeder(s) upon which the signal was received and the time at which the request was received. The Receiver 16 then passes said enhanced message on to the Server 17. Software stored and executed on the Server 17 uses the enhanced properties of the signal (known as the Grid Location) together with the time the message was received and the locally unique Local ID of the transmitting ICD 110 to determine the globally unique Physical ID of the ICD by comparing them with a Grid Map and Policies stored at Server 17. Any inconsistency between the enhanced properties of the message and the Grid Map and Policies shall be considered evidence of tampering, and shall cause the Server to reject the request.


If no evidence of tampering is found, the Server 17 and associated software program posts the request for a time-and-place secured Key Token along with the Requestor ID of the originating Device, PC, or Server 112, the unique physical ID, and the local ID of the relaying ICD over the conventional wide-area bidirectional data path 117 to the Key Distribution Server. The data path 117 between the Server 17 and the Key Distribution Server 11 is secured by conventional PKI means, a Certified and trusted relationship having previously been established between the Server and the Key Distribution Server.


Upon receiving the request from the Server 17, the Key Distribution Server 11 generates a Special Decryption Key and a Response ID, and returns the Special Decryption Key with the Response ID appended over the bidirectional data path 117 to the Server 17. The Server 17 in turn employs Transmitter 18 to send the Special Decryption Key and Response ID over the unidirectional on-grid data path 13 to the ICD 110. The Special Decryption Key can be either 1) a symmetric key for a well-known encryption scheme such as AES-128, or 2) the decryption half of an asymmetric key pair, where the encryption half of the pair is retained by the KDS 11. In either case, the key or key pair is stored on the KDS, associated with an expiration time and date and the unique ID and local ID of the ICD 110 and the Requestor ID of the Device, PC, or Server 112 and the Response ID. Other information may be added to the store as the KDS acquires information about the outcome of said request and said secured session or operation.


When the ICD 110 receives the Special Decryption Key and Response ID, the ICD first checks to ensure that its Unique ICD Timer has not expired. If the ICD timer has expired, then the ICD notifies the client software on the Device, PC, or Server 112 that the request has failed. Otherwise, the ICD notifies the Device, PC, or Server and associated client software that the transaction has succeeded, providing to the client software the ICD-assigned Requestor ID but not the Special Decryption Key. The client software checks to ensure that the Unique Request Timer has not expired. If the Unique Request Timer has expired, then the client application is notified that the request has failed.


Assuming that all success conditions are met, the client component residing on the Device, PC, or Server 112 initiates a separate Request over conventional communication path 12 directly to the KDS 11, transmitting the ICD-assigned Requestor ID. Identifying the correct stored Key by means of the Requestor ID, the KDS generates the requested permission or Key Token and encrypts it using either the previously stored Special Decryption Key (if the encryption method is symmetric) or the associated Special Encryption Key (if the encryption method is asymmetric). The KDS then responds to the separate Request from the Device, PC, or Server with the encrypted Key Token to which is appended the Response ID.


When the Device, PC, or Server 112 receives the encrypted Key Token and the Response ID, the client software on the Device, PC, or Server uses the Response ID to request the Special Decryption Key from the ICD 110. The ICD checks its unique ICD Timer again. If said unique ICD Timer has expired, then the ICD notifies the client software that the Request has failed. If the ICD Timer has not expired, the ICD sends the Special Decryption Key to the Device, PC, or Server. Device, PC, or Server 112 can now decrypt the Key Token, but the Special Decryption Key has never travelled over any network session between the KDS 11 and the Device, PC, or Server 112. This ensures the security of the Key Token even where a PKI-certified trust relationship between the KDS and the Device, PC, or Server has not been established.


The client software on the Device, PC, or Server checks the Unique Request Timer again, and, providing that it has still not expired, decrypts the Key Token and provides it to the application software. The application software then uses the Key Token as intended to unlock a software function, secure a transaction, or to secure access to media. If at any point in the key exchange process a timer expires, the application software has the option of initiating a new request procedure, provided that connectivity with the ICD 110 is still present.


Embodiment 2



FIG. 2 illustrates a second aspect of the present invention in which a unidirectional on-grid data path from the Server 27 to the ICD 210 is not available. Instead, said ICD 210 contains a cellular wireless modem which it uses to periodically poll on a public IP address of Server 27 over Internet access 23 provided by a commercial cellular service provider. Said polling by said ICD takes place over a secured SSL or TLS connection based on an established PKI trust relationship between the ICD 210 and the Server 27, with Server 27 being the certificate owner. Additionally, when said Server 27 has an urgent message for said ICD 210, such that too much time will elapse before said ICD is expected to poll again, the Server may cause the ICD to poll ahead of time by sending an alert to said ICD via the Short Message Service (SMS) protocol, which is well known in the art of cellular communications. Data Path 23 is hence a bi-directional data path between said Server 27 and said ICD 210. Data path 23 is treated as a limited resource because of the cost constraints on cellular machine-to-machine communications, and is not a substitute for communications between the ICD and the Server along unidirectional data path 214 because only said data path 214 supplies the grid location awareness required to validate the location of said ICD.


In similar embodiments, Data Path 23 may be any other form supporting TCP/IP including, but not limited to, leased line and/or Ethernet. In such embodiments not involving cellular wireless communications, polling by said ICD occurs frequently enough that no signal from said Server 27 to said ICD 210 analogous to said SMS message is required.


In this embodiment, the Server 27 has available to it, either stored locally in a database or accessible via a secure Web Service interface as is well known in the art of internetworking, a Provisioning database which allows the software executing on said Server to derive the SMS address (phone number or short code) of the ICD from its unique Physical ID.


Embodiment 2 is similar to Embodiment 1, except as regards Data Path 13 in Embodiment 1 and Data Path 23 in Embodiment 2. In Embodiment 2, when said Server 27 receives from the KDS 21 a Special Decryption Key with a Response ID appended over bidirectional data path 217, over the Internet or a Wide Area Network, to Server 27, the Server sends an SMS message to the ICD 210 which causes the ICD to immediately send a request for data (a poll) to said Server via a secure SSL or TLS connection over its cellular modem. In contrast, in Embodiment 1 and referring to FIG. 1, the Server responds to said request with Special Decryption Key and Response ID over data path 13 to said ICD 110, whereupon the key and token distribution process proceeds as in Embodiment 1.


All other aspects of Embodiment 2 function as described in Embodiment 1. KDS is attached to bidirectional data path 217 via interface 24. Server 27 is attached to bidirectional data path 217 via interface 216, and to Receiver 26 via interface 218. Cellular Modem 28 is attached to Server 27 via interface 219. A phase of a feeder 29 supplies a long range unidirectional data path 214 from the ICD 210 to the Server 27. The low-voltage electrical grid supplies bidirectional on-grid communication path 213 between ICD 210 and CD 220. Service Transformer 215 is supplied with power by substation 25 and supplies Building, Structure, or Location 211 with power. Device, PC, or Server 212 is powered by conventional means such as a wall-socket to a power source said Building, Structure, or Location 211 and may also have a non-power-line direct physical connection to CD 220. Conventional bi-directional data path 22 provides an alternative non-grid data path from Device, PC, or Server 212 to KDS 21.


Embodiment 3



FIG. 3 illustrates aspects of where the Device, PC, or Server performing the secured operation lacks a direct connection to a conventional network. As shown in FIG. 3, the System comprises a Key Distribution Server (KDS) 31, and a Device, PC, or Server 312 operated at a Building, Structure, or Location 311. Attached to the Device, PC, or Server is a storage device 32 capable of writing data originating on said Device, PC, or Server to removable media. Electrical power is provided to Building, Structure, or Location 311 by a distribution grid. The distribution grid comprises at least one Distribution Substation 35 and at least one Service Transformer 315, wherein a Phase of a Feeder 39 of the at least one Substation supplies power to the Service Transformer 315, which in turn supplies power to Building, Structure, or Location 311. The Key Distribution Server 31 is connected to the Internet or private Wide Area Network 317 via interface 34, but is not required to be served by the same electrical distribution grid as the Building, Structure, or Location 311. The Internet or Wide Area Network 317 provides a bidirectional communication path between Server 37 and KDS 31. An ICD 310 is installed on the low-voltage side of Service Transformer 315. A CD 320, which is capable of local-only bidirectional on-grid communications with said ICD 310 via data path 313, is installed at an electrical meter serving Building, Structure, or Location 311. Said Device, PC, or Server 312 can attach directly to said CD via a direct connection, such as serial or Ethernet, or can communicate with said CD via an on-grid home area protocol such as Homeplug. Such protocols are well-known in the art. The Device, PC, or Server 312 is also capable of using said local-only bidirectional on-grid communications method to communicate directly with said ICD, in which case said CD 320 is not required to be present but is permitted to be present for other purposes. Regardless of how said Device, PC, or Server 312 accesses it, there exists a local-only on-grid bidirectional communication path 313 between said ICD 310 and Building, Structure, or Location 311 which can only be accessed by a Device, PC, or Server 312 plugged into wall-socket power at said Building, Structure, or Location 311 or connected directly by other physical means to said CD 320.


