	US 11,895,152 B2
	Systems and methods for establishing a secure communication link in an electric power delivery system
Duane C. Skelton, Bellingham, WA (US); and Colin Gordon, Katy, TX (US)
Assigned to Schweitzer Engineering Laboratories, Inc., Pullman, WA (US)
Filed by Schweitzer Engineering Laboratories, Inc., Pullman, WA (US)
Filed on Aug. 12, 2021, as Appl. No. 17/400,260.
Prior Publication US 2023/0050220 A1, Feb. 16, 2023
Int. Cl. H04L 9/40 (2022.01); H04L 9/08 (2006.01); H02J 13/00 (2006.01)

CPC H04L 63/162 (2013.01) [H02J 13/00006 (2020.01); H04L 9/0838 (2013.01); H04L 63/062 (2013.01); H04L 63/0853 (2013.01); H02J 13/00036 (2020.01)]

18 Claims

1. A non-transitory computer readable medium, comprising instructions, wherein the instructions, when executed by processing circuitry, are configured to cause the processing circuitry to perform operations comprising:

operating in a recovery mode after initiating a startup operation;

converting a stored connectivity association key (CAK) to an initial security association key (SAK) during the recovery mode;

using the initial SAK to communicate data via an initial media access control security (MACsec) communication link;

transmitting a data frame to a device of an electric power delivery system during the recovery mode, wherein the data frame is indicative of a request for a SAK;

receiving the SAK from the device in response to transmitting the data frame;

using the SAK received from the device instead of the initial SAK converted from the stored CAK to communicate data via the MACsec communication link instead of via the initial MACsec communication link; and

using the SAK received from the device instead of the initial SAK converted from the stored CAK to communicate the data via the MACsec communication link instead of via the initial MACsec communication link.