PS-CAMM: A Crypto-Agility Maturity Model for Real-Time Substation Automation

Download PDF
Open Webpage

Sunwoo Lee, Woo-Hyun Choi, Hyuk Lim, Seunghyun Yoon

Published: 2026, Last Modified: 25 May 2026ICAIIC 2026EveryoneRevisionsBibTeXCC BY-SA 4.0
Abstract: Quantum computing challenges the long-term viability of widely deployed public-key cryptography and motivates crypto-agility, the ability to migrate cryptographic algorithms in a timely and controlled manner. However, existing cryptoagility maturity models such as CAMM and FS-ISAC are largely shaped by IT assumptions and do not directly capture the operational constraints of substation automation, where protection messaging must meet hard real-time bounds, many devices are firmware-locked, and redundancy protocols require coordinated dual-network operation. This paper presents PS-CAMM (Power Systems Crypto-Agility Maturity Model), an OT-oriented extension of CAMM that (i) gates maturity advancement on quantitative real-time KPIs, (ii) requires hardware-in-the-loop (HIL) evidence to validate safety during migration, and (iii) specifies PRP/HSR-aware operational procedures for cutover and rollback. We also outline an optional AI-assisted assessment component that supports evidence collection and consistency checking from documents and test logs, while keeping final maturity determination criteria-based and auditable.