A Server 37 controlling a Receiver 36 and a Transmitter 38 is installed at the Distribution Substation 35. Said Server is connected to Receiver 36 via interface 318 and to Transformer 38 via interface 319. Server 37 has a connection 316 to the Internet or private Wide Area Network 317. The Electrical Distribution Grid provides a unidirectional on-grid communications path 314 from said ICD 310 to said Server 37 via said Receiver 36, and a unidirectional on-grid communications path 33 from said Server 37 to said ICD 310 via said Transmitter 38. In this embodiment, no conventional network communications path provides any alternate route of connectivity between said Device, PC, or Server 312 and said Key Distribution Server 31 or any other node on any local-area, wide-area network, or the Internet. The bidirectional communication path 317 can be any form supporting the TCP/IP protocol and can include, but is not limited to, wireless, leased lines, fiber, and Ethernet. In this and other embodiments, said KDS is the owner of a standard Public Key Infrastructure certificate and a trust relationship with the KDS has already been established by said Server 27. Further, in this embodiment said Server 37 and said ICD 310 have previously established a shared secret symmetric key by means of which communications along unidirectional data paths 33 and 314 are encrypted and decrypted. Said shared secret symmetric key may be used in any embodiment of the present invention, but is required in this embodiment.


In the method of Embodiment 3, said Device, PC, or Server 312 will initiate a request for a time-and-place secured Media Encryption Key by signaling said ICD 310 over local bidirectional on-grid communication path 313. The Device, PC, or Server's access to said communication path 313 is via said Device, PC, or Server's power cord or charger plugged into a standard wall socket in said Building, Structure, or Location 311, or by a direct physical connection to said CD 320. Upon sending said request, a software program stored on said Device, PC, or Server starts a Unique Request Timer for time window verification. Upon receiving said request, a software program stored on said ICD 310 is activated. The activated software program on the ICD 310 records a unique Requestor ID of said requesting Device, PC, or Server 312 and the time said request was received. As in Embodiment 1, said ICD 310 forwards said request, together with said Requestor ID of said requesting Device, PC, or Server 312 and a unique Local ID of said ICD over the power grid by means of said on-grid unidirectional communications path 314. Upon transmitting said forwarded request, the ICD 310 starts a different Unique ICD Timer for time window verification, associating said Unique ICD Timer with the ID of said requesting Device, PC, or Server 312.


When said forwarded request is received at said Receiver 36, the Receiver enhances the request to include at least the electrical phase and feeder(s) upon which the signal was received and the time at which said request was received before passing said enhanced message on to said Server 37. Software stored and executed on said Server 37 uses the enhanced properties of said signal (known as the Grid Location) together with the time the message was received and the unique Local ID of said transmitting ICD 310 to determine the unique Physical ID of said ICD by comparing them with a Grid Map and Policies stored at Server 37. Any inconsistency between the enhanced properties of said message and the Grid Map and Policies shall be considered evidence of tampering, and shall cause the Server to reject the request.


If no evidence of tampering is found, said Server 37 and associated software program posts the request for a time-and-place secured Media Encryption Key along with the Requestor ID of the originating Device, PC, or Server 312 and the unique physical ID and the local ID of the relaying ICD over the conventional wide-area bidirectional data path 317 to the Key Distribution Server. The bidirectional data path 317 from said Server 37 to and from said Key Distribution Server 31 is secured by conventional PKI means, a Certified and trusted relationship having previously been established between said Server and said Key Distribution Server.


Upon receiving said request from said Server 37 the Key Distribution Server 31 generates a Media Encryption Key and a Response ID, and returns the Media Encryption Key with the Response ID appended over bidirectional data path 317 to said Server 37. Said Server 37 in turn encrypts said Media Encryption Key and associated Requestor ID using said shared secret, encrypts said Response ID using the secret shared by said Server 37 and said KDS 31, concatenates the two encrypted messages, and employs Transmitter 38 to send said resulting message over the unidirectional on-grid data path 33 to said ICD 310. Said Media Encryption Key can be either 1) a symmetric key for a well-known encryption scheme such as AES-128, or 2) the encryption half of an asymmetric key pair, where the decryption half of the pair is retained by said KDS 31. In either case, said symmetric key or decryption half is stored on said KDS, associated with an expiration time and date, the unique ID and local ID of said ICD 310, the Requestor ID of said Device, PC, or Server 312, and said Response ID.


When ICD 310 receives said message containing said Media Encryption Key, the ICD first checks to ensure that its Unique ICD Timer has not expired. If said ICD timer has expired, then said ICD notifies said client software on said Device, PC, or Server 312 that the request has failed. Otherwise, the ICD notifies the Device, PC, or Server and associated client software that the transaction has succeeded, providing to the client software said ICD-assigned Requestor ID but not said Media Encryption Key. The client software checks to ensure that its Unique Request Timer has not expired. If said Timer has expired, then the client application is notified that the request has failed.


Assuming that all success conditions are met, the client component residing on Device, PC, or Server 312 requests the Media Encryption Key from said ICD 310. The ICD again checks the Unique ICD timer, and fails the request if the Unique ICD Timer has now expired. If it has not, the ICD returns to the Device, PC, or Server, over the bi-directional communication path 313, the Media Encryption Key and Requestor ID, and the still-encrypted Response ID. Note that neither the ICD 310 nor the Device, PC, or Server 311 alone has sufficient information to decrypt the Response ID.


Device, PC, or Server 311 now writes data to removable media via Storage Device 32 as follows: 1) said encrypted Response ID, 2) said Requestor ID in the clear, and 3) the data payload for which the Media Encryption Key was requested, encrypted by means of said Media Encryption Key.


The resulting Encrypted Media can now be securely removed from Building, Structure, or Location 311. To decrypt said Encrypted Media at another site, a Reader must recognize the media type, know the URL of said KDS 31, and have established a PKI-certified trust relationship with said KDS 31. The Reader then, using a secure and certified TLS or SSL session with said KDS, makes a Key Request of the KDS containing said Requestor ID and encrypted Response ID. The KDS uses the Requestor ID to determine the correct decryption key for the Response ID, decrypts said Response ID, and, provided that the decrypted Response ID matches said Requestor ID, returns the proper Media Decryption Key to the Reader, allowing the Encrypted Media to be deciphered. It will be apparent to one skilled in the art that the Grid Location information described in the present invention can be used to further restrict the use of the data on said Encrypted Media by ensuring that the Media Decryption Key is returned only to Readers at approved sites, whether the approved site is the same as or different from the Building, Structure, or Location 311 where the media was created. It will further be apparent that the method of Embodiment 3 is operable, though less secure, even if said Device, PC, or Server used to create said Encrypted Media has a conventional network connection.


Secure Session Embodiment


In Embodiments 1, 2, and 3 one ordinarily skilled in the art will observe that the methods of the present invention are used to authenticate the site at which a secured session or operation, including the writing of encrypted media, takes place, and the time at which said session or operation begins.


The present invention ensures that a secured session or operation is completed within a prescribed time interval, and that the completion is at the site.


Referring again to FIG. 1, after providing said Device, PC, or Server 112 with the necessary Key or Key Token, said ICD 110 may start a new Unique Session Timer defining the time within which the secured session or operation must be completed. Said Unique Session Timer is not randomized, but reflects the actual expected time for completing the secured session or operation. The Key Token may encode the expected time, although other methods of determining the expected time may be used.


The client component software of the present invention provides the application software running on said Device, PC, or Server 112 which will carry out the secured session or operation with the Key and or Key Token required to initiate said secured session or operation. The client software component of the present invention then polls said ICD 110 at regular intervals until said application software notifies said client software that the secured session or operation is complete. If, prior to the completion of the secured session or operation, an attempt to poll said ICD should fail, the client software notifies the application software that the secured session or operation is compromised and must be aborted. A polling failure indicates that the host Device, PC, or Server 112 has been disconnected from the power source and hence potentially removed from said secured Building, Structure, or Location 111.


If the application software notifies the client software that the secured session or operation has completed successfully, then the client software notifies the ICD 110 of the completion event. If the Unique Session Timer has not expired, then the ICD cancels the Timer and sends a notification via secure unidirectional data path 114 to the Server 17 that the transaction associated with the Requestor ID has completed its work. Server 17 forwards the notification to the KDS 11, which marks the stored keys and other data associated with said Requestor ID as valid and complete.


