Visible to the public Biblio

Filters: Keyword is Smart Grid Privacy  [Clear All Filters]
2020-03-09
Xie, Yuanpeng, Jiang, Yixin, Liao, Runfa, Wen, Hong, Meng, Jiaxiao, Guo, Xiaobin, Xu, Aidong, Guan, Zewu.  2015.  User Privacy Protection for Cloud Computing Based Smart Grid. 2015 IEEE/CIC International Conference on Communications in China - Workshops (CIC/ICCC). :7–11.

The smart grid aims to improve the efficiency, reliability and safety of the electric system via modern communication system, it's necessary to utilize cloud computing to process and store the data. In fact, it's a promising paradigm to integrate smart grid into cloud computing. However, access to cloud computing system also brings data security issues. This paper focuses on the protection of user privacy in smart meter system based on data combination privacy and trusted third party. The paper demonstrates the security issues for smart grid communication system and cloud computing respectively, and illustrates the security issues for the integration. And we introduce data chunk storage and chunk relationship confusion to protect user privacy. We also propose a chunk information list system for inserting and searching data.

Salehie, Mazeiar, Pasquale, Liliana, Omoronyia, Inah, Nuseibeh, Bashar.  2012.  Adaptive Security and Privacy in Smart Grids: A Software Engineering Vision. 2012 First International Workshop on Software Engineering Challenges for the Smart Grid (SE-SmartGrids). :46–49.

Despite the benefits offered by smart grids, energy producers, distributors and consumers are increasingly concerned about possible security and privacy threats. These threats typically manifest themselves at runtime as new usage scenarios arise and vulnerabilities are discovered. Adaptive security and privacy promise to address these threats by increasing awareness and automating prevention, detection and recovery from security and privacy requirements' failures at runtime by re-configuring system controls and perhaps even changing requirements. This paper discusses the need for adaptive security and privacy in smart grids by presenting some motivating scenarios. We then outline some research issues that arise in engineering adaptive security. We particularly scrutinize published reports by NIST on smart grid security and privacy as the basis for our discussions.

Richardson, Christopher, Race, Nicholas, Smith, Paul.  2016.  A Privacy Preserving Approach to Energy Theft Detection in Smart Grids. 2016 IEEE International Smart Cities Conference (ISC2). :1–4.

A major challenge for utilities is energy theft, wherein malicious actors steal energy for financial gain. One such form of theft in the smart grid is the fraudulent amplification of energy generation measurements from DERs, such as photo-voltaics. It is important to detect this form of malicious activity, but in a way that ensures the privacy of customers. Not considering privacy aspects could result in a backlash from customers and a heavily curtailed deployment of services, for example. In this short paper, we present a novel privacy-preserving approach to the detection of manipulated DER generation measurements.

Niu, Yukun, Tan, Xiaobin, Zhou, Zifei, Zheng, Jiangyu, Zhu, Jin.  2013.  Privacy Protection Scheme in Smart Grid Using Rechargeable Battery. Proceedings of the 32nd Chinese Control Conference. :8825–8830.

It can get the user's privacy and home energy use information by analyzing the user's electrical load information in smart grid, and this is an area of concern. A rechargeable battery may be used in the home network to protect user's privacy. In this paper, the battery can neither charge nor discharge, and the power of battery is adjustable, at the same time, we model the real user's electrical load information and the battery power information and the recorded electrical power of smart meters which are processed with discrete way. Then we put forward a heuristic algorithm which can make the rate of information leakage less than existing solutions. We use statistical methods to protect user's privacy, the theoretical analysis and the examples show that our solution makes the scene design more reasonable and is more effective than existing solutions to avoid the leakage of the privacy.

Neureiter, Christian, Eibl, Günther, Veichtlbauer, Armin, Engel, Dominik.  2013.  Towards a Framework for Engineering Smart-Grid-Specific Privacy Requirements. IECON 2013 - 39th Annual Conference of the IEEE Industrial Electronics Society. :4803–4808.

