Gaurav Lahoti University of Illinois at Urbana-Champaign, IL, USA Daisuke Mashima Wei-Peng Chen Fujitsu Laboratories of America Inc., USA Customer-centric.

Slides:



Advertisements
Similar presentations
Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.
Advertisements

I have a DREAM! (DiffeRentially privatE smArt Metering) Gergely Acs and Claude Castelluccia {gergely.acs, INRIA 2011.
Enhancing Demand Response Signal Verification in Automated Demand Response Systems Daisuke Mashima, Ulrich Herberg, and Wei-Peng Chen SEDN (Solutions for.
Ulrich Herberg(*), Daisuke Mashima, Jorjeta G. Jetcheva, and Sanam Mirzazad-Barijough Fujitsu Laboratories of America, Inc. (* Currently with Panasonic)
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Daisuke Mashima and Arnab Roy Fujitsu Laboratories of America, Inc. Privacy Preserving Disclosure of Authenticated Energy Usage Data.
MedVault: Ensuring Security and Privacy for Medical Data Mustaque Ahamad, Douglas Blough, Ling Liu, David Bauer, Apurva Mohan, Daisuke Mashima, Bhuvan.
Smart Grid, Data and Behaviour – Privacy and Security Issues - Potential for Secure Computation Lexpert Seminar December 9, 2013David Young, Partner.
Presentation Topics  ESPI / DMD deeper dive o Atom feeds o ESPI Usage schema o Ontario Guidelines  CMD Technical Overview o Protocols and underlying.
A Practical Smart Metering System Supporting Privacy Preserving Billing and Load Monitoring Hsiao-Ying Lin National Chiao Tung University Joint work with.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
File Management Systems
DYNAMIC ELEMENT RETRIEVAL IN A STRUCTURED ENVIRONMENT MAYURI UMRANIKAR.
Security Issues In Sensor Networks By Priya Palanivelu.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Keeping the Smart Grid Secure.  A smart grid delivers electricity from suppliers to consumers using digital technology to monitor (and optionally control)
Privacy and Integrity Preserving in Distributed Systems Presented for Ph.D. Qualifying Examination Fei Chen Michigan State University August 25 th, 2009.
DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
DSAC (Digital Signature Aggregation and Chaining) Digital Signature Aggregation & Chaining An approach to ensure integrity of outsourced databases.
SIA: Secure Information Aggregation in Sensor Networks Dhiman Barman Authors: Bartosz Przydateck, Dawn Song, and Adrian Perrig CMU SenSys 2003.
Pay As You Go – Associating Costs with Jini Leases By: Peer Hasselmeyer and Markus Schumacher Presented By: Nathan Balon.
EU Commission Task Force for Smart Grids Expert Group 3: Roles and Responsibilities of Actors involved in the Smart Grids Deployment Samia Benrachi-Maassam.
Smart Energy Roadmap Doug Lewin Executive Director, SPEER Presentation to AMWG May, 2015.
A Seminar on Securities In Cloud Computing Presented by Sanjib Kumar Raul Mtech(ICT) Roll-10IT61B09 IIT Kharagpur Under the supervision of Prof. Indranil.
Key Management Lifecycle. Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management.
Cong Wang1, Qian Wang1, Kui Ren1 and Wenjing Lou2
IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.
Masud Hasan Secue VS Hushmail Project 2.
Systems Integration Specialists Company, Inc. The Standards Based Integration Company © Copyright 2010 SISCO, Inc – 9 Meter Reading and Control.
Security Challenges for Customer Domain in the Smart Grid
1 Availability of Aggregated Customer Usage Information: An Overview of D California Public Utilities Commission Presentation before the California.
Threat to Privacy A presentation on how ‘smart’ meters threaten both our privacy and our freedom to lead our lives as we choose. by David Sheldon.
Smart Grid Security Challenges Ahmad Alqasim 1. Agenda Problem Statement Power system vs. smart grid Background Information Focus Point Privacy Attack.