If the Unique Session Timer expires on the ICD 110 and the client software running on the Device, PC, or Server 112 has not notified the ICD that the secured session or operation has been completed, the ICD sends a notification via secure unidirectional data path 114 to Server 17 that the secure session or operation associated with the Requestor ID has failed or been compromised. The Server 17 forwards the notification via the bi-directional data path 117 over the Internet or a Private Wide-Area Network to the KDS 11, which marks the stored keys and other data associated with the Requestor ID as invalid and untrustworthy.


If the ICD 11 experiences a power outage, then upon recovery software residing on the ICD checks the non-volatile storage associated with the ICD to determine whether any Unique Session Timers or Unique ICD (request) Timers were unexpired at the time of the power loss. If any such Timers are discovered, then the ICD again notifies the Server 17 and the KDS 11 that the associated keys, media, and requests are invalid and untrustworthy.


Designated Secure Sites Embodiment


Referring again to FIG. 1, it may be that in some Buildings, Structures, or Locations 111 which are served by a single ICD 110, such as hotels, convention centers, and the like, some rooms or sites within the Building, Structure, or Location are secure (e.g. a hotel room) and other rooms or sites within the same Building, Structure, or Location (e.g. a restaurant) are not secure. It is well known in the art that a power outlet installed in a Building, Structure, or Location can be enhanced with electronics such that said outlet is addressable by means of a local on-grid communication protocol such as Homeplug. To ensure that said secure sessions or operations with said Device, PC, or Server 112 are initiated only from secure sites within said Building, Structure, or Location, the software residing on said ICD can be configured such that any Request for a secure session or operation must reach said ICD by way of such an addressable outlet, and the client software on said Device, PC, or Server can be configured to obtain from the ICD information as to whether the address of such an enhanced outlet must accompany any Request for such a secure session or operation.


Means by which such enhanced outlets are authenticated by the local or home area network are well-known in the art. Use of such well-known authentication methods prevents users of mobile Devices or PCs from carrying an addressable plug-in outlet enhancer in order to subvert this requirement. This method may also be used in the case where one ICD serves a plurality of Buildings, Structures, or Locations which do not have attached CDs. When CDs are present, said CDs serve to differentiate one Building, Structure, or Location from another.


Other Embodiments


This description of the preferred embodiments of the invention is for illustration as a reference model and is not exhaustive or limited to the disclosed forms, many modifications and variations being apparent to one of ordinary skill in the art.


It should be recognized that the use of High Speed Internet to provide a bidirectional communication path, depicted in FIGS. 1, 2, and 3 as 117, 217 and 317 respectively, is only one method of providing the bi-directional communications path between the Server and the KDS, and that the invention may use alternate form of communications.


It should further be recognized that this invention may be enhanced in certain installations wherein the Service Transformer, depicted as element 115, 215 and, 315 in the Figures may be located in a physically secure site, such as within the building housing a Device, PC, and/or Server. As such, attack vectors attempting to directly attach equipment to the Grid would have to deal with Feeder voltage. Given the voltage range of Feeders in the USA, 4.1 KV to 34.5 KV (and higher elsewhere in the world) this physical/electrical impediment further strengthens the protective nature of this invention. Attachment and grid-related introduction of detection/communications equipment creates disturbances on the Grid, and therefore devices implementing this invention (e.g. said Receiver and said ICD) can be made to detect and protect against an attack vector.

Claims
  • 1. A method for obtaining a decryption key for use in a secure communication session, comprising: receiving, by an intelligent communicating device (ICD) via an electrical distribution grid on a low voltage side of a transformer, a first request from a computing device coupled to the electrical distribution grid via an electrical outlet for a decryption key for use in the secure communication session;sending, via the electrical distribution grid to a receiver coupled to the electrical distribution grid on a high voltage side of the transformer, a second request for the decryption key;receiving, from a transmitter coupled to the electrical distribution grid on the high voltage side of the transformer, the decryption key; andsending the decryption key to the computing device via the electrical distribution grid.
  • 2. The method of claim 1 wherein the second request includes a unique identifier (ID) that uniquely identifies the ICD from a plurality of other ICDs coupled to the electrical distribution grid.
  • 3. The method of claim 1 wherein receiving the decryption key comprises receiving the decryption key and a first response ID; further comprising receiving, prior to sending the decryption key to the computing device, a third request from the computing device for the decryption key, the third request including a second response ID; andbased on determining that the second response ID matches the first response ID, sending the decryption key to the computing device via the electrical distribution grid.
  • 4. The method of claim 1 further comprising: receiving, from the computing device via the electrical distribution grid, a message indicating the secure communication session has completed; andnotifying, via the electrical distribution grid, the receiver that the secure communication session has completed.
  • 5. An intelligent communicating device (ICD) for obtaining a decryption key for use in a secure communication session, comprising: a communication interface configured to be coupled to a low voltage side of an electrical distribution grid;a processor device coupled to the communication interface and configured to: receive, via the electrical distribution grid, a first request from a computing device coupled to the electrical distribution grid via an electrical outlet for a decryption key for use in the secure communication session;send, via the electrical distribution grid to a receiver coupled to the electrical distribution grid on a high voltage side of the transformer, a second request for the decryption key;receive, from a transmitter coupled to the electrical distribution grid on the high voltage side of the transformer, the decryption key; andsend the decryption key to the computing device via the electrical distribution grid.
  • 6. The ICD of claim 5 wherein the second request includes a unique identifier (ID) that uniquely identifies the ICD from a plurality of other ICDs coupled to the electrical distribution grid.
  • 7. The ICD of claim 5 wherein to receive the decryption key the processor device is further configured to receive the decryption key and a first response ID; wherein the processor device is further configured to receive, prior to sending the decryption key to the computing device, a third request from the computing device for the decryption key, the third request including a second response ID; andwherein the processor device is further configured to send, based on determining that the second response ID matches the first response ID, the decryption key to the computing device via the electrical distribution grid.
  • 8. The ICD of claim 5 wherein the processor device is further configured to: receive, from the computing device via the electrical distribution grid, a message indicating the secure communication session has completed; andnotify, via the electrical distribution grid, the receiver that the secure communication session has completed.
RELATED APPLICATIONS

This patent application is a divisional of co-pending U.S. patent application Ser. No. 14/720,780, filed on May 23, 2015, entitled “SYSTEM AND METHOD FOR GRID BASED CYBER SECURITY,” which is a continuation of U.S. patent application Ser. No. 13/493,983, filed on Jun. 11, 2012, entitled “SYSTEM AND METHOD FOR GRID BASED CYBER SECURITY,” now U.S. Pat. No. 9,059,842, which claims the benefit of U.S. Provisional Application No. 61/495,173, filed on Jun. 9, 2011, entitled “SYSTEM AND METHOD FOR GRID BASED CYBER SECURITY,” the disclosures of each of which are hereby incorporated herein by reference in their entireties.

