Key Management Systems for Smart Grid Advanced Metering Infrastructure: A Survey

Smart Grids are evolving as the next generation power systems that involve changes in the traditional ways of generation, transmission and distribution of power. Advanced Metering Infrastructure (AMI) is one of the key components in smart grids. An AMI comprises of systems and networks, that collects and analyzes data received from smart meters. In addition, AMI also provides intelligent management of various power-related applications and services based on the data collected from smart meters. Thus, AMI plays a significant role in the smooth functioning of smart grids. AMI is a privileged target for security attacks as it is made up of systems that are highly vulnerable to such attacks. Providing security to AMI is necessary as adversaries can cause potential damage against infrastructures and privacy in smart grid. One of the most effective and challenging topic's identified, is the Key Management System (KMS), for sustaining the security concerns in AMI. Therefore, KMS seeks to be a promising research area for future development of AMI. This survey work highlights the key security issues of advanced metering infrastructures and focuses on how key management techniques can be utilized for safeguarding AMI. First of all, we explore the main features of advanced metering infrastructures and identify the relationship between smart grid and AMI. Then, we introduce the security issues and challenges of AMI. We also provide a classification of the existing works in literature that deal with secure key management system in AMI. Finally, we identify possible future research directions of KMS in AMI

SECURE REAL-TIME SMART GRID COMMUNICATIONS: A MICROGRID PERSPECTIVE

Microgrids are a key component in the evolution of the power grid. Microgrids are required to operate in both grid connected and standalone island mode using local sources of power. A major challenge in implementing microgrids is the communications and control to support transition from grid connected mode and operation in island mode. In this dissertation we propose a distributed control architecture to govern the operation of a microgrid. The func- tional communication requirements of primary, secondary and tertiary microgrid controls are considered. Communication technology media and protocols are laid out and a worst-case availability and latency analysis is provided. Cyber Security challenges to microgrids are ex- amined and we propose a secure communication architecture to support microgrid operation and control. A security model, including network, data, and attack models, is defined and a security protocol to address the real-time communication needs of microgrids is proposed. We propose a novel security protocol that is custom tailored to meet those challenges. The chosen solution is discussed in the context of other security options available in the liter- ature. We build and develop a microgrid co-simulation model of both the power system and communication networks, that is used to simulate the two fundamental microgrid power transition functions - transition from island to grid connected mode, and grid connected to island mode. The proposed distributed control and security architectures are analyzed in terms of performance. We further characterize the response of the power and communication subsystems in emergency situations: forced islanding and forced grid modes. Based on our findings, we generalize the results to the smart grid

Platform Embedded Security Technology Revealed

Computer scienc

Applying Secure Multi-party Computation in Practice

In this work, we present solutions for technical difficulties in deploying secure multi-party computation in real-world applications. We will first give a brief overview of the current state of the art, bring out several shortcomings and address them. The main contribution of this work is an end-to-end process description of deploying secure multi-party computation for the first large-scale registry-based statistical study on linked databases. Involving large stakeholders like government institutions introduces also some non-technical requirements like signing contracts and negotiating with the Data Protection Agency

A Survey on Intelligent Internet of Things: Applications, Security, Privacy, and Future Directions

peer reviewedThe rapid advances in the Internet of Things (IoT) have promoted a revolution in communication technology and offered various customer services. Artificial intelligence (AI) techniques have been exploited to facilitate IoT operations and maximize their potential in modern application scenarios. In particular, the convergence of IoT and AI has led to a new networking paradigm called Intelligent IoT (IIoT), which has the potential to significantly transform businesses and industrial domains. This paper presents a comprehensive survey of IIoT by investigating its significant applications in mobile networks, as well as its associated security and privacy issues. Specifically, we explore and discuss the roles of IIoT in a wide range of key application domains, from smart healthcare and smart cities to smart transportation and smart industries. Through such extensive discussions, we investigate important security issues in IIoT networks, where network attacks, confidentiality, integrity, and intrusion are analyzed, along with a discussion of potential countermeasures. Privacy issues in IIoT networks were also surveyed and discussed, including data, location, and model privacy leakage. Finally, we outline several key challenges and highlight potential research directions in this important area

