Techniques, Taxonomy, and Challenges of Privacy Protection in the Smart Grid

As the ease with which any data are collected and transmitted increases, more privacy concerns arise leading to an increasing need to protect and preserve it. Much of the recent high-profile coverage of data mishandling and public mis- leadings about various aspects of privacy exasperates the severity. The Smart Grid (SG) is no exception with its key characteristics aimed at supporting bi-directional information flow between the consumer of electricity and the utility provider. What makes the SG privacy even more challenging and intriguing is the fact that the very success of the initiative depends on the expanded data generation, sharing, and pro- cessing. In particular, the deployment of smart meters whereby energy consumption information can easily be collected leads to major public hesitations about the tech- nology. Thus, to successfully transition from the traditional Power Grid to the SG of the future, public concerns about their privacy must be explicitly addressed and fears must be allayed. Along these lines, this chapter introduces some of the privacy issues and problems in the domain of the SG, develops a unique taxonomy of some of the recently proposed privacy protecting solutions as well as some if the future privacy challenges that must be addressed in the future.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/111644/1/Uludag2015SG-privacy_book-chapter.pd

Privacy-preserving Data clustering in Cloud Computing based on Fully Homomorphic Encryption

Cloud infrastructure with its massive storage and computing power is an ideal platform to perform large scale data analysis tasks to extract knowledge and support decision-making. However, there are critical data privacy and security issues associated with this platform, as the data is stored in a public infrastructure. Recently, fully homomorphic data encryption has been proposed as a solution due to its capabilities in performing computations over encrypted data. However, it is demonstrably slow for practical data mining applications. To address this and related concerns, we introduce a fully homomorphic and distributed data processing framework that utilizes MapReduce to perform distributed computations for data clustering tasks on a large number of cloud Virtual Machines (VMs). We illustrate how a variety of fully homomorphic-based computations can be carried out to accomplish data clustering tasks independently in the cloud and show that the distributed execution of data clustering tasks based on MapReduce can significantly reduce the execution time overhead caused by fully homomorphic computations. To evaluate our framework, we performed experiments using electricity consumption measurement data on the Google cloud platform with 100 VMs. We found the proposed distributed data processing framework to be highly efficient when compared to a centralized approach and as accurate as a plaintext implementation

A novel temporal perturbation based privacy-preserving scheme for real-time monitoring systems

In real-time monitoring systems, participant’s privacy could be easily exposed when the time-series of sensing measurements are obtained accurately by adversaries. To address privacy issues, a number of privacy-preserving schemes have been designed for various monitoring applications. However, these schemes either lack considerations for temporal privacy or have less resistance to filtering attacks, or cause time delay with low utility. In this paper, we introduce a lightweight temporal perturbation based scheme, where sensor readings are buffered and disordered to obfuscate the temporal information of the original sensor measurement stream with differential privacy. Besides, we design the operations on the system server side to exploit the data utility in measurements from large number of sensors. We evaluate the performance of the proposed scheme through both rigorous theoretical analysis and extensive simulation experiments in comparison with related existing schemes. Evaluation results show that the proposed scheme manages to preserve both the temporal privacy and measurement privacy with filter-resistance, and achieves better performance in terms of computational overhead, data utility of real-time aggregation, and individual accumulation

A novel temporal perturbation based privacy-preserving scheme for real-time monitoring systems

In real-time monitoring systems, participant’s privacy could be easily exposed when the time-series of sensing measurements are obtained accurately by adversaries. To address privacy issues, a number of privacy-preserving schemes have been designed for various monitoring applications. However, these schemes either lack considerations for temporal privacy or have less resistance to filtering attacks, or cause time delay with low utility. In this paper, we introduce a lightweight temporal perturbation based scheme, where sensor readings are buffered and disordered to obfuscate the temporal information of the original sensor measurement stream with differential privacy. Besides, we design the operations on the system server side to exploit the data utility in measurements from large number of sensors. We evaluate the performance of the proposed scheme through both rigorous theoretical analysis and extensive simulation experiments in comparison with related existing schemes. Evaluation results show that the proposed scheme manages to preserve both the temporal privacy and measurement privacy with filter-resistance, and achieves better performance in terms of computational overhead, data utility of real-time aggregation, and individual accumulation

A novel temporal perturbation based privacy-preserving scheme for real-time monitoring systems