US Referenced Citations (264)
Number Name Date Kind
3733586 Lusk et al. May 1973 A
3911415 Whyte Oct 1975 A
3942170 Whyte Mar 1976 A
3944723 Fong Mar 1976 A
4200770 Hellman et al. Apr 1980 A
4361766 de Montgolfier et al. Nov 1982 A
4371867 Gander Feb 1983 A
4568934 Allgood Feb 1986 A
4580276 Andruzzi, Jr. et al. Apr 1986 A
4633463 Mack Dec 1986 A
4668934 Shuey May 1987 A
4918422 Mak Apr 1990 A
5463624 Hogg et al. Oct 1995 A
5812557 Stewart et al. Sep 1998 A
5818725 McNamara et al. Oct 1998 A
5987305 Reitberger Nov 1999 A
6144292 Brown Nov 2000 A
6212560 Fairchild Apr 2001 B1
6366062 Baretich et al. Apr 2002 B2
6373399 Johnson et al. Apr 2002 B1
6535797 Bowles et al. Mar 2003 B1
6650249 Meyer et al. Nov 2003 B2
6687110 Murray Feb 2004 B2
6690655 Miner et al. Feb 2004 B1
6747994 Oses et al. Jun 2004 B2
6788702 Garcia-Luna-Aceves et al. Sep 2004 B1
6961641 Forth et al. Nov 2005 B1
7053756 Mollenkopf et al. May 2006 B2
7058524 Hayes et al. Jun 2006 B2
7069117 Wilson et al. Jun 2006 B2
7076378 Huebner Jul 2006 B1
7188003 Ransom et al. Mar 2007 B2
7194528 Davidow Mar 2007 B1
7236765 Bonicatto et al. Jun 2007 B2
7251570 Hancock et al. Jul 2007 B2
7280931 Kim et al. Oct 2007 B1
7319280 Landry et al. Jan 2008 B1
7323968 Iwamura Jan 2008 B2
7369579 Logvinov et al. May 2008 B2
7412338 Wynans et al. Aug 2008 B2
7552437 Di Luoffo et al. Jun 2009 B2
7571028 Lapinski et al. Aug 2009 B2
7598844 Corcoran et al. Oct 2009 B2
7701330 Iwamura Apr 2010 B2
7808128 Weber, Jr. et al. Oct 2010 B1
7826538 Weber, Jr. Nov 2010 B1
7870600 Huotari et al. Jan 2011 B2
7873077 Downey et al. Jan 2011 B2
7876717 Iwamura Jan 2011 B2
7948255 Shim et al. May 2011 B2
8019483 Keefe Sep 2011 B2
8050879 Koste et al. Nov 2011 B2
8055896 Jin et al. Nov 2011 B2
8099479 Saint-Hilaire Jan 2012 B2
8207726 Vaswani et al. Jun 2012 B2
8519832 Loporto et al. Aug 2013 B2
8626462 Kolwalkar et al. Jan 2014 B2
8639922 Phatak Jan 2014 B2
8639992 Haufe et al. Jan 2014 B2
8711995 Glende Apr 2014 B2
8737555 Haug et al. May 2014 B2
8818742 Ansari Aug 2014 B2
8872667 Bhageria et al. Oct 2014 B2
9059842 Bernheim Jun 2015 B2
9287933 Yu Mar 2016 B2
9380545 Martin et al. Jun 2016 B2
9438312 Bernheim et al. Sep 2016 B2
9647994 Bernheim May 2017 B2
9654287 Zhao May 2017 B2
9768613 Taft Sep 2017 B2
9859712 Nishibayashi et al. Jan 2018 B2
9917442 Beauregard et al. Mar 2018 B2
9958925 Chapel et al. May 2018 B2
20010018561 Tanida Aug 2001 A1
20010037378 Hirayama Nov 2001 A1
20010055272 Matsuno et al. Dec 2001 A1
20020009155 Tzannes Jan 2002 A1
20020069299 Rosener et al. Jun 2002 A1
20020089927 Fischer et al. Jul 2002 A1
20030098671 Hochgraf May 2003 A1
20030151491 Martin et al. Aug 2003 A1
20040062267 Minami et al. Apr 2004 A1
20040110044 McArthur et al. Jun 2004 A1
20040160990 Logvinov et al. Aug 2004 A1
20040184406 Iwamura Sep 2004 A1
20040218688 Santhoff et al. Nov 2004 A1
20040226621 Phillips et al. Nov 2004 A1
20040227621 Cope et al. Nov 2004 A1
20050005150 Ballard Jan 2005 A1
20050017848 Flen et al. Jan 2005 A1
20050018766 Iwamura Jan 2005 A1
20050043860 Petite Feb 2005 A1
20050047379 Boyden et al. Mar 2005 A1
20050063422 Lazar et al. Mar 2005 A1
20050144437 Ransom et al. Jun 2005 A1
20050155033 Luoffo et al. Jul 2005 A1
20050207079 Tiller et al. Sep 2005 A1
20050253690 Crenshaw et al. Nov 2005 A1
20050281326 Yu Dec 2005 A1
20060071757 Burghard et al. Apr 2006 A1
20060078044 Norrell et al. Apr 2006 A1
20060091877 Robinson et al. May 2006 A1
20060097573 Gidge et al. May 2006 A1
20060152344 Mowery, Jr. Jul 2006 A1
20060259199 Gjerde et al. Nov 2006 A1
20060291575 Berkman et al. Dec 2006 A1
20070047573 Logvinov et al. Mar 2007 A1
20070076650 Manjeshwar et al. Apr 2007 A1
20070100506 Teichmann May 2007 A1
20070101438 Govindarajan May 2007 A1
20070114987 Kagan May 2007 A1
20070162550 Rosenberg Jul 2007 A1
20070208521 Petite et al. Sep 2007 A1
20070211401 Mak Sep 2007 A1
20070237181 Cho et al. Oct 2007 A1
20070247331 Angelis et al. Oct 2007 A1
20070271383 Kim et al. Nov 2007 A1
20070297425 Chirco Dec 2007 A1
20080040479 Bridge et al. Feb 2008 A1
20080057866 Schwager et al. Mar 2008 A1
20080109387 Deaver et al. May 2008 A1
20080187116 Reeves et al. Aug 2008 A1
20080209481 Barrett Aug 2008 A1
20080219239 Bell et al. Sep 2008 A1
20080273521 Shao et al. Nov 2008 A1
20080312851 Kagan et al. Dec 2008 A1
20090027061 Curt et al. Jan 2009 A1
20090060060 Stadelmeier et al. Mar 2009 A1
20090088907 Lewis et al. Apr 2009 A1
20090096416 Tonewaga et al. Apr 2009 A1
20090125351 Davis, Jr. et al. May 2009 A1
20090134699 Choi et al. May 2009 A1
20090187344 Brancaccio et al. Jul 2009 A1
20090210197 Cleary Aug 2009 A1
20090219932 Kobayashi Sep 2009 A1
20090238252 Shah et al. Sep 2009 A1
20090240504 Pang et al. Sep 2009 A1
20090243838 Jones Oct 2009 A1
20090256686 Abbot et al. Oct 2009 A1
20090304101 LoPorto et al. Dec 2009 A1
20100005273 Lee et al. Jan 2010 A1
20100007219 de Buda et al. Jan 2010 A1
20100007336 de Buda Jan 2010 A1
20100010857 Fadell Jan 2010 A1
20100040068 Wimmer Feb 2010 A1
20100054349 Spencer Mar 2010 A1
20100061433 Stadelmeier et al. Mar 2010 A1
20100134089 Uram et al. Jun 2010 A1
20100141392 Jo et al. Jun 2010 A1
20100180144 Groseclose, Jr. et al. Jul 2010 A1
20100188260 Cornwall et al. Jul 2010 A1
20100202471 Maki Aug 2010 A1
20100217549 Galvin et al. Aug 2010 A1
20100217550 Crabtree et al. Aug 2010 A1
20100262313 Chambers et al. Oct 2010 A1
20100262393 Sharma et al. Oct 2010 A1
20100286840 Powell et al. Nov 2010 A1
20100296560 Sadan et al. Nov 2010 A1
20100296590 Takasu Nov 2010 A1
20100306533 Phatak Dec 2010 A1
20110026621 Kim et al. Feb 2011 A1
20110035073 Ozog Feb 2011 A1
20110040419 Kogler et al. Feb 2011 A1
20110040803 Pasquero et al. Feb 2011 A1
20110043340 Kim et al. Feb 2011 A1
20110103429 Tanaka et al. May 2011 A1
20110106321 Cherian et al. May 2011 A1
20110109320 Curt et al. May 2011 A1
20110118888 White, II May 2011 A1
20110121654 Recker et al. May 2011 A1
20110122798 Hughes et al. May 2011 A1
20110130991 Koste et al. Jun 2011 A1
20110130992 Kolwalkar et al. Jun 2011 A1
20110133655 Recker et al. Jun 2011 A1
20110140911 Pant et al. Jun 2011 A1
20110196546 Muller et al. Aug 2011 A1
20110208468 Yamamoto et al. Aug 2011 A1
20110212700 Petite Sep 2011 A1
20110216747 Shao et al. Sep 2011 A1
20110224935 Hampel et al. Sep 2011 A1
20110267202 Efthymiou et al. Nov 2011 A1
20110282508 Goutard et al. Nov 2011 A1
20110285382 Kolwalkar et al. Nov 2011 A1
20120020395 Domanovitz et al. Jan 2012 A1
20120026908 Tzannes et al. Feb 2012 A1
20120036250 Vaswani et al. Feb 2012 A1
20120041696 Sanderford, Jr. et al. Feb 2012 A1
20120052870 Habicher Mar 2012 A1
20120062210 Veillette Mar 2012 A1
20120062390 Solomon Mar 2012 A1
20120068784 Varadarajan et al. Mar 2012 A1
20120075099 Brown Mar 2012 A1
20120123606 Mollenkopf et al. May 2012 A1
20120128080 Woo et al. May 2012 A1
20120136500 Hughes May 2012 A1
20120137126 Matsuoka May 2012 A1
20120139554 Parsons Jun 2012 A1
20120155557 Bush et al. Jun 2012 A1
20120158329 Hurri et al. Jun 2012 A1
20120185838 Schwartzman et al. Jul 2012 A1
20120195355 El-Essawy et al. Aug 2012 A1
20120201145 Ree et al. Aug 2012 A1
20120201155 Du et al. Aug 2012 A1
20120232915 Bromberger Sep 2012 A1
20120236879 Oksman et al. Sep 2012 A1