Secure Wireless Communications Based on Compressive Sensing: A Survey

IEEE Compressive sensing (CS) has become a popular signal processing technique and has extensive applications in numerous fields such as wireless communications, image processing, magnetic resonance imaging, remote sensing imaging, and anology to information conversion, since it can realize simultaneous sampling and compression. In the information security field, secure CS has received much attention due to the fact that CS can be regarded as a cryptosystem to attain simultaneous sampling, compression and encryption when maintaining the secret measurement matrix. Considering that there are increasing works focusing on secure wireless communications based on CS in recent years, we produce a detailed review for the state-of-the-art in this paper. To be specific, the survey proceeds with two phases. The first phase reviews the security aspects of CS according to different types of random measurement matrices such as Gaussian matrix, circulant matrix, and other special random matrices, which establishes theoretical foundations for applications in secure wireless communications. The second phase reviews the applications of secure CS depending on communication scenarios such as wireless wiretap channel, wireless sensor network, internet of things, crowdsensing, smart grid, and wireless body area networks. Finally, some concluding remarks are given

Turvalise ühisarvutuse rakendamine

Andmetest on kasu vaid siis kui neid saab kasutada. Eriti suur lisandväärtus tekib siis, kui ühendada andmed erinevatest allikatest. Näiteks, liites kokku maksu- ja haridusandmed, saab riik läbi viia kõrghariduse erialade tasuvusanalüüse. Sama kehtib ka erasektoris - ühendades pankade maksekohustuste andmebaasid, saab efektiivsemalt tuvastada kõrge krediidiriskiga kliente. Selline andmekogude ühendamine on aga tihti konfidentsiaalsus- või privaatsusnõuete tõttu keelatud. Õigustatult, sest suuremahulised ühendatud andmekogud on atraktiivsed sihtmärgid nii häkkeritele kui ka ametnikele ja andmebaaside administraatoritele, kes oma õigusi kuritarvitada võivad. Seda sorti rünnete vastus aitab turvalise ühisarvutuse tehnoloogia kasutamine, mis võimaldab mitmed osapoolel andmeid ühiselt analüüsida, ilma et keegi neist pääseks ligi üksikutele kirjetele. Oma esimesest rakendamisest praktikas 2008. aastal on turvalise ühisarvutuse tehnoloogia praeguseks jõudnud seisu, kus seda juurutatakse hajusates rakendustes üle interneti ning seda pakutakse ka osana teistest teenustest. Käesolevas töös keskendume turvalise ühisarvutuse praktikas rakendamise tehnilistele küsimustele. Alustuseks tutvustame esimesi selle tehnoloogia rakendusi, tuvastame veel lahendamata probleeme ning pakume töö käigus välja lahendusi. Töö põhitulemus on samm-sammuline ülevaade sellise juurutuse elutsüklist, kasutades näitena esimest turvalise ühisarvutuse abil läbi viidud suuremahulisi registriandmeid hõlmavat uuringut. Sealhulgas anname ülevaate ka mittetehnilistest toimingutest nagu lepingute sõlmimine ja Andmekaitse Inspektsiooniga suhtlemine, mis tulenevad suurte organisatsioonide kaasamisest nagu seda on riigiasutused. Tulevikku vaadates pakume välja lahenduse, mis ühendab endas födereeritud andmevahetusplatvormi ja turvalise ühisarvutuse tehnoloogiat. Konkreetse lahendusena pakume Eesti riigi andmevahetuskihi X-tee täiustamist turvalise ühisarvutuse teenusega Sharemind. Selline arhitektuur võimaldaks mitmeid olemasolevaid andmekogusid uuringuteks liita efektiivselt ja turvaliselt, ilma üksikisikute privaatsust rikkumata.Data is useful only when used. This is especially true if one is able to combine several data sets. For example, combining income and educational data, it is possible for a government to get a return of investment overview of educational investments. The same is true in private sector. Combining data sets of financial obligations of their customers, banks could issue loans with lower credit risks. However, this kind of data sharing is often forbidden as citizens and customers have their privacy expectations. Moreover, such a combined database becomes an interesting target for both hackers as well as nosy officials and administrators taking advantage of their position. Secure multi-party computation is a technology that allows several parties to collaboratively analyse data without seeing any individual values. This technology is suitable for the above mentioned scenarios protecting user privacy from both insider and outsider attacks. With first practical applications using secure multi-party computation developed in 2000s, the technology is now mature enough to be used in distributed deployments and even offered as part of a service. In this work, we present solutions for technical difficulties in deploying secure multi-party computation in real-world applications. We will first give a brief overview of the current state of the art, bring out several shortcomings and address them. The main contribution of this work is an end-to-end process description of deploying secure multi-party computation for the first large-scale registry-based statistical study on linked databases. Involving large stakeholders like government institutions introduces also some non-technical requirements like signing contracts and negotiating with the Data Protection Agency. Looking into the future, we propose to deploy secure multi-party computation technology as a service on a federated data exchange infrastructure. This allows privacy-preserving analysis to be carried out faster and more conveniently, thus promoting a more informed government

