Universal Privacy Gurantees for Smart Meters

Smart meters (SMs) provide advanced monitoring of consumer energy usage, thereby enabling optimized management and control of electricity distribution systems. Unfortunately, the data collected by SMs can reveal information about consumer activity, such as the times at which they run individual appliances. Two approaches have been proposed to tackle the privacy threat posed by such information leakage. One strategy involves manipulating user data before sending it to the utility provider (UP); this approach improves privacy at the cost of reducing the operational insight provided by the SM data to the UP. The alternative strategy employs rechargeable batteries or local energy sources at each consumer site to try decouple energy usage from energy requests. This thesis investigates the latter approach. Understanding the privacy implications of any strategy requires an appropriate privacy metric. A variety of metrics are used to study privacy in energy distribution systems. These include statistical distance metrics, differential privacy, distortion metrics, maximal leakage, maximal $\alpha$-leakage and information measures like mutual information. We here use mutual information to measure privacy both because its well understood fundamental properties and because it provides a useful bridge to adjacent fields such as hypothesis testing, estimation, and statistical or machine learning. Privacy leakage under mutual information measures has been studied under a variety of assumptions on the energy consumption of the user with a strong focus on i.i.d. and some exploration of markov processes. Since user energy consumption may be non-stationary, here we seek privacy guarantees that apply for general random process models of energy consumption. Moreover, we impose finite capacity bounds on batteries and include the price of the energy requested from the grid, thus minimizing the information leakage subject to a bound on the resulting energy bill. To that aim we model the energy management unit (EMU) as a deterministic finite-state channel, and adapt the Ahlswede-Kaspi coding strategy proposed for permuting channels to the SM privacy setting. Within this setting, we derive battery policies providing privacy guarantees that hold for any bounded process modelling the energy consumption of the user, including non-ergodic and non-stationary processes. These guarantees are also presented for bounded processes with a known expected average consumption. The optimality of the battery policy is characterized by presenting the probability law of a random process that is tight with respect to the upper bound. Moreover, we derive single letter bounds characterizing the privacy-cost trade off in the presence of variable market price. Finally it is shown that the provided results hold for mutual information, maximal leakage, maximal-alpha leakage and the Arimoto and Sibson channel capacity

Multi-criteria analysis applied to multi-objective optimal pump scheduling in water systems

This work presents a multi-criteria-based approach to automatically select specific non-dominated solutions from a Pareto front previously obtained using multi-objective optimization to find optimal solutions for pump control in a water supply system. Optimal operation of pumps in these utilities is paramount to enable water companies to achieve energy efficiency in their systems. The Fuzzy Technique for Order of Preference by Similarity to Ideal Solution (FTOPSIS) is used to rank the Pareto solutions found by the Non-Dominated Sorting Genetic Algorithm (NSGA-II) employed to solve the multi-objective problem. Various scenarios are evaluated under leakage uncertainty conditions, resulting in fuzzy solutions for the Pareto front. This paper shows the suitability of the approach for quasi real-world problems. In our case-study, the obtained solutions for scenarios including leakage represent the best trade-off among the optimal solutions, under some considered criteria, namely, operational cost, operational lack of service, pressure uniformity and network resilience. Potential future developments could include the use of clustering alternatives to evaluate the goodness of each solution under the considered evaluation criteria

An Approach to Update the Failure Rates of Safety Barriers Based on Operating Experience

Hazardous events in process plants like the leakage of dangerous substances can result in severe damage, and such an event is often defined as the TOP event of a fault tree analysis (FTA) in a quantitative risk analysis. The TOP event probability can then be calculated if the basic events probabilities are provided. These probabilities are often determined based on generic reliability data which do not necessarily reflect the operational and environmental characteristics of a plant of interest. This paper presents an approach based on Bayesian network (BN) analysis to explicitly include experience data collected during the plant operation to make the generic probabilities more plant specific. The approach is illustrated via a pressure vessel containing a toxic substance in an Ammonia production plant. In this case study, the failure rate distribution in the BN is updated as the new information becomes available during plant operation. The results show that the suggested approach effectively reflects the operating experience of a specific plant.publishedVersio

The Limits of Liability in Promoting Safe Geologic Sequestration of CO2

Deployment of new technologies is vital to climate change policy, but it invariably poses difficult tradeoffs. Carbon capture and storage (“CCS”), which involves the capture and permanent burial of CO2 emissions, exemplifies this problem. This article provides an overview of CCS in Part I, focusing on geologic sequestration, and analyzes the scientific work on the potential for releases of CO2 and brine from sequestrian reservoirs. Part II evaluates the comparative advantages of government regulation and common law liability. Part III examines the relative efficiencies of different doctrines of common law liability when applied to likely releases from sequestrian sites. The authors propose a hybrid legal framework in Part IV that combines a traditional regulatory regime with a novel two-tiered system of liability that is calibrated to objective site characteristics.The Kay Bailey Hutchison Center for Energy, Law, and Busines

Combined Time and Information Redundancy for SEU-Tolerance in Energy-Efficient Real-Time Systems

Recently the trade-off between energy consumption and fault-tolerance in real-time systems has been highlighted. These works have focused on dynamic voltage scaling (DVS) to reduce dynamic energy dissipation and on time redundancy to achieve transient-fault tolerance. While the time redundancy technique exploits the available slack time to increase the fault-tolerance by performing recovery executions, DVS exploits slack time to save energy. Therefore we believe there is a resource conflict between the time-redundancy technique and DVS. The first aim of this paper is to propose the usage of information redundancy to solve this problem. We demonstrate through analytical and experimental studies that it is possible to achieve both higher transient fault-tolerance (tolerance to single event upsets (SEU)) and less energy using a combination of information and time redundancy when compared with using time redundancy alone. The second aim of this paper is to analyze the interplay of transient-fault tolerance (SEU-tolerance) and adaptive body biasing (ABB) used to reduce static leakage energy, which has not been addressed in previous studies. We show that the same technique (i.e. the combination of time and information redundancy) is applicable to ABB-enabled systems and provides more advantages than time redundancy alone

Marine baseline and monitoring strategies for Carbon Dioxide Capture and Storage (CCS)

The QICS controlled release experiment demonstrates that leaks of carbon dioxide (CO2) gas can be detected by monitoring acoustic, geochemical and biological parameters within a given marine system. However the natural complexity and variability of marine system responses to (artificial) leakage strongly suggests that there are no absolute indicators of leakage or impact that can unequivocally and universally be used for all potential future storage sites. We suggest a multivariate, hierarchical approach to monitoring, escalating from anomaly detection to attribution, quantification and then impact assessment, as required. Given the spatial heterogeneity of many marine ecosystems it is essential that environmental monitoring programmes are supported by a temporally (tidal, seasonal and annual) and spatially resolved baseline of data from which changes can be accurately identified. In this paper we outline and discuss the options for monitoring methodologies and identify the components of an appropriate baseline survey

Quantitative analysis of the leakage of confidential data

Basic information theory is used to analyse the amount of confidential information which may be leaked by programs written in a very simple imperative language. In particular, a detailed analysis is given of the possible leakage due to equality tests and if statements. The analysis is presented as a set of syntax-directed inference rules and can readily be automated