In real-time monitoring systems, participant's privacy could be easily exposed when the time-series of sensing measurements are obtained accurately by adversaries. To address privacy issues, a number of privacy-preserving schemes have been designed for various monitoring applications. However, these schemes either lack considerations for temporal privacy or have less resistance to filtering attacks, or cause time delay with low utility. In this paper, we introduce a lightweight temporal perturbation based scheme, where sensor readings are buffered and disordered to obfuscate the temporal information of the original sensor measurement stream with differential privacy. Besides, we design the operations on the system server side to exploit the data utility in measurements from large number of sensors. We evaluate the performance of the proposed scheme through both rigorous theoretical analysis and extensive simulation experiments in comparison with related existing schemes. Evaluation results show that the proposed scheme manages to preserve both the temporal privacy and measurement privacy with filter-resistance, and achieves better performance in terms of computational overhead, data utility of real-time aggregation, and individual accumulation

On security and privacy of consensus-based protocols in blockchain and smart grid

In recent times, distributed consensus protocols have received widespread attention in the area of blockchain and smart grid. Consensus algorithms aim to solve an agreement problem among a set of nodes in a distributed environment. Participants in a blockchain use consensus algorithms to agree on data blocks containing an ordered set of transactions. Similarly, agents in the smart grid employ consensus to agree on specific values (e.g., energy output, market-clearing price, control parameters) in distributed energy management protocols. This thesis focuses on the security and privacy aspects of a few popular consensus-based protocols in blockchain and smart grid. In the blockchain area, we analyze the consensus protocol of one of the most popular payment systems: Ripple. We show how the parameters chosen by the Ripple designers do not prevent the occurrence of forks in the system. Furthermore, we provide the conditions to prevent any fork in the Ripple network. In the smart grid area, we discuss the privacy issues in the Economic Dispatch (ED) optimization problem and some of its recent solutions using distributed consensus-based approaches. We analyze two state of the art consensus-based ED protocols from Yang et al. (2013) and Binetti et al. (2014). We show how these protocols leak private information about the participants. We propose privacy-preserving versions of these consensus-based ED protocols. In some cases, we also improve upon the communication cost

Privacy-Enhancing Methods for Time Series and their Impact on Electronic Markets

The amount of collected time series data containing personal information has increased in the last years, e.g., smart meters store time series of power consumption data. Using such data for the benefit of society requires methods to protect the privacy of individuals. Those methods need to modify the data. In this thesis, we contribute a provable privacy method for time series and introduce an application specific measure in the smart grid domain to evaluate their impact on data quality

Privacy-preserving energy management techniques and delay-sensitive transmission strategies for smart grids

