Presentation is loading. Please wait.

Presentation is loading. Please wait.

Undergraduate programme in Computer sciences

Published byAugustine Gilbert Modified over 6 years ago

Similar presentations

Presentation on theme: "Undergraduate programme in Computer sciences"— Presentation transcript:

1 Undergraduate programme in Computer sciences
Security Engineering MSc in Computer Science EIT Master on Security and Privacy Lecture 02 – A Smart Metering Infrastructure Federica Paci

2 Paci-Labunets-Security Engineering
Lecture Outline General Introduction Motivation What is Smart Grid ? Description of the Scenario Environment Scenario Overview Security and Privacy Issues in Smart Grid Possible worst case scenarios Threat and Attack Analysis 12/11/2018 Paci-Labunets-Security Engineering

3 Undergraduate programme in Computer sciences
Motivation 70% of urban population will live in cities by 2050 Current energy supply affected by: Blackouts Power overloads High costs Upcoming challenges: Distributed power supply Regenerative sources in many places Scarcity of resources Intermittent power supply 12/11/2018 Paci-Labunets-Security Engineering

4 Paci-Labunets-Security Engineering
What is Smart Grid ? A smart grid is a modernized electrical grid that uses information and communications technology to gather and act on information, such as information about the behaviors of suppliers and consumers, in an automated fashion to improve the efficiency, reliability, economics, and sustainability of the production and distribution of electricity. ENERGY ICT SMART GRID 12/11/2018 Paci-Labunets-Security Engineering

5 Properties of the Smart Grid
Self-monitoring Auto-balancing Self-Regulating Efficient Cost reducing Those properties are necessary to cope with the requirements of future power supply Energy is flowing in both directions Amount of energy must be carefully controlled Incentives must be provided to consume / store energy only when production is high in real-time 12/11/2018 Paci-Labunets-Security Engineering

6 Paci-Labunets-Security Engineering
What is Smart Grid? 12/11/2018 Paci-Labunets-Security Engineering

7 Where is AMI in the Smart Grid?
12/11/2018 Paci-Labunets-Security Engineering

8 The scenario : private household
ABD SM DCN HAN TV HG TN NG BD Raw BD REMS ESS S&C BDF Solar 3P EMS PDD 12/11/2018 Paci-Labunets-Security Engineering

9 Paci-Labunets-Security Engineering
Entities (Roles) Energy Generators Prosumer & Home Domain Smart Appliances Smart Meter (Wireless) Home Area Network Home Gateway Home Energy Management System Energy Suppliers Data Communication Network Network Gateway Energy Supply Server Meter Point Operator 12/11/2018 Paci-Labunets-Security Engineering

10 Undergraduate programme in Computer sciences
Home Domain Smar Meter (SM) Records date related to energy consumption and production Transmits this data to the Energy Supplier Energy Management System (EMS) Web server Allows users to check energy consumption and production Allow users to set up policies to buy, sell or consume energy 12/11/2018 Paci-Labunets-Security Engineering

11 Paci-Labunets-Security Engineering
Home Domain Smart Appliances (SA) Devices that can be remotely controlled and monitored Home Gateway (HG) Device that connects to the Internet and SAs and SM Home Area Network (HAN) Wireless Network Connect SAs to EMS and EMS to HG 12/11/2018 Paci-Labunets-Security Engineering

12 Energy Supplier Domain
Data Communication Network (DCN) IP Network Two-way communication between NG and SM Network Gateway (NG) Connect HG with other Smart Grid components Energy Supply Server (ESS) Collects aggregated billing data 12/11/2018 Paci-Labunets-Security Engineering

13 Paci-Labunets-Security Engineering
Other domain Remote Device for Home Energy Management (REMS) Allow to remote access EMS Energy Generators (EG) Operate conventional or generative power plants Receive aggregated data from different households 12/11/2018 Paci-Labunets-Security Engineering

14 Data Flow Energy Generation („SA“) Data REMS: Remote device
for Control & Usage Display Energy ESS: Energy Supplier Server S&C 20°C SA: Thermostat SA: Smart Appliances S&C EMS: Control & Usage Display BDF SA: TV S&C Vehicle Charging („SA“) ABD Internet HG: Home Gateway SA Third Parties: Energy Generator etc PDD DCN BD HAN: Home Area Network NG: NW Gateway Solar ABD 12/11/2018 Paci-Labunets-Security Engineering Raw BD SM: Smart Meter TN: Transmission Node

15 Paci-Labunets-Security Engineering
Data Flow Raw BD (Raw Billing Data) All data related to energy consumption, storage and production Gathered by the SM BD (Billing Data) Processed and stored by the SM and the (local) EMS. ABD (Aggregated Billing Data) Sent to the NG over the public Data Communication Network and forwarded to the Energy Supplier DCN HAN TV HG TN NG ABD BD Raw BD REMS ESS S&C BDF Solar 3P EMS PDD SM PDD (data for power generation and distribution purposes) Aggregated by ES from ABD of several households Purpose: usage forecasts for certain sectors 12/11/2018 Paci-Labunets-Security Engineering