Division of IT Convergence Engineering Optimal Demand-Side Energy Management Under Real-time Demand-Response Pricing Jin Xiao 1, Jae Yoon Chung 2, Jian.
Data Fusion & Multi-Sensors in Power Grids Rabinder N. Madan FIEEE Program Manager, Systems Theory Office of Naval Research.
Privacy of Home Energy Usage Data Jim Williams June 26, 2012 Jim Williams June 26, 2012.
Using Identity Credential Usage Logs to Detect Anomalous Service Accesses Daisuke Mashima Dr. Mustaque Ahamad College of Computing Georgia Institute of.
Authors: Yih-Chun Hu, Adrian Perrig, David B. Johnson
Supporting further and higher education The Akenti Authorisation System Alan Robiette, JISC Development Group.
SIA: Secure Information Aggregation in Sensor Networks B. Przydatek, D. Song, and A. Perrig. In Proc. of ACM SenSys 2003 Natalia Stakhanova cs610.
(c) Mitsubishi Electric Corp. 1 User Scenarios & Security Considerations in APPAGG part 2/ Nobuhiro Electric.
Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.
P2: Privacy-Preserving Communication and Precise Reward Architecture for V2G Networks in Smart Grid P2: Privacy-Preserving Communication and Precise Reward.
Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme
Human Tracking System Using DFP in Wireless Environment 3 rd - Review Batch-09 Project Guide Project Members Mrs.G.Sharmila V.Karunya ( ) AP/CSE.
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
Exploiting Cache-Timing in AES: Attacks and Countermeasures Ivo Pooters March 17, 2008 Seminar Information Security Technology.
Balancing Privacy, Security, and Access Presented by Chris Villarreal Minnesota Public Utilities Commission October 16, 2015.
Privacy of Customer Energy Usage Data: Protecting Consumers and Giving Them the Tools with which to Protect Themselves Aryeh B. Fishman Director, Regulatory.
Session 1 Module 1: Introduction to Data Integrity
Various Attacks on Cryptosystems slides (c) 2012 by Richard Newman.
Privacy Issues in Smart Grid R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.
Smart Grid Schneider Electric Javier Orellana
1 Routing security against Threat models CSCI 5931 Wireless & Sensor Networks CSCI 5931 Wireless & Sensor Networks Darshan Chipade.
Myongji University HMCL
Big Data Security Issues in Cloud Management. BDWG Big Data Working Group Researchers 1: Data analytics for security 2: Privacy preserving 3: Big data-scale.
Daisuke Mashima Fujitsu Laboratories of America, Inc. Sunnyvale, CA Copyright 2015 Fujitsu Laboratories of America Authenticated Down-sampling for Privacy-preserving.
Saverex Smart Home Automation and Control ….Changing the Nigerian Energy perception.
Data Integrity / Data Authentication. Definition Authentication (Signature) algorithm - A Verification algorithm - V Authentication key – k Verification.
Customer-centric Energy Usage Data Management for Balancing Tradeoff of Benefit and Privacy Daisuke Mashima, Ph.D. Fujitsu Laboratories of America (Sunnyvale,
A smart grid delivers electricity from suppliers to consumers using two-way digital technology to control appliances at consumers' homes to save energy,
System Control based Renewable Energy Resources in Smart Grid Consumer
© 2016 Global Market Insights, Inc. USA. All Rights Reserved Smart Grid Market to reach $70bn by 2024: Global Market Insights Inc.
Providing Secure Storage on the Internet
2018/7/28 GridMonitoring: Secured Sovereign Blockchain based Monitoring on Smart Grid Authors: Jian-Bin Gao, Kwame Omono Asamoah, Emmanuel Boateng Sifah,
2018/7/28 GridMonitoring: Secured Sovereign Blockchain Based Monitoring on Smart Grid Authors: Jianbin Gao, Kwame Omono Asamoah, Emmanuel Boateng Sifah,
ELEC-E Smart Grid Smart Meters and Security Issues
Presentation transcript:

