Security and Privacy in Smart Grid

Smart grid utilizes different communication technologies to enhance the reliability and efficiency of the power grid; it allows bi-directional flow of electricity and information, about grid status and customers requirements, among different parties in the grid, i.e., connect generation, distribution, transmission, and consumption subsystems together. Thus, smart grid reduces the power losses and increases the efficiency of electricity generation and distribution. Although smart grid improves the quality of grid's services, it exposes the grid to the cyber security threats that communication networks suffer from in addition to other novel threats because of power grid's nature. For instance, the electricity consumption messages sent from consumers to the utility company via wireless network may be captured, modified, or replayed by adversaries. As a consequent, security and privacy concerns are significant challenges in smart grid. Smart grid upgrade creates three main communication architectures: The first one is the communication between electricity customers and utility companies via various networks; i.e., home area networks (HANs), building area networks (BANs), and neighbour area networks (NANs), we refer to these networks as customer-side networks in our thesis. The second architecture is the communication between EVs and grid to charge/discharge their batteries via vehicle-to-grid (V2G) connection. The last network is the grid's connection with measurements units that spread all over the grid to monitor its status and send periodic reports to the main control center (CC) for state estimation and bad data detection purposes. This thesis addresses the security concerns for the three communication architectures. For customer-side networks, the privacy of consumers is the central concern for these networks; also, the transmitted messages integrity and confidentiality should be guaranteed. While the main security concerns for V2G networks are the privacy of vehicle's owners besides the authenticity of participated parties. In the grid's connection with measurements units, integrity attacks, such as false data injection (FDI) attacks, target the measurements' integrity and consequently mislead the main CC to make the wrong decisions for the grid. The thesis presents two solutions for the security problems in the first architecture; i.e., the customer-side networks. The first proposed solution is security and privacy-preserving scheme in BAN, which is a cluster of HANs. The proposed scheme is based on forecasting the future electricity demand for the whole BAN cluster. Thus, BAN connects to the electricity provider only if the total demand of the cluster is changed. The proposed scheme employs the lattice-based public key NTRU crypto-system to guarantee the confidentiality and authenticity of the exchanged messages and to further reduce the computation and communication load. The security analysis shows that our proposed scheme can achieve the privacy and security requirements. In addition, it efficiently reduces the communication and computation overhead. According to the second solution, it is lightweight privacy-preserving aggregation scheme that permits the smart household appliances to aggregate their readings without involving the connected smart meter. The scheme deploys a lightweight lattice-based homomorphic crypto-system that depends on simple addition and multiplication operations. Therefore, the proposed scheme guarantees the customers' privacy and message integrity with lightweight overhead. In addition, the thesis proposes lightweight secure and privacy-preserving V2G connection scheme, in which the power grid assures the confidentiality and integrity of exchanged information during (dis)charging electricity sessions and overcomes EVs' authentication problem. The proposed scheme guarantees the financial profits of the grid and prevents EVs from acting maliciously. Meanwhile, EVs preserve their private information by generating their own pseudonym identities. In addition, the scheme keeps the accountability for the electricity-exchange trade. Furthermore, the proposed scheme provides these security requirements by lightweight overhead; as it diminishes the number of exchanged messages during (dis)charging sessions. Simulation results demonstrate that the proposed scheme significantly reduces the total communication and computation load for V2G connection especially for EVs. FDI attack, which is one of the severe attacks that threatens the smart grid's efficiency and reliability, inserts fake measurements among the correct ones to mislead CC to make wrong decisions and consequently impact on the grid's performance. In the thesis, we have proposed an FDI attack prevention technique that protects the integrity and availability of the measurements at measurement units and during their transmission to the CC, even with the existence of compromised units. The proposed scheme alleviates the negative impacts of FDI attack on grid's performance. Security analysis and performance evaluation show that our scheme guarantees the integrity and availability of the measurements with lightweight overhead, especially on the restricted-capabilities measurement units. The proposed schemes are promising solutions for the security and privacy problems of the three main communication networks in smart grid. The novelty of these proposed schemes does not only because they are robust and efficient security solutions, but also due to their lightweight communication and computation overhead, which qualify them to be applicable on limited-capability devices in the grid. So, this work is considered important progress toward more reliable and authentic smart grid

Resource Efficient Advanced Metering Infrastructure Model

Advanced Metering Infrastructure (AMI) enables two-way communication between smart devices and utility control centers. This involves remote monitoring and control of energy consumption as well as other parameters in the electrical power network in real time. However, increasing technologies in AMI due to huge deployment of smart meters, integration of devices and application of sensors, demand a strong architectural model with the best network topology to guarantee efficient usage of network resources with minimal latency. In this work, a resource efficient multi-hop network architecture is proposed using hybrid media access protocols. The architecture combines queuing and random-access protocol to achieve optimal network performance. Numerical results show that the probability of delay incurred by an arbitrary smart meter depends on the mean and distribution of the queue switch over a period. It is also observed that for a single queued system, the throughput performance is equal to the existing hybrid method. As the number of smart meters increases to 500, the throughput of the proposed method improves by 10% compared to the existing method. Likewise, as the number of smart meters increases to 500, the delay reduced by 15% compared to the existing method. Keywords: Advanced Metering Infrastructure; hybrid media access protocols; Smart Meter; Smart Grid; Power Network

On security and privacy of consensus-based protocols in blockchain and smart grid