16 Paci-Labunets-Security Engineering
Data Flow BDF (Billing Data Feedback Information) Every ± 5 minutes Users are informed Energy usage, generation volume, costs, revenues, and current rates S&C (Status and Control) Local logon to the EMS View the smart appliances’ status Control of the smart appliances or modification of the energy management policies DCN HAN TV HG TN NG ABD BD Raw BD REMS ESS RS&C BDF Solar S&C 3P EMS PDD SM RS&C (Remote S&C) Remotely logon to the EMS Using e.g., a cellular phone or a remote PC From external hot spots (e.g., internet café) 12/11/2018 Paci-Labunets-Security Engineering

17 Smart Grid Security Issues
Data confidentiality How to make energy consumption information confidential? How to make forecast information of energy consumption confidential? Tamper resistance and non repudiation How to make sure that billing data and consumption data are not tampered and not repudiable? How to make sure that stored billing data and consumption data are not tampered and not repudiable? 12/11/2018 Paci-Labunets-Security Engineering

18 Smart Grid Security Issues
Availability How to ensure the availabilty of all Smart Grid components? What about if the Energy Supplier Server is target of DoS? What about if the Energy Management System is target of DoS? What about if the Smart Meter is target of DoS? 12/11/2018 Paci-Labunets-Security Engineering

19 Smart Grid Security Threat: An example
Energy theft Based on tampering energy consumption data Different ways to conduct this attack When the data are collected from the smart meter When they are stored in the smart meter When they are transmitted to the energy supplier server Possible attackers: Prosumer Organized Crime Insiders 12/11/2018 Paci-Labunets-Security Engineering

20 Smart Grid Privacy Issues
Privacy of prosumers How to ensure privacy of end users without relying on a trusted aggregator? How to ensure that consumption data are processed according to user consent? 12/11/2018 Paci-Labunets-Security Engineering

21 Smart Grid Privacy Threats: An Example
What fine-grained consumption data can reveal? Question Pattern Granularity Where you home during your sick leave? Yes: Power activities during the day No: Low power usage during the day Hour/Minute Did you leave your child home alone? Yes: Single Person Activity Pattern No: Simultaneous power events in distinct are of the hours Minute/Second Do you eat hot or cold breakfast? Hot: burst of power events in the mornings Cold: No power event matching hot breakfast appliances Second 12/11/2018 Paci-Labunets-Security Engineering

22 Paci-Labunets-Security Engineering
Assignments Identify threats External attackers Insiders which are either malicious or careless Employees, family members, neighbours, installers, manufacturers Identify security controls to provide First line of defence Defence in depth or redundancies Focus on network and application layers CORAS and SecRAM will “guide” you in the identification of threats and controls 12/11/2018 Paci-Labunets-Security Engineering

23 Paci-Labunets-Security Engineering
1: Family with children Which information could the attacker obtain? What can he deduce? How many persons live? Possible tracing? Combination of information useful for burglary or … ? Possible weak point Attacker: insider / outsider 12/11/2018 Paci-Labunets-Security Engineering

24 Paci-Labunets-Security Engineering
2: Smart Appliances Which appliances are “smart”? What kind of information (R/S&C) do they process? What are the appliances’ functionalities? Can a successful attack to an appliance lead to a compromise of the AMI? Attacker: insider / outsider 12/11/2018 Paci-Labunets-Security Engineering

25 Paci-Labunets-Security Engineering
3: Privacy Initial assumption: all communication is encrypted Possible to read / disclose / etc. information regardless of encryption? Time / Communication Parties / Message length etc., help disclose the payload data? Possible to misuse insider status (Prosumer / Energy Supplier)? Attacker: insider / outsider 12/11/2018 Paci-Labunets-Security Engineering

26 Possible impersonation
How to impersonate another customer for accounting fraud? Possible to impersonate a server? With which results? X Possible impersonation or interference Attacker: insider / outsider 12/11/2018 Paci-Labunets-Security Engineering

27 Paci-Labunets-Security Engineering
5: Encryption & Key mgmt Assumption: Communication is encrypted Possible to bypass the communication encryption? Possible to extract keys or to intercept key exchanges or key updates? Possible to exploit implementation weaknesses at the network / transport / application layer? Possible weak point Attacker: insider / outsider 12/11/2018 Paci-Labunets-Security Engineering

28 Undergraduate programme in Computer sciences
6: Electric Mobility Assumption: Electric vehicles share an unique vehicle ID Possible impersonation? Possible fraud? Possible tracing? Possible theft? uvID uvID 12/11/2018 Paci-Labunets-Security Engineering

29 Material on the Scenario
Slides from this lecture You can download it from esse3 Under the Slides folder A description of the scenario Under the Smart Grid folder Send to you via 12/11/2018 Paci-Labunets-Security Engineering