Privacy has become a critical topic in the engineering of electric systems. This work proposes an approach for smart-grid-specific privacy requirements engineering by extending previous general privacy requirements engineering frameworks. The proposed extension goes one step further by focusing on privacy in the smart grid. An alignment of smart grid privacy requirements, dependability issues and privacy requirements engineering methods is presented. Starting from this alignment a Threat Tree Analysis is performed to obtain a first set of generic, high level privacy requirements. This set is formulated mostly on the data instead of the information level and provides the basis for further project-specific refinement.

Knirsch, Fabian, Engel, Dominik, Frincu, Marc, Prasanna, Viktor.  2015.  Model-Based Assessment for Balancing Privacy Requirements and Operational Capabilities in the Smart Grid. 2015 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–5.

The smart grid changes the way energy is produced and distributed. In addition both, energy and information is exchanged bidirectionally among participating parties. Therefore heterogeneous systems have to cooperate effectively in order to achieve a common high-level use case, such as smart metering for billing or demand response for load curtailment. Furthermore, a substantial amount of personal data is often needed for achieving that goal. Capturing and processing personal data in the smart grid increases customer concerns about privacy and in addition, certain statutory and operational requirements regarding privacy aware data processing and storage have to be met. An increase of privacy constraints, however, often limits the operational capabilities of the system. In this paper, we present an approach that automates the process of finding an optimal balance between privacy requirements and operational requirements in a smart grid use case and application scenario. This is achieved by formally describing use cases in an abstract model and by finding an algorithm that determines the optimum balance by forward mapping privacy and operational impacts. For this optimal balancing algorithm both, a numeric approximation and - if feasible - an analytic assessment are presented and investigated. The system is evaluated by applying the tool to a real-world use case from the University of Southern California (USC) microgrid.

Ionescu, Tudor B., Engelbrecht, Gerhard.  2016.  The Privacy Case: Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns. 2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG). :1–6.

Processing smart grid data for analytics purposes brings about a series of privacy-related risks. In order to allow for the most suitable mitigation strategies, reasonable privacy risks need to be addressed by taking into consideration the perspective of each smart grid stakeholder separately. In this context, we use the notion of privacy concerns to reflect potential privacy risks from the perspective of different smart grid stakeholders. Privacy concerns help to derive privacy goals, which we represent using the goals structuring notation. Thus represented goals can more comprehensibly be addressed through technical and non-technical strategies and solutions. The thread of argumentation - from concerns to goals to strategies and solutions - is presented in form of a privacy case, which is analogous to the safety case used in the automotive domain. We provide an exemplar privacy case for the smart grid developed as part of the Aspern Smart City Research project.

Gope, Prosanta, Sikdar, Biplab.  2018.  An Efficient Privacy-Preserving Dynamic Pricing-Based Billing Scheme for Smart Grids. 2018 IEEE Conference on Communications and Network Security (CNS). :1–2.

This paper proposes a lightweight and privacy-preserving data aggregation scheme for dynamic electricity pricing based billing in smart grids using the concept of single-pass authenticated encryption (AE). Unlike existing literature that only considers static pricing, to the best of our knowledge, this is the first paper to address privacy under dynamic pricing.

Fhom, Hervais Simo, Bayarou, Kpatcha M..  2011.  Towards a Holistic Privacy Engineering Approach for Smart Grid Systems. 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications. :234–241.

Protecting energy consumers's data and privacy is a key factor for the further adoption and diffusion of smart grid technologies and applications. However, current smart grid initiatives and implementations around the globe tend to either focus on the need for technical security to the detriment of privacy or consider privacy as a feature to add after system design. This paper aims to contribute towards filling the gap between this fact and the accepted wisdom that privacy concerns should be addressed as early as possible (preferably when modeling system's requirements). We present a methodological framework for tackling privacy concerns throughout all phases of the smart grid system development process. We describe methods and guiding principles to help smart grid engineers to elicit and analyze privacy threats and requirements from the outset of the system development, and derive the best suitable countermeasures, i.e. privacy enhancing technologies (PETs), accordingly. The paper also provides a summary of modern PETs, and discusses their context of use and contributions with respect to the underlying privacy engineering challenges and the smart grid setting being considered.

Farquharson, J., Wang, A., Howard, J..  2012.  Smart Grid Cyber Security and Substation Network Security. 2012 IEEE PES Innovative Smart Grid Technologies (ISGT). :1–5.