20120242499 Ree Sep 2012 A1
20120245869 Ansari Sep 2012 A1
20120250864 Nishibayashi Oct 2012 A1
20120262355 He et al. Oct 2012 A1
20120265355 Bernheim et al. Oct 2012 A1
20120266209 Gooding Oct 2012 A1
20120275084 Familiant et al. Nov 2012 A1
20120275526 Hughes Nov 2012 A1
20120280565 Logvinov Nov 2012 A1
20120294342 Schneider et al. Nov 2012 A1
20120307646 Xia et al. Dec 2012 A1
20120310424 Taft Dec 2012 A1
20120310558 Taft Dec 2012 A1
20120313620 Swarztrauber et al. Dec 2012 A1
20120314782 Boivin et al. Dec 2012 A1
20120314868 Bernheim et al. Dec 2012 A1
20120316696 Boardman et al. Dec 2012 A1
20120323388 Littrell et al. Dec 2012 A1
20120327989 Zhang et al. Dec 2012 A1
20130013232 Parwal et al. Jan 2013 A1
20130031201 Kagan et al. Jan 2013 A1
20130034086 Martin et al. Feb 2013 A1
20130063273 Bhageria et al. Mar 2013 A1
20130067253 Tsuda Mar 2013 A1
20130121157 Logvinov et al. May 2013 A1
20130132555 Wang et al. May 2013 A1
20130151177 Hughes Jun 2013 A1
20130193767 Carralero et al. Aug 2013 A1
20130194975 Vedantham et al. Aug 2013 A1
20130204450 Kagan et al. Aug 2013 A1
20130257452 DeLeo et al. Oct 2013 A1
20140035372 Normoyle et al. Feb 2014 A1
20140062719 Rowitch Mar 2014 A1
20140105313 Kim et al. Apr 2014 A1
20140118163 Li et al. May 2014 A1
20140125125 Wyatt May 2014 A1
20140140358 Kim et al. May 2014 A1
20140167735 Beroset Jun 2014 A1
20140172723 Borisov et al. Jun 2014 A1
20140191568 Partovi Jul 2014 A1
20140233620 Bernheim et al. Aug 2014 A1
20140233662 Hansell et al. Aug 2014 A1
20140236365 Martin et al. Aug 2014 A1
20140236366 Livadaras et al. Aug 2014 A1
20140236506 Nikovski et al. Aug 2014 A1
20140300210 Abi-Ackel et al. Oct 2014 A1
20140359595 Sehgal et al. Dec 2014 A1
20140361907 Bernheim et al. Dec 2014 A1
20140368189 Bernheim et al. Dec 2014 A1
20150010093 Hansell et al. Jan 2015 A1
20150316620 Luan et al. Nov 2015 A1
20160112378 Bernheim et al. Apr 2016 A1
20160124421 Hansell et al. May 2016 A1
20160127242 Bernheim et al. May 2016 A1
20160164287 Bernheim Jun 2016 A1
20160204991 Martin et al. Jul 2016 A1
20160285511 Hansell et al. Sep 2016 A1
20160302238 Martin et al. Oct 2016 A1
20170344047 Cioraca Nov 2017 A1
Foreign Referenced Citations (40)
Number Date Country
101770007 Jul 2010 CN
0395495 Oct 1990 EP
0629098 Dec 1994 EP
1901145 Mar 2008 EP
233043 Jun 2011 EP
2566125 Mar 2013 EP
3116084 Jan 2017 EP
H01106652 Apr 1989 JP
H09501766 Feb 1997 JP
2003258689 Sep 2003 JP
2003259696 Sep 2003 JP
2003339120 Nov 2003 JP
2004015840 Jan 2004 JP
2004147063 May 2004 JP
2005252671 Sep 2005 JP
2006262570 Sep 2006 JP
2007185083 Jul 2007 JP
2008508781 Mar 2008 JP
2008098812 Apr 2008 JP
2008124859 May 2008 JP
2010156694 Jul 2010 JP
2010161923 Jul 2010 JP
2010533843 Oct 2010 JP
2010268121 Nov 2010 JP
2011525787 Sep 2011 JP
2012227928 Nov 2012 JP
2012235457 Nov 2012 JP
2013005718 Jan 2013 JP
2013106255 May 2013 JP
9501030 Jan 1995 WO
9806187 Feb 1998 WO
2009067250 May 2009 WO
2010027421 Mar 2010 WO
2010141859 Dec 2010 WO
2013006273 Jan 2013 WO
2013013162 Jan 2013 WO
20013030937 Mar 2013 WO
2014006662 Jan 2014 WO
2014062967 Apr 2014 WO
2014096911 Jun 2014 WO
Non-Patent Literature Citations (224)
Entry
Author Unknown, “MicroPianet® Voltage Regulators,” EnergyIdeas Clearinghouse PTR #6.4, Product and Technology Review, Jun. 2008, 6 pages, http://www.energyideas.org/documents/factsheets/PTR/Microplanet.pdf.
Author Unknown, “Prime Alliance Official Website,” Web, Date Accessed: Nov. 4, 2015, 3 pages, http://www.prime-alliance.org/.
Author Unknown, “The G3 PLC Alliance Unveils its Interoperability process,” The G3-PLC Alliance, Oct. 8, 2012, Paris, France, http://www.g3-plc.com/content/press-releases, p. 1.
Author Unknown, “TWACS Low Frequency Power Line Communication Signals Problematic to Public Health,” dated May 3, 2013, 20 pages, http://www.eiwellspring.org/smartmeter/TWACS.pdf.
Author Unknown, “Universal Powerline Bus Communication Technology Overview,” Powerline Control Services, Jan. 8, 2002, 13 pages, http://pulseworx.com/downloads/upb/UpbOverview.pdf.
Baggini, Angelo “Handbook of Power Quality” John Wiley & Sons, Ltd., 2008, 65 pages.
Bates, Michael, “CVR has Potential Beyond Pushing Efficiencies on Feeders.” renewGRID, Mar. 26, 2012, 2 pages, http://www.renew-grid.com/e107plugins/contenl/contenl.php?contenl.8215.
Bresesti, Paola et al., “SDNO: Smart Distribution Network Operation Project”, Power Engineering Society General Meeting, IEEE, 2007, 4 pages.
Choi, Moonsuk et al., “Design of Integrated Meter Reading System based on Power-Line Communication”, Power Line Communications and Its Applications, IEEE, International Symposium, 2008, pp. 280-284.
Collins, Dermot et al., “Transmission on Power Line Cables,” Telektronikk, vol. 95, No. 2/3, 1999, pp. 134-137.
Dilek, M., “Integrated Design of Electrical Distribution Systems: Phase Balancing and Phase Prediction Case Studies,” Dissertation, 2001, 150 pages, http://scholar.lib.vt.edu/theses/available/etd-11132001-222401/.
Goh, Chong Hock K., “A Current Study of Automatic Meter Reading Solutions via Power Line Communications,” 19 pages, http://wpweb2k.gsia.cmu.edu/ceic/publicatons.htm. (Published 2003 or later as evidenced by the bibliography).
Ha, K. A., “Power Line Communication Technology,” Presentation at Hong Kong Institute of Engineers Seminar on Last Mile Technology, Jun. 20, 2003, 24 pages.
Hooijen, Olaf G. “A Channel Model for the Residential Power Circuit Used as a Digital Communications Medium,” IEEE Transactions on Electromagnetic Compatibility, vol. 40, No. 4, Nov. 1998, pp. 331-336.
Mcghee, Jim et al., “Smart High Voltage Substation based on IEC 61850 Process Bus and IEEE 1588 Time Synchronization” 2010 First IEEE International Conference on Smart Grid Communications, IEEE, Oct. 4-6, 2010, pp. 489-494.
Mitchell, Travis, “Dominion Conservation Voltage Reduction software reduces energy use by 2.8%,” Fierce Energy Daily, Sep. 27, 2011, 3 pages, http://www.fierceenergy.com/story/dominion-conservation-voltage-reduction-soflware-reduces-energy-use-28/2011-09-27.
Montoya, Luis F.,“Power Line Communications Performance Overview of the Physical Layer of Available Protocols,” Thesis of Research, University of Florida, Gainesville, Florida, Date Unknown, pp. 1-15.
Moreno-Munoz A., et al., “Integrating Power Quality to Automated Meter Reading”, IEEE Industrial Electronics Magazine, IEEE, US, vol. 2, No. 2, Jun. 17, 2008, pp. 10-18.
Newbury, John, “Efficient Communication Services Using the Low Voltage Distribution Line,” Proceedings of 2002 PES Winter Meeting, IEEE, 2002, pp. 579-591.
Nyack, Cuthbert A., “Convolution and Autocorrelation,” Web, Date Accessed: Nov. 4, 2015, 3 pages, http://cnyack.homestead.com/files/aconv/convau1.htm.
Pallares-Lopez et al., “Embedding synchronism in SmartGrid with IEEE1588-based for Intelligent Electronics,” 2010 First IEEE International Conference on Smart Grid Communications, published/presented Oct. 4-6, 2010, Gaithersburg, Maryland, 7 pages.
Pavlidou, Niovi et al., “Power Line Communications: State of the Art and Future Trends,” IEEE Communications Magazine, IEEE, vol. 41, No. 4, Apr. 2003, pp. 34-40.