30 Paci-Labunets-Security Engineering
Suggested Readings NIST Smart Grid Conceptual Model NIST, Smart grid: A beginner's guide. beginnersguide.cfm. The Perils of Smart Metering Smart Metering – Ed Milliband’s Poisoned Chalice On the security economics of electricity metering Who controls the off switch? The Foundation for Information Policy Research 12/11/2018 Paci-Labunets-Security Engineering

31 Paci-Labunets-Security Engineering
Suggested Readings G. Wood and M. Newborough, Dynamic energy-consumption indicators for domestic appliances: environment, behaviour and design, 2003. E. Quinn, Privacy and the new energy infrastructure,2009. A. Molina-Markham, P. Shenoy, K. Fu, E. Cecchet, and D. Irwin, Private memoirs of a smart meter, 2010. P. McDaniel and S. McLaughlin, Security and privacy challenges in the smart grid, 2009. 12/11/2018 Paci-Labunets-Security Engineering

Download ppt "Undergraduate programme in Computer sciences"

Similar presentations

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.

Database Security Policies and Procedures and Implementation for the Disaster Management Communication System Presented By: Radostina Georgieva Master.
Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.

Impact of Smart Grid, ICT on Environment and Climate Change David Su Advanced Network Technologies National Institute of Standards and Technology ITU Symposium.
Introduction Build and impact metric data provided by the SGIG recipients convey the type and extent of technology deployment, as well as its effect on.

Introduction Build and impact metric data provided by the SGIG recipients convey the type and extent of technology deployment, as well as its effect on.
UCAIug HAN SRS v2.0 Summary August 12, 2010. 2 Scope of HAN SRS in the NIST conceptual model.

UCAIug HAN SRS v2.0 Summary August 12, Scope of HAN SRS in the NIST conceptual model.
David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.
Smart Grid, Data and Behaviour – Privacy and Security Issues - Potential for Secure Computation Lexpert Seminar December 9, 2013David Young, Partner.

Smart Grid, Data and Behaviour – Privacy and Security Issues - Potential for Secure Computation Lexpert Seminar December 9, 2013David Young, Partner.
Data trapped in billions of devices Devices often in hard-to-reach locations - basements. below ground, pad mounts Interference is increasing and poses.

Data trapped in billions of devices Devices often in hard-to-reach locations - basements. below ground, pad mounts Interference is increasing and poses.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp

Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Advanced Metering Infrastructure

Advanced Metering Infrastructure
Instituto de Investigaciones Eléctricas

Instituto de Investigaciones Eléctricas
Security Challenges for Customer Domain in the Smart Grid

Security Challenges for Customer Domain in the Smart Grid
Threat to Privacy A presentation on how ‘smart’ meters threaten both our privacy and our freedom to lead our lives as we choose. by David Sheldon.

Threat to Privacy A presentation on how ‘smart’ meters threaten both our privacy and our freedom to lead our lives as we choose. by David Sheldon.
Smart Grid Security Challenges Ahmad Alqasim 1. Agenda Problem Statement Power system vs. smart grid Background Information Focus Point Privacy Attack.

Smart Grid Security Challenges Ahmad Alqasim 1. Agenda Problem Statement Power system vs. smart grid Background Information Focus Point Privacy Attack.
SMART GRID The Next Generation Electric Grid Kunkerati Lublertlop 11/30/2011 Electrical Engineering Department Southern Taiwan University.

SMART GRID The Next Generation Electric Grid Kunkerati Lublertlop 11/30/2011 Electrical Engineering Department Southern Taiwan University.
CONFIDENTIAL 1. 2 Designing the Intelligent Energy Gateway 2009 CONFIDENTIAL.

CONFIDENTIAL 1. 2 Designing the Intelligent Energy Gateway 2009 CONFIDENTIAL.
An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.

An Overview of the Smart Grid David K. Owens Chair, AABE Legislative Issues and Public Policy Committee AABE Smart Grid Working Group Webinar September.
JEMMA: an open platform for a connected Smart Grid Gateway GRUPPO TELECOM ITALIA MAS2TERING Smart Grid Workshop Brussels, September 11 2015 Strategy &

JEMMA: an open platform for a connected Smart Grid Gateway GRUPPO TELECOM ITALIA MAS2TERING Smart Grid Workshop Brussels, September Strategy &
INFSO-RI-508833 Enabling Grids for E-sciencE www.eu-egee.org EGEE is a project funded by the European Union under contract INFSO-RI-508833 Grid Accounting.

INFSO-RI Enabling Grids for E-sciencE EGEE is a project funded by the European Union under contract INFSO-RI Grid Accounting.
Privacy Issues in Smart Grid R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.

Privacy Issues in Smart Grid R. Newman. Topics Defining anonymity Need for anonymity Defining privacy Threats to anonymity and privacy Mechanisms to provide.
Computer Security By Duncan Hall.

Computer Security By Duncan Hall.

Similar presentations

Ads by Google