A successful Smart Grid system requires purpose-built security architecture which is explicitly designed to protect customer data confidentiality. In addition to the investment on electric power infrastructure for protecting the privacy of Smart Grid-related data, entities need to actively participate in the NIST interoperability framework process; establish policies and oversight structure for the enforcement of cyber security controls of the data through adoption of security best practices, personnel training, cyber vulnerability assessments, and consumer privacy audits.

2019-03-28
Subasi, A., Al-Marwani, K., Alghamdi, R., Kwairanga, A., Qaisar, S. M., Al-Nory, M., Rambo, K. A..  2018.  Intrusion Detection in Smart Grid Using Data Mining Techniques. 2018 21st Saudi Computer Society National Computer Conference (NCC). :1-6.

The rapid growth of population and industrialization has given rise to the way for the use of technologies like the Internet of Things (IoT). Innovations in Information and Communication Technologies (ICT) carries with it many challenges to our privacy's expectations and security. In Smart environments there are uses of security devices and smart appliances, sensors and energy meters. New requirements in security and privacy are driven by the massive growth of devices numbers that are connected to IoT which increases concerns in security and privacy. The most ubiquitous threats to the security of the smart grids (SG) ascended from infrastructural physical damages, destroying data, malwares, DoS, and intrusions. Intrusion detection comprehends illegitimate access to information and attacks which creates physical disruption in the availability of servers. This work proposes an intrusion detection system using data mining techniques for intrusion detection in smart grid environment. The results showed that the proposed random forest method with a total classification accuracy of 98.94 %, F-measure of 0.989, area under the ROC curve (AUC) of 0.999, and kappa value of 0.9865 outperforms over other classification methods. In addition, the feasibility of our method has been successfully demonstrated by comparing other classification techniques such as ANN, k-NN, SVM and Rotation Forest.

Costantino, G., Marra, A. La, Martinelli, F., Mori, P., Saracino, A..  2018.  Privacy Preserving Distributed Computation of Private Attributes for Collaborative Privacy Aware Usage Control Systems. 2018 IEEE International Conference on Smart Computing (SMARTCOMP). :315-320.

Collaborative smart services provide functionalities which exploit data collected from different sources to provide benefits to a community of users. Such data, however, might be privacy sensitive and their disclosure has to be avoided. In this paper, we present a distributed multi-tier framework intended for smart-environment management, based on usage control for policy evaluation and enforcement on devices belonging to different collaborating entities. The proposed framework exploits secure multi-party computation to evaluate policy conditions without disclosing actual value of evaluated attributes, to preserve privacy. As reference example, a smart-grid use case is presented.

Ambassa, P. L., Kayem, A. V. D. M., Wolthusen, S. D., Meinel, C..  2018.  Privacy Risks in Resource Constrained Smart Micro-Grids. 2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA). :527-532.

In rural/remote areas, resource constrained smart micro-grid (RCSMG) architectures can offer a cost-effective power management and supply alternative to national power grid connections. RCSMG architectures handle communications over distributed lossy networks to minimize operation costs. However, the unreliable nature of lossy networks makes privacy an important consideration. Existing anonymisation works on data perturbation work mainly by distortion with additive noise. Apply these solutions to RCSMGs is problematic, because deliberate noise additions must be distinguishable both from system and adversarial generated noise. In this paper, we present a brief survey of privacy risks in RCSMGs centered on inference, and propose a method of mitigating these risks. The lesson here is that while RCSMGs give users more control over power management and distribution, good anonymisation is essential to protecting personal information on RCSMGs.

Fernández, Maribel, Jaimunk, Jenjira, Thuraisingham, Bhavani.  2018.  Graph-Based Data-Collection Policies for the Internet of Things. Proceedings of the 4th Annual Industrial Control System Security Workshop. :9-16.