In recent times, distributed consensus protocols have received widespread attention in the area of blockchain and smart grid. Consensus algorithms aim to solve an agreement problem among a set of nodes in a distributed environment. Participants in a blockchain use consensus algorithms to agree on data blocks containing an ordered set of transactions. Similarly, agents in the smart grid employ consensus to agree on specific values (e.g., energy output, market-clearing price, control parameters) in distributed energy management protocols. This thesis focuses on the security and privacy aspects of a few popular consensus-based protocols in blockchain and smart grid. In the blockchain area, we analyze the consensus protocol of one of the most popular payment systems: Ripple. We show how the parameters chosen by the Ripple designers do not prevent the occurrence of forks in the system. Furthermore, we provide the conditions to prevent any fork in the Ripple network. In the smart grid area, we discuss the privacy issues in the Economic Dispatch (ED) optimization problem and some of its recent solutions using distributed consensus-based approaches. We analyze two state of the art consensus-based ED protocols from Yang et al. (2013) and Binetti et al. (2014). We show how these protocols leak private information about the participants. We propose privacy-preserving versions of these consensus-based ED protocols. In some cases, we also improve upon the communication cost

Αξιολόγηση μηχανισμών ασφάλειας στο έξυπνο δίκτυο διανομής της ηλεκτρικής ενέργειας

Ο στόχος της εργασίας αυτής είναι να συλλέξει, να αναλύσει και να αξιολογήσει λύσεις και ερευνητικές εργασίες σχετικές με το αντικείμενο της ασφάλειας στο έξυπνο δίκτυο διανομής της ηλεκτρικής ενέργειας. Το επίκεντρο αποτέλεσαν εργασίες που χρησιμοποιούν το trusted computing ως τον τρόπο για να επιτύχουν ένα υψηλότερο επίπεδο ασφάλειας, το οποίο και απαιτείται στο έξυπνο δίκτυο διανομής της ηλεκτρικής ενέργειας. Πιο συγκεκριμένα, συλλέχθηκε και αξιολογήθηκε ένα σύνολο εργασιών. Για αυτόν τον σκοπό, οι κύριοι στόχοι των προτεινόμενων λύσεων αναλύθηκαν. Υλοποιήθηκε μια συγκριτική ανάλυση που τονίζει τα πλεονεκτήματα και τα μειονεκτήματα της κάθε λύσης. Βάσει αυτής της σύγκρισης, αξιολογήθηκαν τα αποτελέσματα της κάθε λύσης και δόθηκαν κατευθυντήριες γραμμές για μελλοντικές εργασίες. Συνοψίζοντας, οδηγηθήκαμε στο συμπέρασμα ότι απαιτείται περισσότερη έρευνα στον τομέα της ασφάλειας του έξυπνου δικτύου διανομής της ηλεκτρικής ενέργειας, καθότι μέσω της αξιολόγησης που πραγματοποιήθηκε αποκαλύφθηκε ότι η πλειοψηφία των λύσεων που βρέθηκαν έχουν αδυναμίες είτε από πλευράς ασφάλειας ή από πλευράς επιδόσεων. Επιπρόσθετα, τονίστηκε ότι καθώς οι απαιτήσεις για το έξυπνο δίκτυο διανομής της ηλεκτρικής ενέργειας διαφέρουν από χώρα σε χώρα, καθίστανται αναγκαία η ύπαρξη διεθνών προτύπων. Είναι πεποίθησή μας πως μόνο μετά από μια συνολική επισκόπηση των χαρακτηριστικών του έξυπνου δικτύου διανομής της ηλεκτρικής ενέργειας, τα ζητήματα που προκύπτουν αναφορικά με την ασφάλεια μπορούν να ταυτοποιηθούν και να επιλυθούν με αποτελεσματικό τρόπο.The purpose of this thesis is to collect, analyze and evaluate solutions and research works relevant to the subject of security in smart grid. The focus was on the works that use trusted computing as a way to achieve a higher level of security which is required in smart grid. More specifically, we collected and reviewed a set of papers. To this end, the main goals of the proposed solutions were analyzed. We performed a comparative analysis highlighting the advantages and drawbacks of each solution. Based on this comparison, we evaluated the results of each solution and provided guidelines for the future work. As a generic conclusion, we deduced that more research is required in the field of smart grid security since our evaluation revealed that the majority of the solutions have weak points either from a security or performance point of view. Moreover, we pinpointed that as the standards for the smart grid are different between countries, there is also a need for standardization activities. We believe that only after a uniform view of the smart grid specifications, security issues can be identified and resolved effectively

Averting Robot Eyes

Home robots will cause privacy harms. At the same time, they can provide beneficial services—as long as consumers trust them. This Essay evaluates potential technological solutions that could help home robots keep their promises, avert their eyes, and otherwise mitigate privacy harms. Our goals are to inform regulators of robot-related privacy harms and the available technological tools for mitigating them, and to spur technologists to employ existing tools and develop new ones by articulating principles for avoiding privacy harms. We posit that home robots will raise privacy problems of three basic types: (1) data privacy problems; (2) boundary management problems; and (3) social/relational problems. Technological design can ward off, if not fully prevent, a number of these harms. We propose five principles for home robots and privacy design: data minimization, purpose specifications, use limitations, honest anthropomorphism, and dynamic feedback and participation. We review current research into privacy-sensitive robotics, evaluating what technological solutions are feasible and where the harder problems lie. We close by contemplating legal frameworks that might encourage the implementation of such design, while also recognizing the potential costs of regulation at these early stages of the technology

Iowa Engineer, Volume 2014, No.3

https://ir.uiowa.edu/iowaengineer/1045/thumbnail.jp