Rye, Dave, “The X-10 Powerhouse Power Line Interface Model #PL513 and Two-Way Power Line Interface Model #TW523,” X-10 Inc., X-10.RTM. Powerhouse (TM) Technical Note, Revision 2.4, 1991, 12 pages.
Schickhuber, Gerald et al., “Control Using Power Lines—A European View,” Computing & Control Engineering Journal, vol. 8, No. 4, Aug. 1997, pp. 180-184.
Sherman et al, “Location Authentication through Power Line Communication: Design, Protocol, and Analysis of a New Out of Band Strategy,” Cyber Defense Lab, Department of CSEE, University of Maryland, Baltimore County, IEEE, 2010, pp. 279-284.
Van Rensburg, Petrus A. Hanse et al., “Design of a Bidirectional Impedance-Adapting Transformer Coupling Circuit for Low-Voltage Power-Line Communications,” IEEE Transactions on Power Delivery, IEEE, vol. 20, No. 1, Jan. 2005, pp. 64-70.
International Search Report for PCT/US2014/016538, dated Jun. 16, 2014, 3 pages.
International Preliminary Report on Patentability for PCT/US2014/016538, dated Sep. 3, 2015, 10 pages.
International Search Report for PCT/US2014/016540, dated Jun. 17, 2014, 3 pages.
International Preliminary Report on Patentability for PCT/US2014/016540, dated Sep. 3, 2015, 9 pages.
International Search Report for PCT/US2014/016535, dated Jun. 3, 2014, 2 pages.
International Preliminary Report on Patentability for PCT/US2014/016535, dated Sep. 3, 2015, 8 pages.
International Search Report and Written Opinion for PCT/US2014/041396, dated Oct. 29, 2014, 12 pages.
International Search Report and Written Opinion for PCT/US2014/042300, dated Oct. 20, 2014, 16 pages.
International Search Report and Written Opinion for PCT/US2014/042393, dated Oct. 20, 2014, 15 pages.
International Search Report for PCT/US2009/046644, dated Mar. 2, 2010, 7 pages.
International Preliminary Report on Patentability for PCT/US2009/046644, dated Dec. 6, 2010, 10 pages.
International Search Report for PCT/US2012/033789, dated Sep. 6, 2012, 4 pages.
International Search Report for PCT/US2012/041971, dated Dec. 7, 2012, 5 pages.
International Search Report for PCT/US2012/049524, dated Jan. 3, 2013, 3 pages.
Non-Final Office Action for U.S. Appl. No. 13/566,481, dated Aug. 7, 2015, 27 pages.
Non-Final Office Action for U.S. Appl. No. 13/493,983, dated Feb. 5, 2014, 11 pages.
Final Office Action for U.S. Appl. No. 13/493,983, dated Oct. 31, 2014, 12 pages.
Non-Final Office Action for U.S. Appl. No. 13/448,005, dated Sep. 11, 2014, 20 pages.
Non-Final Office Action for U.S. Appl. No. 13/448,005, dated Apr. 15, 2015, 22 pages.
Non-Final Office Action for U.S. Appl. No. 12/480,493, dated Jul. 16, 2012, 24 pages.
Notice of Allowance and Examiner-Initiated Interview Summary for U.S. Appl. No. 12/480,493, dated Jun. 20, 2013, 13 pages.
Non-Final Office Action for U.S. Appl. No. 13/896,029, dated Sep. 18, 2015, 16 pages.
Non-Final Office Action for U.S. Appl. No. 13/871,944, dated Oct. 16, 2015, 13 pages.
Non-Final Office Action for U.S. Appl. No. 13/888,102, dated Jul. 9, 2015, 18 pages.
Search Report for Japanese Patent Application No. 2011-512749, search date Aug. 14, 2013, 29 pages.
Office Action for Japanese Patent Application No. 2011-512749, dated Sep. 4, 2013, 7 pages.
International Preliminary Report on Patentability for PCT/US2014/041396, dated Dec. 17, 2015, 8 pages.
International Preliminary Report on Patentability for PCT/US2014/042300, dated Dec. 23, 2015, 9 pages.
International Preliminary Report on Patentability for PCT/US2014/042393, dated Dec. 23, 2015, 11 pages.
Office Action for Canadian Patent Application No. 2,727,034, dated Nov. 26, 2015, 4 pages.
Decision of Final Rejection for Japanese Patent Application No. 2014-119504, dated Nov. 10, 2015, 5 pages.
Translation of Decision to Grant for Japanese Patent Application No. 2014-119505, dated Dec. 15, 2015, 3 pages.
Office Action for Cuban Patent Application No. 2015-0088, dated Oct. 30, 2015, 3 pages.
Final Office Action for U.S. Appl. No. 13/888,102, dated Dec. 24, 2015, 18 pages.
Non-Final Office Action for U.S. Appl. No. 13/911,849, dated Nov. 24, 2015, 15 pages.
Sendin, Alberto, et al., “Enhanced Operation of Electricity Distribution Grids Through Smart Metering PLC Network Monitoring, Analysis and Grid Conditioning,” Energies, vol. 6, Issue 1, Jan. 21, 2013, www.mdpi.com/journal/energies, pp. 539-556.
Colson, C.M., “Algorithms for Distributed Decision-Making for Multi-agent Microgrid Power Management,” IEEE Power and Energy Society General Meeting, Jul. 24-29, 2011, San Diego, California, IEEE, pp. 1-8.
Wetula, Andrzej, “A Hilbert Transform Based Algorithm for Detection of a Complex Envelope of a Power Grid Signals—an Implementation,” Journal of Electrical Power Quality and Utilisation, vol. 14, Issue 2, 2008, EPQU Journal, pp. 13-18.
Partial Supplementary European Search Report for European Patent Application No. 14754343.3, dated Feb. 8, 2016, 5 pages.
Extended European Search Report for European Patent Application No. 14754343.3, dated May 24, 2016, 12 pages.
Examination Report for European Patent Application No. 09759619.1, dated May 13, 2016, 7 pages.
Notice of Allowance and Examiner Initiated Interview Summary for U.S. Appl. No. 13/911,849, dated Apr. 5, 2016, 10 pages.
Corrected Notice of Allowance for U.S. Appl. No. 13/911,849, dated May 31, 2016, 4 pages.
Non-Final Office Action for U.S. Appl. No. 14/304,035, dated Feb. 25, 2016, 22 pages.
Final Office Action for U.S. Appl. No. 13/448,005, dated Jun. 6, 2016, 11 pages.
Non-Final Office Action for U.S. Appl. No. 14/720,780, dated Feb. 26, 2016, 7 pages.
Notice of Allowance for U.S. Appl. No. 13/566,481, dated Feb. 26, 2016, 7 pages.
International Search Report and Written Opinion for International Patent Application No. PCT/US2015/058423, dated Jan. 19, 2016, 12 pages.
International Search Report and Written Opinion for International Patent Application No. PCT/US2015/058492, dated Feb. 26, 2016, 18 pages.
International Search Report and Written Opinion for International Patent Application No. PCT/US2015/063752, dated Mar. 24, 2016, 16 pages.
International Preliminary Report on Patentability for International Patent Application No. PCT/US2012/33789, dated Oct. 24, 2013, 10 pages.
International Preliminary Report on Patentability for PCT/US2012/041971, dated Dec. 10, 2013, 6 pages.
International Preliminary Report on Patentability for PCT/US2012/049524, dated Feb. 4, 2014, 7 pages.
Final Office Action for U.S. Appl. No. 13/896,029, dated Jun. 22, 2016, 22 pages.
Final Office Action for U.S. Appl. No. 14/304,035, dated Aug. 26, 2016, 18 pages.
Final Office Action for U.S. Appl. No. 14/720,780, dated Sep. 1, 2016, 9 pages.
Partial Supplementary European Search Report for European Patent Application No. 14754339.1, dated Oct. 4, 2016, 6 pages.
European Search Report for European Patent Application No. 14754343.3, dated Jun. 10, 2016, 1 page.
Partial Supplementary European Search Report for European Patent Application No. 14754714.5, dated Oct. 6, 2016, 6 pages.
Non-Final Office Action for U.S. Appl. No. 13/896,029, dated Nov. 10, 2016, 18 pages.
Notice of Allowance for U.S. Appl. No. 13/871,944, dated Oct. 4, 2016, 9 pages.
Non-Final Office Action for U.S. Appl. No. 14/304,648, dated Sep. 7, 2016, 4 pages.
Notice of Allowance for U.S. Appl. No. 14/720,780, dated Nov. 4, 2016, 5 pages.