Smart industrial control systems (e.g., smart grid, oil and gas systems, transportation systems) are connected to the internet, and have the capability to collect and transmit data; as such, they are part of the IoT. The data collected can be used to improve services; however, there are serious privacy risks. This concern is usually addressed by means of privacy policies, but it is often difficult to understand the scope and consequences of such policies. Better tools to visualise and analyse data collection policies are needed. Graph-based modelling tools have been used to analyse complex systems in other domains. In this paper, we apply this technique to IoT data-collection policy analysis and visualisation. We describe graphical representations of category-based data collection policies and show that a graph-based policy language is a powerful tool not only to specify and visualise the policy, but also to analyse policy properties. We illustrate the approach with a simple example in the context of a chemical plant with a truck monitoring system. We also consider policy administration: we propose a classification of queries to help administrators analyse policies, and we show how the queries can be answered using our technique.

Riella, Rodrigo J., Iantorno, Luciana M., Junior, Laerte C. R., Seidel, Dilmari, Fonseca, Keiko V. O., Gomes-Jr, Luiz, Rosa, Marcelo O..  2018.  Securing Smart Metering Applications in Untrusted Clouds with the SecureCloud Platform. Proceedings of the 1st Workshop on Privacy by Design in Distributed Systems. :5:1-5:6.

Data security in smart metering applications is important not only to secure the customer privacy but also to protect the power utility against fraud attempts. Usual deployment of metering applications rely on the power utility infrastructure, assuming its Advanced Metering Infrastructure (AMI) as trustworthy. This paper describes the design and deployment of a smart metering system focusing on the security of the AMI (smart meters, data aggregator on the field, Metering Data Collection system and metering database) considering the data processing on untrusted clouds. We discuss one use case of the SecureCloud project, an ongoing project that investigates how security and privacy requirements of smart grid applications can be met with a secure cloud platform based on Intel SGX enclaves. The paper describes the components of the advanced metering system as well as the security approach adopted to meet its requirements. A smart metering application has been prototyped in the SecureCloud platform and the integration challenges are discussed from the perspectives of security, privacy and scalability.

Wen, M., Yao, D., Li, B., Lu, R..  2018.  State Estimation Based Energy Theft Detection Scheme with Privacy Preservation in Smart Grid. 2018 IEEE International Conference on Communications (ICC). :1-6.

The increasing deployment of smart meters at individual households has significantly improved people's experience in electricity bill payments and energy savings. It is, however, still challenging to guarantee the accurate detection of attacked meters' behaviors as well as the effective preservation of users'privacy information. In addition, rare existing research studies jointly consider both these two aspects. In this paper, we propose a Privacy-Preserving energy Theft Detection scheme (PPTD) to address the energy theft behaviors and information privacy issues in smart grid. Specifically, we use a recursive filter based on state estimation to estimate the user's energy consumption, and detect the abnormal data. During data transmission, we use the lightweight NTRU algorithm to encrypt the user's data to achieve privacy preservation. Security analysis demonstrates that in the PPTD scheme, only authorized units can transmit/receive data, and data privacy are also preserved. The performance evaluation results illustrate that our PPTD scheme can significantly reduce the communication and computation costs, and effectively detect abnormal users.

He, Z., Pan, S., Lin, D..  2018.  PMDA: Privacy-Preserving Multi-Functional Data Aggregation Without TTP in Smart Grid. 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE). :1107-1114.

In the smart grid, residents' electricity usage needs to be periodically measured and reported for the purpose of better energy management. At the same time, real-time collection of residents' electricity consumption may unfavorably incur privacy leakage, which has motivated the research on privacy-preserving aggregation of electricity readings. Most previous studies either rely on a trusted third party (TTP) or suffer from expensive computation. In this paper, we first reveal the privacy flaws of a very recent scheme pursing privacy preservation without relying on the TTP. By presenting concrete attacks, we show that this scheme has failed to meet the design goals. Then, for better privacy protection, we construct a new scheme called PMDA, which utilizes Shamir's secret sharing to allow smart meters to negotiate aggregation parameters in the absence of a TTP. Using only lightweight cryptography, PMDA efficiently supports multi-functional aggregation of the electricity readings, and simultaneously preserves residents' privacy. Theoretical analysis is provided with regard to PMDA's security and efficiency. Moreover, experimental data obtained from a prototype indicates that our proposal is efficient and feasible for practical deployment.

Bagri, D., Rathore, S. K..  2018.  Research Issues Based on Comparative Work Related to Data Security and Privacy Preservation in Smart Grid. 2018 4th International Conference on Computing Sciences (ICCS). :88-91.

