Transcript Anonymity - Background

Privacy Issues in Smart Grid
R. Newman
Topics

Defining anonymity

Need for anonymity

Defining privacy

Threats to anonymity and privacy

Mechanisms to provide anonymity

Metrics for Anonymity

Applications of anonymity technology
Smart Grid


The electrical grid encompasses:

Electrical power generation

Electrical power distribution

Electrical power consumption
Originally




Generation plant produced power
Converted to high voltage AC for long distance
distribution
Converted to medium voltage AC for intermediate
distance distribution
Converted to low voltage AC to supply customers
Smart Grid

Now: Smart Grid

Multiple generation plants produce power
Must coordinate interconnected grid

Consumer power generation (solar power)

Consumer involvment in load manipulation
Incentives to reduce load at peak usage times

Power consumption monitoring for user control
Prices according to current and projected loads

All this requires reporting of power data
Smart Grid Threats


Consumer privacy

Usage may reveal lifestyle information

Usage may reveal occupation of home

Hence, need privacy!
Accurate data needed for utilities

Needed to project loads

Used for pricing – liars can game system!

Needed to coordinate interconnected grids

Innaccurate data can cause disruption!
Consumer Load Data

Loading patterns reveal usage

Usage reveals lifestyle, presence


Periodic loads = A/C, refridgerator, etc.

Load info can reveal appliance model!

Lighting, microwave use – show presence

Absence = attractive target for burglars
Hiding load information

Aggregate data

Use energy storage to balance load

Use energy generation to balance load
Load Balancing

Storage



Use batteries to increase load during low usage
periods (charge batteries)
Use batteries to decrease load during peak periods
(draw power from batteries)
Can use electric vehicle batteries for storage



Must take usage patterns into account
Desirable for economic reasons also
Generation


Use set points in PhotoVoltaic (solar) generation to
alter efficiency, hence output
Generator & batteries may be combined
Utility Sensor Information


Needed to assess current load & predict load

Pricing is based on predicted loads

Prices for energy consumption

Prices for energy generation (offer/bid)

Manipulation of data can cause economic losses

Need fair auction mechanisms
Sensor data needed for grid synchronization

Voltage

Frequency

Phase
Hiding Auction Information



Utility wants to pay lowest price

Pricing is based on predicted loads and bids

Protocol to offer rates, receive bids, then repeat

Must hold accepted bids as contracts
Suppliers want to get highest price

Information about other suppliers is valuable

If less supply, then can ask more for energy
Users want to preserve privacy

For safety and personal reasons

For economic reasons
Auction Model

Storage units



generate & store, buy low, sell high
Aggregator

Act as communication intermediary

Bidirectional
Utility company

Calculates loads and supply

Decides when to ask for more power

Decides how much to offer for power
Auction Model


Cryptographic Approach

Hide bids using crypto

Aggregate bid information

Utility obtains aggregate bids only
Initialization by trusted third party (TTP)

All parties supplied with public and private keys

All parties supplied with certificates
Auction Protocol


Utility sends power request to Aggregator

Offers prices per time slot for t slots

Bilinear pairing used for signature
Aggregator broadcasts request to suppliers

Validates freshness using timestamps

Verifies signature using utility public key

Suppliers offer bids

Aggregator combines bids

Utility assesses bids
Auction Protocol

Utility sends power request to Aggregator

Aggregator broadcasts request to suppliers

Suppliers offer bids

Amount of power offered per time slot

Zero if none available or prices is too low

Bids masked using one-time random shared key –
allows utilties to verify aggregate bids but not see
individual bids

Computes signature

Computes MAC
Auction Protocol

Utility sends power request to Aggregator

Aggregator broadcasts request to suppliers

Suppliers offer bids

Aggregator combines bids

Verifies signatures

Aggregates masked bids into masked aggreate bid

Aggregates signatures into aggregate signature

Aggregates MACs into aggregate MAC

Aggregation by summation


Care taken that there can be no overflow/carry
Auction Protocol

Utility sends power request to Aggregator

Aggregator broadcasts request to suppliers

Suppliers offer bids

Aggregator combines bids, sends to utility

Utility assesses bids

Verifies aggregate signature, MAC

Determines aggregated bid per slot
Take-away


Security receiving increasing attention in Smart
Grid operations
Conflicting needs between data resolution and
accuracy on one hand, and privacy on other

Mechanisms to hide load information

Mechanisms to allow grid synchronization

Mechanisms to support anonymous auctions and
other economic activities