First Office Action for Chilean Patent Application No. 2325-2015, dated Jan. 26, 2017, 13 pages.
Extended European Search Report for European Patent Application No. 14754339.1, dated Jan. 16, 2017, 10 pages.
First Office Action for Chilean Patent Application No. 2323-2015, dated Jan. 26, 2017, 15 pages.
Office Action No. 13556 for Colombian Patent Application No. 15-222367, dated Nov. 28, 2016, 13 pages.
Examination Report No. 1 for Australian Patent Application No. 2014219244, dated Dec. 21, 2016, 4 pages.
First Office Action for Chilean Patent Application No. 2322-2015, dated Jan. 26, 2017, 15 pages.
Extended European Search Report for European Patent Application No. 14754714.5, dated Jan. 16, 2017, 10 pages.
Extended European Search Report for European Patent Application No. 14808081.5, dated Jan. 30, 2017, 7 pages.
Extended European Search Report for European Patent Application No. 14810273.4, dated Feb. 1, 2017, 12 pages.
Extended European Search Report for European Patent Application No. 14811042.2, dated Jan. 2, 2017, 7 pages.
Examination Report No. 1 for Australian Patent Application No. 2014219246, dated Dec. 22, 2016, 3 pages.
Advisory Action for U.S. Appl. No. 14/304,035, dated Nov. 30, 2016, 3 pages.
Yan, Ping et al., “Study of Linear Models in Steady State Load Flow Analysis of Power Systems,” IEEE Power Engineering Society Winter Meeting, vol. 1, Jan. 27-31, 2002, New York, NY, IEEE, pp. 666-671.
Office Action No. 11851, Colombian Patent Application No. 15-222367, dated Mar. 17, 2017, 19 pages.
Translated Summary of Office Action No. 4963 for Columbian Patent Application No. 15-222371, dated Apr. 5, 2017, 3 pages.
First Office Action for Chinese Patent Application No. 201480032631.X, dated Feb. 27, 2017, 5 pages.
First Office Action for Chinese Patent Application No. 201480034010.5, dated Feb. 17, 2017, 7 pages.
International Preliminary Report on Patentability for International Patent Application No. PCT/US2015/058423, dated May 11, 2017, 8 pages.
International Preliminary Report on Patentability for International Patent Application No. PCT/US2015/058492, dated May 11, 2017, 10 pages.
Non-Final Office Action for U.S. Appl. No. 15/177,930, dated Mar. 3, 2017, 6 pages.
Final Office Action for U.S. Appl. No. 14/304,648, dated Mar. 9, 2017, 7 pages.
Non-Final Office Action for U.S. Appl. No. 14/928,783, dated May 8, 2017, 16 pages.
Non-Final Office Action for U.S. Appl. No. 15/184,642, dated Mar. 9, 2017, 5 pages.
Non-Final Office Action for U.S. Appl. No. 141304,035, dated May 17, 2017, 22 pages.
Final Office Action for U.S. Appl. No. 14/304,648, dated May 19, 2017, 7 pages.
Advisory Action for U.S. Appl. No. 14/304,648, dated May 24, 2017, 3 pages.
Examination Report No. 1 for Australian Patent Application No. 2014219247, dated Apr. 26, 2017, 4 pages.
Second Office Action for Chilean Patent Application No. 2323-2015, dated May 17, 2017, 14 pages.
Second Office Action for Chilean Patent Application No. 2322-2015, dated May 17, 2017, 13 pages.
First Office Action for Chinese Patent Application No. 201480009549.5, dated May 31, 2017, 9 pages.
Examination Report No. 1 for Australian Patent Application No. 2014277951, dated Jun. 8, 2017, 4 pages.
Office Action Summary for Columbian Patent Application No. 7058, dated Jun. 16, 2017, 2 pages.
International Preliminary Report on Patentability for International Patent Application No. PCT/US2015/063752, dated Jun. 15, 2017, 12 pages.
Non-Final Office Action for U.S. Appl. No. 13/871,944, dated Jun. 15, 2017, 14 pages.
First Office Action for Chinese Patent Application No. 201480009551.2, dated Jun. 19, 2017, 9 pages.
Extended European Search Report for European Patent Application No. 17173049.2, dated Aug. 11, 2017, 8 pages.
Examination report No. 1 for Australian Patent Application No. 2014277983, dated Jun. 16, 2017, 4 pages.
Non-Final Office Action for U.S. Appl. No. 13/896,029, dated Jul. 20, 2017, 17 pages.
Advisory Action for U.S. Appl. No. 14/304,648, dated Aug. 17, 2017, 3 pages.
Notice of Allowance for U.S. Appl. No. 15/184,642, dated Jul. 13, 2017, 8 pages.
Notice of Allowance for U.S. Appl. No.15/184,642, dated Jul. 27, 2017, 4 pages.
Notice of Allowance for U.S. Appl. No. 14/929,087, dated Aug. 15, 2017, 9 pages.
Non-Final Office Action for U.S. Appl. No. 15/177,930, dated Nov. 1, 2017, 14 pages.
Notice of Allowance for U.S. Appl. No. 14/928,783, dated Nov. 6, 2017, 9 pages.
Office Action for Colombian Patent Application No. 15222371, dated Oct. 15, 2017, 9 pages.
First Office Action for Chinese Patent Application No. 201480034011.X, dated Oct. 30, 2017, 16 pages.
Notice of Acceptance for Australian Patent Application No. 2014219246, dated Dec. 5, 2017, 3 pages.
Office Action for Mexican Patent Application No. MX/a/2015/017231, dated Oct. 20, 2017, 13 pages.
Advisory Action for U.S. Appl. No. 14/304,035, dated Dec. 29, 2017, 3 pages.
Final Office Action for U.S. Appl. No. 13/896,029, dated Jan. 24, 2018, 22 pages.
Notice of Allowance for U.S. Appl. No. 13/871,944, dated Feb. 23, 2018, 18 pages.
Notice of Allowance for U.S. Appl. No. 14/304,035, dated Feb. 7, 2018, 9 pages.
Corrected Notice of Allowance for U.S. Appl. No. 14/928,783, dated Jan. 23, 2018, 6 pages.
Corrected Notice of Allowance for U.S. Appl. No. 14/928,783, dated Feb. 15, 2018, 6 pages.
Notice of Allowance for U.S. Appl. No. 15/852,496, dated Mar. 8, 2018, 9 pages.
Non-Final Office Action for U.S. Appl. No. 14/958,385, dated Jan. 12, 2018, 33 pages.
International Telecommunications Union, “ITU-T G.9960, Series G: Transmission Systems and Media, Digital Systems and Networks,” Dec. 1, 2011, 160 pages.
International Telecommunications Union, “Updated draft text for ITU-T G.9961, Series G: Transmission Systems and Media, Digital Systems and Networks—Amendment 1 Corrigendum 1,” ITU-T: Telecommunication Standardization Sector, Study Group 15, Amendment approved Sep. 21, 2012, 82 pages.
International Telecommunications Union, “ITU-T G.9961, Series G: Transmission Systems and Media, Digital Systems and Networks,” Apr. 1, 2014, 306 pages.
First Office Action for Chinese Patent Application No. 201480009550.8, dated Jan. 26, 2018, 4 pages.
Decision to Grant a Patent for Japanese Patent Application No. 2015-558888, dated Jan. 30, 2018, 4 pages.
Notice of Reasons for Rejection for Japanese Patent Application No. 2015-558889, dated Jan. 23, 2018, 7 pages.
Extended European Search Report for European Patent Application No. 17203296.3, dated Feb. 15, 2018, 8 pages.
Second Office Action for Chinese Patent Application No. 201480009549.5, dated Jan. 23, 2018, 4 pages.
Notice of Reasons for Rejection for Japanese Patent Application No. 2015-558887, dated Jan. 23, 2018, 7 pages.
Notice of Reasons for Rejection for Japanese Patent Application No. 2016-518052, dated Feb. 20, 2018, 8 pages.
Third Office Action for Chinese Patent Application No. 201480034010.5, dated Jan. 17, 2018, 4 pages.
Notice of Reasons for Rejection for Japanese Patent Application No. 2016-519694, dated Feb. 27, 2018, 11 pages.
First Examination Report for Indian Patent Application No. 13/CHENP/2011, dated Jan. 11, 2018, 6 pages.
