privacy enhancing techniques for smart grids
play

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th - PowerPoint PPT Presentation

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor October 18th, 2012 Karlstad Chalmers University of Technology Dept. of Computer Science and Engineering Computer Science and Engineering Department


  1. Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor October 18th, 2012 Karlstad Chalmers University of Technology Dept. of Computer Science and Engineering Computer Science and Engineering Department Chalmers University of Technology, Gothenburg, Sweden

  2. Outline 2  Smart Grid general concepts  Privacy in the Smart Grid  Smart Grid privacy via anonymization of smart metering data  Conclusions

  3. The need for a “Smarter” Grid 3  Electricity as the driving force  Effects of a blackout  2003 a “dark” year  50 mil people left into darkness  Loses in billions $

  4. Smart Energy Smart Meters 4  The traditional electrical grid is changing  By 2020: reduction in electricity consumption reduction in greenhouse gas emissions electricity from renewable energy  EU mandated that by 2020 all the traditional electricity metering devices should be replaced with smart meters Source: http://ec.europa.eu/clima/policies/brief/eu/index_en.htm

  5. Smart Meter description 5 A Smart Meter:  a small embedded system  automates (consumption) index readings  instantaneous consumption  in-door display  time of use tariffs  the base for the Advanced Metering Infrastructure

  6. Smart Meter components 6

  7. The traditional Electrical Grid 7 Distribution Generation Transmission No dedicated real time monitoring Managed and monitored by the SCADA system. system (yet).

  8. From centralized to distributed generation 8 Power Island

  9. Why privacy in Smart Grid? 9  Lots of new sensitive data, gathered with a higher frequency and granularity

  10. Using data from the Advanced Metering Infrastructure 10  By the utility company  Billing  Fraud detection  Operational purposes – grid stability and security  Marketing

  11. Using data from the Advanced Metering Infrastructure 11  By 3 rd parties (benign and malign)  Research related activities  Malicious activities  Fraud  Invasion of privacy  Attacks on critical infrastructures

  12. Protecting Customers’ Privacy 12  Smart metering data can be used to infer information about a customer’s behavior by observing energy usage patterns  Customer’s privacy should be protected against the Utility provider and other 3 rd parties

  13. 13

  14. Achieving Privacy 14  Through data manipulation  Anonymization  Altering data (adding values from a random distribution)  3rd party data aggregation and disclosure  Through load-shedding  Changing consumption pattern using energy storage and/or production facilities at the premises (batteries, renewable energy sources, etc.)

  15. Current Smart Grid Privacy Architectures 15  Anonymous credentials – based on blind signatures  3 rd party escrow mechanism – anonymize high-frequency metering data  Load-signature moderation – load-shedding  Smart energy gateway – establishing levels of privacy  Privacy preserving authentication – using private-public key pairs to create pseudo-identities From: F. Siddiqui, S. Zeadally, C. Alcaraz, and S. Galvao, “Smart Grid Privacy: Issues and Solutions,” in Computer Communications and Networks (ICCCN), 2012 21st International Conference on , 2012, pp. 1–5.

  16. Attacks against Privacy Architectures 16 Examples:  De-pseudo-anonymization – linking by behavior  Data-mining (see more about this later)  Compromising the Trusted 3 rd Party or the Utility Company Database More: M. Jawurek, M. Johns, and K. Rieck, “Smart metering de-pseudonymization,” in Proceedings of the 27th Annual Computer Security Applications Conference, 2011, pp. 227–236.

  17. Smart Grid privacy via anonymization of smart metering data [Costas Efthymiou and Georgios Kalogridis, 2010] 17  Goal: preserving customers’ privacy while having access to metering data needed for billing and metering data needed for grid operation  For one specific customer, the data needed for billing should be attributable , while the data needed for grid operation should be non-attributable

  18. Data generated by a Smart Meter 18  ‘High-frequency’ metering data - meter readings that a smart meter transmits to the utility often enough (e.g. every few minutes) and may divulge information related with the private life of the user (e.g. usage patterns of specific electrical appliances) – non-attributable data