Declarative design and enforcement for secure cloud applications

The growing demands of users and industry have led to an increase in both size and complexity of deployed software in recent years. This tendency mainly stems from a growing number of interconnected mobile devices and from the huge amounts of data that is collected every day by a growing number of sensors and interfaces. Such increase in complexity imposes various challenges -- not only in terms of software correctness, but also with respect to security. This thesis addresses three complementary approaches to cope with the challenges: (i) appropriate high-level abstractions and verifiable translation methods to executable applications in order to guarantee flawless implementations, (ii) strong cryptographic mechanisms in order to realize the desired security goals, and (iii) convenient methods in order to incentivize the correct usage of existing techniques and tools. In more detail, the thesis presents two frameworks for the declarative specification of functionality and security, together with advanced compilers for the verifiable translation to executable applications. Moreover, the thesis presents two cryptographic primitives for the enforcement of cloud-based security properties: homomorphic message authentication codes ensure the correctness of evaluating functions over data outsourced to unreliable cloud servers; and efficiently verifiable non-interactive zero-knowledge proofs convince verifiers of computation results without the verifiers having access to the computation input.Die wachsenden Anforderungen von Seiten der Industrie und der Endbenutzer verlangen nach immer komplexeren Softwaresystemen -- größtenteils begründet durch die stetig wachsende Zahl mobiler Geräte und die damit wachsende Zahl an Sensoren und erfassten Daten. Mit wachsender Software-Komplexität steigen auch die Herausforderungen an Korrektheit und Sicherheit. Die vorliegende Arbeit widmet sich diesen Herausforderungen in Form dreier komplementärer Ansätze: (i) geeignete Abstraktionen und verifizierbare Übersetzungsmethoden zu ausführbaren Anwendungen, die fehlerfreie Implementierungen garantieren, (ii) starke kryptographische Mechanismen, um die spezifizierten Sicherheitsanforderungen effizient und korrekt umzusetzen, und (iii) zweckmäßige Methoden, die eine korrekte Benutzung existierender Werkzeuge und Techniken begünstigen. Diese Arbeit stellt zwei neuartige Abläufe vor, die verifizierbare Übersetzungen von deklarativen Spezifikationen funktionaler und sicherheitsrelevanter Ziele zu ausführbaren Cloud-Anwendungen ermöglichen. Darüber hinaus präsentiert diese Arbeit zwei kryptographische Primitive für sichere Berechnungen in unzuverlässigen Cloud-Umgebungen. Obwohl die Eingabedaten der Berechnungen zuvor in die Cloud ausgelagert wurden und zur Verifikation der Berechnungen nicht mehr zur Verfügung stehen, ist es möglich, die Korrektheit der Ergebnisse in effizienter Weise zu überprüfen

Network and System Management for the Security Monitoring of Microgrids using IEC 62351-7

Interest in adding renewable energy sources to the power grid has risen substantially in recent years. As a response to this growing interest, the deployment of microgrids capable of integrating renewable energy has become more widespread. Microgrids are independent power systems that deliver power from different kinds of Distributed Energy Resources (DERs) to local energy consumers more efficiently than the conventional power grid. The microgrid leverages advanced information and communication technologies for vital protection, monitoring, and control operations as well as for energy management. With the use of information technology comes the need to protect the microgrid information layer from cyberattacks that can impact critical microgrid power operations. In this research, a security monitoring system to detect cyberattacks against the microgrid, in near-real time, is designed and implemented. To achieve this, the system applies Network and System Management (NSM) for microgrid security monitoring, as specified by the IEC 62351-7 security standard for power systems. The specific contributions of this research are (i) an investigation on the suitability of NSM for microgrid security monitoring; (ii) the design and implementation of an NSM platform; (iii) the design and implementation of a security analytics framework for NSM based on deep learning models; (iv) the elaboration of a comprehensive microgrid simulation model deployed on a Hardware in the Loop (HIL) co-simulation framework; and (v) an experimental evaluation on the effectiveness and scalability of the NSM security monitoring platform for detection against microgrid attack scenarios, with a methodology being used to systematically generate the scenarios. The experimental results validate the usefulness of NSM in detecting attacks against the microgrid

Applications

Volume 3 describes how resource-aware machine learning methods and techniques are used to successfully solve real-world problems. The book provides numerous specific application examples: in health and medicine for risk modelling, diagnosis, and treatment selection for diseases in electronics, steel production and milling for quality control during manufacturing processes in traffic, logistics for smart cities and for mobile communications