With the advancement of Technology, the existing electric grids are shifting towards smart grid. The smart grids are meant to be effective in power management, secure and safe in communication and more importantly, it is favourable to the environment. The smart grid is having huge architecture it includes various stakeholders that encounter challenges in the name of authorisation and authentication. The smart grid has another important issue to deal with that is securing the communication from varieties of cyber-attacks. In this paper, we first discussed about the challenges in the smart grid data communication and later we surveyed the existing cryptographic algorithm and presented comparative work on certain factors for existing working cryptographic algorithms This work gives insight conclusion to improve the working scheme for data security and Privacy preservation of customer who is one of the stack holders. Finally, with the comparative work, we suggest a direction of future work on improvement of working algorithms for secure and safe data communication in a smart grid.

2018-07-13
Yangfend Qu, Illinois Institute of Technology, Xin Liu, Illinois Institute of Technology, Dong Jin, Illinois Institute of Technology, Yuan Hong, Illinois Institute of Technology, Chen Chen, Argonne National Laboratory.  2018.  Enabling a Resilient and Self-healing PMU Infrastructure Using Centralized Network Control. 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization.

Many of the emerging wide-area monitoring protection and control (WAMPAC) applications in modern electrical grids rely heavily on the availability and integrity of widespread phasor measurement unit (PMU) data. Therefore, it is critical to protect PMU networks against growing cyber-attacks and system faults. In this paper, we present a self-healing PMU network design that considers both power system observability and communication network characteristics. Our design utilizes centralized network control, such as the emerging software-defined networking (SDN) technology, to design resilient network self-healing algorithms against cyber-attacks. Upon detection of a cyber-attack, the PMU network can reconfigure itself to isolate compromised devices and re-route measurement
data with the goal of preserving the power system observability. We have developed a proof-of-concept system in a container-based network testbed using integer linear programming to solve a graphbased PMU system model.We also evaluate the system performance regarding the self-healing plan generation and installation using the IEEE 30-bus system.
 

2018-05-30
Afrin, S., Mishra, S..  2017.  On the Analysis of Collaborative Anonymity Set Formation (CASF) Method for Privacy in the Smart Grid. 2017 IEEE International Symposium on Technologies for Homeland Security (HST). :1–6.

The collection of high frequency metering data in the emerging smart grid gives rise to the concern of consumer privacy. Anonymization of metering data is one of the proposed approaches in the literature, which enables transmission of unmasked data while preserving the privacy of the sender. Distributed anonymization methods can reduce the dependency on service providers, thus promising more privacy for the consumers. However, the distributed communication among the end-users introduces overhead and requires methods to prevent external attacks. In this paper, we propose four variants of a distributed anonymization method for smart metering data privacy, referred to as the Collaborative Anonymity Set Formation (CASF) method. The performance overhead analysis and security analysis of the variants are done using NS-3 simulator and the Scyther tool, respectively. It is shown that the proposed scheme enhances the privacy preservation functionality of an existing anonymization scheme, while being robust against external attacks.

2018-02-21
Henneke, D., Freudenmann, C., Wisniewski, L., Jasperneite, J..  2017.  Implementation of industrial cloud applications as controlled local systems (CLS) in a smart grid context. 2017 22nd IEEE International Conference on Emerging Technologies and Factory Automation (ETFA). :1–7.

In Germany, as of 2017, a new smart metering infrastructure based on high security and privacy requirements will be deployed. It provides interfaces to connect meters for different commodities, to allow end users to retrieve the collected measurement data, to connect to the metering operators, and to connect Controllable Local Systems (CLSs) that establish a TLS secured connection to third parties in order to exchange data or for remote controlling of energy devices. This paper aims to connect industrial machines as CLS devices since it shows that the demands and main ideas of remotely controlled devices in the Smart Grid context and Industrial Cloud Applications match on the communication level. It describes the general architecture of the Smart Metering infrastructure in Germany, introduces the defined roles, depicts the configuration process on the different organizational levels, demonstrates the connection establishment and the initiating partners, concludes on the potential industrial use cases of this infrastructure, and provides open questions and room for further research.