The smart grid (SG) is the enhancement of the traditional electricity grid that allows bidirectional flow of electricity and information through the integration of advanced monitoring, communication and control technologies. In this thesis, we focus on important design problems affecting particularly two critical enabling components of the SG infrastructure : smart meters (SMs) and wireless sensor networks (WSNs). SMs measure the energy consumption of the users and transmit their readings to the utility provider in almost real-time. SM readings enable real-time optimization of load management. However, possible misuse of SM readings raises serious privacy concerns for the users. The challenge is thus to design techniques that can increase the privacy of the users while maintaining the monitoring capabilities SMs provide. Demand-side energy management (EM), achieved thanks to the utilization of storage units and alternative energy sources, has emerged as a potential technique to tackle this challenge. WSNs consist of a large number of low power sensors, which monitor physical parameters and transmit their measurements to control centers (CCs) over wireless links. CCs utilize these measurements to reconstruct the system state. For the reliable management of the SG, near real-time and accurate reconstruction of the system state at the CC is crucial. Thus, low complexity delay-constrained transmission strategies, which enable sensors to accurately transmit their measurements to CCs, should be investigated rigorously. To address these challenges, this dissertation investigates and designs privacy-preserving EM techniques for SMs and delay-constrained transmission strategies for WSNs. The proposed EM techniques provide privacy to SM users while maintaining the operational benefits SMs provide. On the other hand, the proposed transmission strategies enable WSNs to meet low latency transmission requirements, which in turn, facilitate real-time and accurate state reconstruction; and hence, the efficient and robust management of the SG. First, we consider an SM system with energy harvesting and storage units. Representing the system with a discrete-time finite state model, we study stochastic EM policies from a privacy-energy efficiency trade-off perspective, where privacy is measured by information leakage rate and energy efficiency is measured by wasted energy rate. We propose EM policies that take stochastic output load decisions based on the harvested energy, the input load and the state of the battery. For the proposed policies, we characterize the fundamental trade-off between user's privacy and energy efficiency. Second, we consider an SM system with a storage unit. Considering a discrete-time power consumption and pricing model, we study EM policies from a privacy-cost trade-off perspective, where privacy is measured by the load variance as well as mutual information. Assuming non-causal knowledge of the power demand profile and prices, we characterize the optimal EM policy based on the solution of an optimization problem. Then, assuming that the power demand profile is known only causally, we obtain the optimal EM policy based on dynamic programming, and also propose a low complexity heuristic policy. For the proposed policies, we characterize the trade-off between user's privacy and energy cost. Finally, we study the delay-constrained linear transmission (LT) of composite Gaussian measurements from a sensor to a CC over a point-to-point fading channel. Assuming that the channel state information (CSI) is known by both the encoder and decoder, we propose the optimal LT strategy in terms of the average mean-square error (MSE) distortion under a strict delay constraint, and two LT strategies under general delay constraints. Assuming that the CSI is known only by the decoder, we propose the optimal LT strategy in terms of the average MSE distortion under a strict delay constraint.La red de energía inteligente (SG) es la mejora de la red eléctrica tradicional. En esta tesis, nos enfocamos en las problemáticas asociadas al diseño de dos de los componentes más críticos de la infraestructura de la SG : los medidores inteligentes (SMs) y las redes de sensores inalámbricos (WSNs). Los SMs miden el consumo de energía de los usuarios y transmiten sus medidas al proveedor de servicio casi en tiempo real. Las medidas de SM permiten la optimización en tiempo real de la gestión de carga en la red. Sin embargo, el posible mal uso de estas medidas plantea preocupaciones graves en cuanto a la privacidad de los usuarios. El desafío es, por lo tanto, diseñar técnicas que puedan aumentar la privacidad de los usuarios manteniendo las capacidades de supervisión que proveen los SMs. Una solución tecnológica es el diseño de sistemas de gestión de energía (EM) inteligentes compuestos por dispositivos de almacenamiento y generación alternativa de energía. Las WSNs se componen de un gran número de sensores, que miden parámetros físicos y transmiten sus mediciones a los centros de control (CCs) mediante enlaces inalámbricos. Los CCs utilizan estas mediciones para estimar el estado del sistema. Para una gestión fiable de la SG, una buena reconstrucción del estado del sistema en tiempo real es crucial. Por ello, es preciso investigar estrategias de transmisión con estrictos requisitos de complejidad y limitaciones de latencia. Para afrontar estos desafíos, esta tesis investiga y diseña técnicas de EM para preservar la privacidad de los usuarios de SM y estrategias de transmisión para WSNs con limitaciones de latencia. Las técnicas de EM propuestas proporcionan privacidad a los consumidores de energía manteniendo los beneficios operacionales para la SG. Las estrategias de transmisión propuestas permiten a las WSNs satisfacer los requisitos de baja latencia necesarios para la reconstrucción precisa del estado en tiempo real; y por lo tanto, la gestión eficiente y robusta de la SG. En primer lugar, consideramos el diseño de un sistema de SM con una unidad de almacenamiento y generación de energía renovable. Representando el sistema con un modelo de estados finitos y de tiempo discreto, proponemos políticas estocásticas de EM. Para las políticas propuestas, caracterizamos la relación fundamental existente entre la privacidad y la eficiencia de energía del usuario, donde la privacidad se mide mediante la tasa de fuga de información y la eficiencia de energía se mide mediante la tasa de energía perdida. En segundo lugar, consideramos el diseño de un sistema de SM con una unidad de almacenamiento. Considerando un modelo de tiempo discreto, estudiamos la relación existente entre la privacidad y el coste de la energía, donde la privacidad se mide por la variación