  19. Data generated by a Smart Meter 19  ‘High-frequency’ metering data - meter readings that a smart meter transmits to the utility often enough (e.g. every few minutes) and may divulge information related with the private life of the user (e.g. usage patterns of specific electrical appliances) – non-attributable data  ‘Low-frequency’ metering data - is transmitted to the utility scarcely enough (e.g. every week or month) and is used for account management or billing purposes – attributable data

  20. Smart Meter Identity 20  To handle the two types of data, each Smart Meter must have two separated embedded identities:

  21. Smart Meter Identity 21  To handle the two types of data, each Smart Meter must have two separated embedded identities:  HFID – High-Frequency ID – used when sending high- frequency metering data ( anonymous data )

  22. Smart Meter Identity 22  To handle the two types of data, each Smart Meter must have two separated embedded identities:  HFID – High-Frequency ID – used when sending high- frequency metering data (anonymous data)  LFID – Low-Frequency ID – used when sending low frequency metering data ( attributable data )

  23. Identities knowledge and data usage 23  Who knows the Smart Meter’s identities? Smart Meter 3rd party/Manufacturer Utility Company HFID Yes Yes No LFID Yes Yes Yes

  24. Identities knowledge and data usage 24  Who knows the Smart Meter’s identities? Smart Meter 3rd party/Manufacturer Utility Company HFID Yes Yes No LFID Yes Yes Yes  Who is allowed to store and/or use the metering data? Smart Meter 3rd party/Manufacturer Utility Company HF-Data Yes No Yes LF-Data Yes No Yes

  25. Data communication overview 25  ) 3 rd party escrow entity Source: C. Efthymiou and G. Kalogridis, “Smart grid privacy via anonymization of smart metering data,” in Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, 2010, pp. 238–243.

  26. Smart Meter ID profiles 26 PISM - Personal Identifiable SM profile   PISM Certificate (LFID, PISM Public Key, PISM CA information)  PISM Private Key Source: C. Efthymiou and G. Kalogridis, “Smart grid privacy via anonymization of smart metering data,” in Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, 2010, pp. 238–243.

  27. Smart Meter ID profiles 27 PISM - Personal Identifiable SM profile   PISM Certificate (LFID, PISM Public Key, PISM CA information)  PISM Private Key ANSM - Anonymous SM profile   ANSM Certificate (HFID, ANSM Public Key, ANSM CA information)  ANSM Private Key Source: C. Efthymiou and G. Kalogridis, “Smart grid privacy via anonymization of smart metering data,” in Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, 2010, pp. 238–243.

  28. Smart Meter ID profiles 28 PISM - Personal Identifiable SM profile   PISM Certificate (LFID, PISM Public Key, PISM CA information)  PISM Private Key ANSM - Anonymous SM profile   ANSM Certificate (HFID, ANSM Public Key, ANSM CA information)  ANSM Private Key PISM and ANSM profiles are hardcoded into the  Smart Meter and used to create the Client Data Profile (CDP) and the Anonymous Data Profile (ADP) Source: C. Efthymiou and G. Kalogridis, “Smart grid privacy via anonymization of smart metering data,” in Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on, 2010, pp. 238–243.

  29. What are Smart Meter CDP and ADP? 29  Are attached to each message which contains metering data information, send by the Smart Meter:  Each message containing Low-Frequency metering data has CDP (Client Data Profile ) attached to it  Each message containing High-Frequency metering data has ADP (Anonymous Data Profile)attached to it

  30. Client Data Profile (CDP) Setup 30  Is initiated by the Smart Meter or the Utility Company 1. CL- >U: CL. CLI 2. U- >AGG: CL. CLI + PI SM . CERT + U. CERT 3. AGG- >U: AGG. CERT 4. U- >PDNe t : AGG. CERT + PI SM . CERT + U. CERT 5. PDNe t - >U: PDN. CERT CDP = CLI + PI SM . CERT + AGG. CERT + U. CERT + PDN. CERT 6. U- >SM : CDP + U. c ode 7. SM - >U: CDP + S PI SM . PRI V ( CDP) SM - >U: CDP + Da t a . LF + S PI SM . PRI V ( CDP + Da t a . LF)

  31. Client Data Profile (CDP) Setup 31  Is initiated by the Smart Meter or the Utility Company  HFID – High-Frequency ID – used when sending high- frequency metering data (anonymous data)  LFID – Low-Frequency ID – used when sending low frequency metering data (attributable data)

Recommend


More recommend