Shajaiah, H., Abdelhadi, A., Clancy, C..  2017.  Secure power scheduling auction for smart grids using homomorphic encryption. 2017 IEEE International Conference on Big Data (Big Data). :4507–4512.

In this paper, we introduce a secure energy trading auction approach to schedule the power plant limited resources during peak hours time slots. In the proposed auction model, the power plant serving a power grid shares with the smart meters its available amount of resources that is expected during the next future peak time slot; smart meters expecting a demand for additional power participate in the power auction by submitting bids of their offered price for their requested amount of power. In order to secure the power auction and protect smart meters' privacy, homomorphic encryption through Paillier cryptosystem is used to secure the bidding values and ensure avoiding possible insincere behaviors of smart meters or the grid operator (i.e. the auctioneer) to manipulate the auction for their own benefits. In addition, we use a payment rule that maximizes the power plant's revenue. We propose an efficient power scheduling mechanism to distribute the operator's limited resources among smart meters participating in the power auction. Finally, we present simulation results for the performance of our secure power scheduling auction mechanism.

Marksteiner, S., Vallant, H..  2017.  Towards a secure smart grid storage communications gateway. 2017 Smart City Symposium Prague (SCSP). :1–6.

This research in progress paper describes the role of cyber security measures undertaken in an ICT system for integrating electric storage technologies into the grid. To do so, it defines security requirements for a communications gateway and gives detailed information and hands-on configuration advice on node and communication line security, data storage, coping with backend M2M communications protocols and examines privacy issues. The presented research paves the road for developing secure smart energy communications devices that allow enhancing energy efficiency. The described measures are implemented in an actual gateway device within the HORIZON 2020 project STORY, which aims at developing new ways to use storage and demonstrating these on six different demonstration sites.

Bebrov, G., Dimova, R., Pencheva, E..  2017.  Quantum approach to the information privacy in Smart Grid. 2017 International Conference on Optimization of Electrical and Electronic Equipment (OPTIM) 2017 Intl Aegean Conference on Electrical Machines and Power Electronics (ACEMP). :971–976.

Protection of information achieves keeping confidentiality, integrity, and availability of the data. These features are essential for the proper operation of modern industrial technologies, like Smart Grid. The complex grid system integrates many electronic devices that provide an efficient way of exploiting the power systems but cause many problems due to their vulnerabilities to attacks. The aim of the work is to propose a solution to the privacy problem in Smart Grid communication network between the customers and Control center. It consists in using the relatively new cryptographic task - quantum key distribution (QKD). The solution is based on choosing an appropriate quantum key distribution method out of all the conventional ones by performing an assessment in terms of several parameters. The parameters are: key rate, operating distances, resources, and trustworthiness of the devices involved. Accordingly, we discuss an answer to the privacy problem of the SG network with regard to both security and resource economy.

Lyu, L., Law, Y. W., Jin, J., Palaniswami, M..  2017.  Privacy-Preserving Aggregation of Smart Metering via Transformation and Encryption. 2017 IEEE Trustcom/BigDataSE/ICESS. :472–479.

This paper proposes a novel privacy-preserving smart metering system for aggregating distributed smart meter data. It addresses two important challenges: (i) individual users wish to publish sensitive smart metering data for specific purposes, and (ii) an untrusted aggregator aims to make queries on the aggregate data. We handle these challenges using two main techniques. First, we propose Fourier Perturbation Algorithm (FPA) and Wavelet Perturbation Algorithm (WPA) which utilize Fourier/Wavelet transformation and distributed differential privacy (DDP) to provide privacy for the released statistic with provable sensitivity and error bounds. Second, we leverage an exponential ElGamal encryption mechanism to enable secure communications between the users and the untrusted aggregator. Standard differential privacy techniques perform poorly for time-series data as it results in a Θ(n) noise to answer n queries, rendering the answers practically useless if n is large. Our proposed distributed differential privacy mechanism relies on Gaussian principles to generate distributed noise, which guarantees differential privacy for each user with O(1) error, and provides computational simplicity and scalability. Compared with Gaussian Perturbation Algorithm (GPA) which adds distributed Gaussian noise to the original data, the experimental results demonstrate the superiority of the proposed FPA and WPA by adding noise to the transformed coefficients.