Office Action for Canadian Patent Application No. 2,870,452, dated Dec. 28, 2017, 4 pages.
Office Action for Canadian Patent Application No. 2,874,132, dated Jan. 25, 2018, 3 pages.
Extended European Search Report for European Patent Application No. 15853935.3, dated Feb. 15, 2018, 10 pages.
Extended European Search Report for European Patent Application No. 15855864.3, dated Feb. 21, 2018, 9 pages.
Second Office Action for Chinese Patent Application No. 201480032631.X, dated Sep. 4, 2017, 5 pages.
Second Office Action for Chinese Patent Application No. 201480034010.5, dated Aug. 2, 2017, 5 pages.
Final Office Action for U.S. Appl. No. 14/304,035, dated Oct. 5, 2017, 16 pages.
Official Action No. 5493 for Colombian Patent Application No. NC2017/0010584, dated May 4, 2018, 35 pages.
First Official Action for Mexican Patent Application No. MX/a/2015/017227, dated Apr. 11, 2018, 6 pages.
Notice of Acceptance for Australian Patent Application No. 2014277983, dated Jun. 25, 2018, 3 pages.
Notification of Reasons for Refusal for Japanese Patent Application No. 2016-519676, dated Jun. 12, 2018, 7 pages.
Supplemental Notice of Allowability for U.S. Appl. No. 14/304,035, dated Apr. 18, 2018, 6 pages.
Non-Final Office Action for U.S. Appl. No. 15/934,499, dated May 7, 2018, 30 pages.
Non-Final Office Action for U.S. Appl. No. 15/257,191, dated Apr. 4, 2018, 10 pages.
Notice of Allowance for U.S. Appl. No. 14/928,783, dated May 9, 2018, 9 pages.
Interview Summary for U.S. Appl. No. 14/958,385, dated Apr. 6, 2018, 3 pages.
Advisory Action for U.S. Appl. No. 14/958,385, dated Sep. 26, 2018, 3 pages.
Non-Final Office Action for U.S. Appl. No. 13/896,029, dated Oct. 2, 2018, 19 pages.
Final Office Action for U.S. Appl. No. 15/177,930, dated Jul. 26, 2018, 17 pages.
Corrected Notice of Allowability for U.S. Appl. No. 14/928,783, dated Jul. 30, 2018, 6 pages.
Final Office Action for U.S. Appl. No. 14/958,385, dated Jul. 26, 2018, 21 pages.
Corrected Notice of Allowability for U.S. Appl. No. 14/928,783, dated Aug. 10, 2018, 6 pages.
First Official Action for Mexican Patent Application No. MX/a/2017/005506, dated Jun. 8, 2018, 6 pages.
First Official Action for Mexican Patent Application No. MX/a/2017/005005, dated May 30, 2018, 4 pages.
First Official Action for Mexican Patent Application No. MX/a/2017/006836, dated Jun. 1, 2018, 6 pages.
Berger, L T., et al., “Power Line Communications for Smart Grid Applications,” Journal of Electrical and Computer Engineering, vol. 2013, Article ID 712376, Accepted Dec. 29, 2012, 16 pages.
Hauser, C. H., et al., “A Failure to Communicate: Next Generation Communication Requirements, Technologies, and Architecture for the Electric Power Grid,” IEEE Power and Energy Magazine, vol. 3, Issue 2, Mar.-Apr. 2005, pp. 47-55.
Kang, J.-M., et al., “Design and Implementation of Network Management System for Power Line Communication Network,” 2007 IEEE International Symposium on Power Line Communications and Its Adaptations, Mar. 26-28, 2007, Pisa, Italy, pp. 23-28.
Kim, Y., et al., “PLC technology of KEPCO,” 2005 International Symposium on Power Line Communications and Its Applications, Apr. 6-8, 2005, Vancouver, British Columbia, Canada, pp. 390-393.
Papadopoulos, T. A., et al., Low-Voltage Distribution Line Performance Evaluation for PLC Signal Transmission, IEEE Transactions on Power Delivery, vol. 23, Issue 4, Oct. 2008, pp. 1903-1910.
Non-Final Office Action for U.S. Appl. No. 15/078,646, dated Jun. 15, 2018, 33 pages.
Supplemental Notice of Allowability for U.S. Appl. No. 14/304,035, dated May 24, 2018, 6 pages.
Non-Final Office Action for U.S. Appl. No. 14/304,648, dated Jun. 13, 2018, 13 pages.
Corrected Notice of Allowance for U.S. Appl. No. 14/928,783, dated Jun. 8, 2018, 6 pages.
Extended European Search Report for European Patent Application No. 18152637.7, dated Apr. 26, 2018, 8 pages.
Notice of Acceptance for Australian Patent Application No. 2014219247, dated Apr. 11, 2018, 3 pages.
Second Examination Report for Australian Patent Application No. 2014277983, dated Mar. 15, 2018, 4 pages.
Second Official Action for Mexican Patent Application No. MX/a/2015/017231, dated Feb. 28, 2018, 5 pages.
Notice of Acceptance for Australian Patent Application No. 2014277951, dated Mar. 28, 2018, 3 pages.
Extended European Search Report for European Patent Application No. 15865305.5, dated May 3, 2018, 8 pages.
First Substantive Report for Chilean Patent Application No. 201701036, dated Jul. 20, 2018, 17 pages.
Second Substantive Report for Chilean Patent Application No. 201701038, dated Sep. 3, 2018, 28 pages.
Second Substantive Report for Chilean Patent Application No. 201701394, dated Sep. 12, 2018, 10 pages.
Examination Report No. 1 for Australian Patent Application No. 2017279752, dated Sep. 18, 2018, 6 pages.
Non-Final Office Action for U.S. Appl. No. 15/177,930, dated Nov. 29, 2018, 15 pages.
Final Office Action for U.S. Appl. No. 15/257,191, dated Nov. 2, 2018, 10 pages.
Final Office Action for U.S. Appl. No. 15/934,499, dated Nov. 19, 2018, 34 pages.
Final Office Action for U.S. Appl. No. 14/304,648, dated Nov. 29, 2018, 12 pages.
Examinees Report for Canadian Patent Application No. 2,870,452, dated Oct. 2, 2018, 4 pages.
Examination Report for European Patent Application No. 15853935.3, dated Oct. 22, 2018, 5 pages.
Notice of Not Fully Responsive Reply for Applications Under Accelerated Examination for U.S. Appl. No. 15/078,646, dated Jan. 24, 2019, 8 pages.
Advisory Action and AFCP 2.0 Decision for U.S. Appl. No. 15/934,499, dated Jan. 30, 2019, 4 pages.
Office Action for Canadian Patent Application No. 2,874,132, dated Jan. 3, 2019, 3 pages.
Second Official Action for Mexican Patent Application No. MX/a/2017/006836, dated Dec. 6, 2018, 8 pages.
Official Action for Mexican Patent Application No. MX/a/2015/016809, dated Jan. 14, 2019, 4 pages.
Official Action for Mexican Patent Application No. Mx/a/2015/010689, dated Jan. 25, 2019, 6 pages.
Official Action for Mexican Patent Application No. Mx/a/2015/010688, dated Jan. 25, 2019, 8 pages.
Examination Report for Australian Patent Application No. 2014274664, dated Feb. 15, 2019, 2 pages.
Examination Report for European Patent Application No. 14810273A, dated Mar. 21, 2019, 11 pages.
First Office Action for Chinese Patent Application No. 201580059331.5, dated Mar. 5, 2019, 11 pages.
Notice of Acceptance for Australian Patent Application No. 2017279752, dated Apr. 12, 2019, 3 pages.
Examination Report for Australian Patent Application No. 2015338943, dated Apr. 5, 2019, 3 pages.
Non-Final Office Action for U.S. Appl. No. 14/958,385, dated Mar. 18, 2019, 24 pages.
Non-Final Office Action for U.S. Appl. No. 14/304,648, dated Apr. 29, 2019, 14 pages.
Decision to Grant for Japanese Patent Application No. 2016-519676, dated Apr. 16, 2019, 4 pages.
Examination Report No. 1 for Australian Patent Application No. 2015358448, dated May 6, 2019, 3 pages.
Related Publications (1)
Number Date Country
20170180118 A1 Jun 2017 US
Provisional Applications (1)
Number Date Country
61495173 Jun 2011 US
Divisions (1)
Number Date Country
Parent 14720780 May 2015 US
Child 15450153 US
Continuations (1)
Number Date Country
Parent 13493983 Jun 2012 US
Child 14720780 US