de la carga, así como la información mutua. Suponiendo que el perfil de la demanda de energía y los precios son conocidos de antemano, caracterizamos la política de EM óptima. Suponiendo que la demanda de energía es conocida sólo para el tiempo actual, obtenemos la política de EM óptima mediante programación dinámica, y proponemos una política heurística de baja complejidad. Para las políticas propuestas, caracterizamos la relación existente entre la privacidad y el coste de energía del usuario. Finalmente, consideramos el diseño de estrategias de transmisión lineal (LT) de mediciones Gaussianas compuestas desde un sensor a un CC sobre un canal punto a punto con desvanecimientos. Suponiendo que la información del estado del canal (CSI) es conocida tanto por el trasmisor como por el receptor, proponemos la estrategia de LT óptima en términos de la distorsión de error cuadrático medio (MSE) bajo una restricción de latencia estricta y dos estrategias de LT para restricciones de latencia arbitrarias. Suponiendo que la CSI es conocida sólo en el receptor, proponemos la estrategia de LT óptima en términos de la distorsión de MSE bajo una restricción de latencia estricta.La xarxa d'energia intel·ligent (SG) és la millora de la xarxa elèctrica tradicional. En aquesta tesi, ens enfoquem en les problemàtiques associades al disseny de dos dels components més crítics de la infraestructura de la SG : els mesuradors de consum intel·ligents(SMs) i les xarxes de sensors sense fils (WSNs).Els SMs mesuren el consum d'energia dels usuaris i transmeten les seves mesures al proveïdor de servei gairebé en temps real. Les mesures de SM permeten l'optimització en temps real de la gestió de càrrega a la xarxa. No obstant això, el possible mal ús d'aquestes mesures planteja preocupacions greus en quant a la privacitat dels usuaris. El desafiament és, per tant, dissenyar tècniques que puguin augmentar la privadesa dels usuaris mantenint les capacitats de supervisió que proveeixen els SMs. Una solució tecnològica és el disseny de sistemes de gestió d'energia (EM) intel·ligents compostos per dispositius d'emmagatzematge i generació alternativa d'energia.Les WSNs es componen d'un gran nombre de sensors, que mesuren paràmetres físics i transmeten les seves mesures als centres de control (CCs) mitjançant enllaços sense fils. Els CCs utilitzen aquestes mesures per estimar l'estat del sistema. Per a una gestió fiable de la SG, una bona reconstrucció de l'estat del sistema en temps real és crucial. Per això, cal investigar estratègies de transmissió amb estrictes requisits de complexitat i limitacions de latència. Per d'afrontar aquests desafiaments, aquesta tesi investiga i dissenya tècniques d'EM per preservar la privacitat dels usuaris de SM i estratègies de transmissió per WSNs amb limitacions de latència. Les tècniques d'EM propostes proporcionen privacitats als consumidors d'energia mantenint els beneficis operacionals per la SG. Les estratègies de transmissió proposades permeten a les WSNs satisfer els requisits de baixa latència necessaris per a la reconstrucció precisa de l'estat en temps real; i per tant, la gestió eficient i robusta de la SG.En primer lloc, considerem el disseny d'un sistema de SM amb una unitat d'emmagatzematge i generació d'energia renovable. Representant el sistema amb un model d'estats finits i de temps discret, proposem polítiques estocàstiques d'EM. Per a les polítiques propostes, caracteritzem la relació fonamental existent entre la privadesa i l'eficiència d'energia de l'usuari, on la privacitat es mesura mitjançant la taxa de fugida d'informació i l'eficiència d'energia es mesura mitjançant la taxa d'energia perduda.En segon lloc, considerem el disseny d'un sistema de SM amb una unitat d'emmagatzematge. Considerant un model de temps discret, estudiem la relació existent entre la privacitat el cost de l'energia, on la privacitat es mesura per la variació de la càrrega, així com mitjançant la informació mútua. Suposant que la corba de la demanda d'energia i els preus són coneguts per endavant, caracteritzem la política d'EM òptima. Suposant que la demanda d'energia és coneguda només per al temps actual, obtenim la política d'EM òptima mitjançant programació dinàmica, i proposem una política heurística de baixa complexitat. Per a les polítiques propostes, caracteritzem la relació existent entre la privacitat i el cost d'energia de l'usuari.Finalment, considerem el disseny d'estratègies de transmissió lineal (LT) de mesures Gaussianes compostes des d'un sensor a un CC sobre un canal punt a punt amb esvaïments. Suposant que la informació de l'estat del canal (CSI) és coneguda tant pel transmissor com pel receptor, proposem l'estratègia de LT òptima en termes de la distorsió d'error quadràtic mitjà (MSE) sota una restricció de latència estricta. A més, proposem dues estratègies de LT per a restriccions de latència arbitràries. Finalment, suposant que la CSI és coneguda només en el receptor, proposem l'estratègia de LT òptima en termes de la distorsió de MSE sota una restricció de latència estricta

Privacy-Preserving Distributed Optimization via Subspace Perturbation: A General Framework

As the modern world becomes increasingly digitized and interconnected, distributed signal processing has proven to be effective in processing its large volume of data. However, a main challenge limiting the broad use of distributed signal processing techniques is the issue of privacy in handling sensitive data. To address this privacy issue, we propose a novel yet general subspace perturbation method for privacy-preserving distributed optimization, which allows each node to obtain the desired solution while protecting its private data. In particular, we show that the dual variables introduced in each distributed optimizer will not converge in a certain subspace determined by the graph topology. Additionally, the optimization variable is ensured to converge to the desired solution, because it is orthogonal to this non-convergent subspace. We therefore propose to insert noise in the non-convergent subspace through the dual variable such that the private data are protected, and the accuracy of the desired solution is completely unaffected. Moreover, the proposed method is shown to be secure under two widely-used adversary models: passive and eavesdropping. Furthermore, we consider several distributed optimizers such as ADMM and PDMM to demonstrate the general applicability of the proposed method. Finally, we test the performance through a set of applications. Numerical tests indicate that the proposed method is superior to existing methods in terms of several parameters like estimated accuracy, privacy level, communication cost and convergence rate