Gaurav Lahoti University of Illinois at Urbana-Champaign, IL, USA Daisuke Mashima Wei-Peng Chen Fujitsu Laboratories of America Inc., USA Customer-centric Energy Usage Data Management and Sharing in Smart Grid Systems

Smart Grid – Consumer Domain Source: ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 2

Smart Grid – Green Button ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 3 Green Button allows customers to download their energy usage information from electricity supplier in an easy-to- understand standard XML format Source:

Power Usage Data - Services The power usage data being available to customers has opened venues for 3 rd party applications and specialized services Analyzing energy usage and provide actionable tips Measurement of energy-efficiency investments Demand-Response (DR) Aggregation It is an active area of research and new services are constantly emerging in the market ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 4

Privacy Risks Non-intrusive Appliance Load Monitoring (NALM) To infer information like devices used in the house, office timings, home presence pattern, usage time of specific devices, etc. Sample NALM Source: ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 5

Goals – Customer Centricity & Data Authenticity Customers Have full control over their energy usage data Should be able to govern sharing of the data with third parties Third Party Should be able to ensure that the data provided by a customer is the actual data as collected and has not been modified Utility Should be unaware of how the energy usage data is being used by the customer ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 6

Customer-centric Energy Data Utilization Signed Energy Usage Data Utility Repository Customer Third Party Redacted, Signed Energy Usage Data Data Sharing, Redaction Request Meter Reading Signed Energy Usage Data Customer Domain ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 7

Redactable Digital Signature Merkle Hash Tree ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 8 Signed by Utility Data replaced by a parent hash

Brute Force Attack - I Meter reading values have a limited small range with a small upper bound An attacker can generate a table, mapping all possible plain text values (i.e. energy usage data) to their hash values One table is enough for all the customers! Keyed Hash using a Per-Customer Key Allows for different hash values for different customers even when a meter reading value (or a series of values) are identical. The key is shared with the utility company and third party to construct hash tree and calculate the root hash ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 9

Key is per customer and it allows mapping of identical meter reading values to same hash values for one customer A malicious entity can construct a meter reading to hash table for each customer as the search space is small Random Initialization Vector (IV) and Counters Ensures that no two same data values of the same customer result in the same hash value One IV is generated for each data file IV is incremented by 1 for each data block Hash Function for the leaf nodes Brute Force Attack - II ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 10

Verifiable Redaction of Energy Usage Data Verifiable, Redactable Energy Usage Data based on Merkle Hash Tree ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 11

A brute-forcing adversary will have to loop through the range of estimated data values for each hidden value System is secure when a large number of contiguous data blocks are redacted Under typical DR use case, only a few hours of data per day is disclosed and rest is redacted Security Analysis Number of Redacted Data Blocks Estimated Search Space Range Number of Attempts Required 81000~ ~ 2 20 ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 12

0..* UsagePoint MeterReading ReadingType IntervalBlock LocalTime Parameters SignatureInformation ServiceCategory IntervalReading ReadingQuality IntervalHash * 1 ElectricPower UsageSummary ElectricPower QualitySummary 0..* ElectricPower UsageSummaryHash 0..* HashInformation Modified Green Button Information Model ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 13

Application for Demand-response Aggregation Service ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 14 1.Energy usage data is reported to utility by smart meters (e.g., every 15 min) 2.Data collected by utility is downloaded and stored on the trusted repository 3.DR event is announced 4.DR event is executed 5.Usage data is requested 6.Customer selects which data it wants to disclose and sends redacted data 7.Aggregator verifies the data and evaluates customer’s performance

Summary Customer-centric framework for energy usage data sharing Merkle hash tree based design for redactable, verifiable energy usage data Prototype implementation, extending Green Button data model Future work – Proposal for standardization in Green Button ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 15

Thank You Questions ? For any queries, contact: Gaurav Lahoti Daisuke Mashima ACM Smart Energy Grid Security (SEGS) Workshop 2013, Berlin, Germany 16