security privacy in smart grid demand response systems
play

Security & Privacy in Smart Grid Demand Response Systems Andrew - PowerPoint PPT Presentation

Nov 10, 2023 •215 likes •500 views

Security & Privacy in Smart Grid Demand Response Systems Andrew Paverd Department of Computer Science University of Oxford Supervisors: Andrew Martin (Department of Computer Science) Ian Brown (Oxford Internet Institute) Objectives

  1. Security & Privacy in Smart Grid Demand Response Systems Andrew Paverd Department of Computer Science University of Oxford Supervisors: Andrew Martin (Department of Computer Science) Ian Brown (Oxford Internet Institute)

  2. Objectives  Highlight security and privacy issues Different from smart metering –  Build on existing research Work by M. Karwe and J. Strüker (SmartGridSec 2012) –  Encourage further research

  3. Overview What are the main security and privacy challenges in demand response systems? Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  4. Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  5. Demand Response (DR) Dynamically reducing energy demand at specific times and in specific locations… Price-based Incentive-based • Time of use (ToU) pricing • Consumers bid to reduce or shift demand • Critical peak pricing • Financial incentives • Dynamic pricing • Bidding protocol (bidding • In-home display or energy agents and manager) management system

  6. Incentive-Based DR

  7. OpenADR 2.0  Communication data model for DR systems Enables price-based and/or incentive-based DR –  XML data over IP network – Medium independent (wireless, power line communication etc.) HTTP, SOAP and XMPP –  Hierarchical structure Virtual top node (VTN) and virtual end nodes (VEN) –  Demand Response Automation Server (DRAS) Automate communication between entities –

  8. OpenADR 2.0 Source: OpenADR Alliance: The OpenADR Primer (2012)

  9. OpenADR 2.0

  10. Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  11. Security Goals Primary security objective: Only legitimate entities participate in the DR protocol Security Goal 1 Consumers must be able to verify the authenticity and integrity of all DR events. Security Goal 2 The DR manager must be able to verify the authenticity and integrity of all DR bids.

  12. Privacy Goals * Based on work by M. Karwe and J. Strüker Primary privacy goal: Protect the privacy of individual consumers Privacy Goal 1 Untrusted entities must not be able to link DR bids to individual consumers. Privacy Goal 2 Untrusted entities must not be able to infer private information about individual consumers from the DR system.

  13. Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  14. Adversary Models * Based on AMI security & privacy research  Dolev-Yao (D-Y) Strongest possible adversary – Passive: eavesdrop or intercept messages – Active: block, modify, replay or synthesize messages – – Cannot break cryptographic primitives  Honest-But-Curious (HBC) More limited than D-Y adversary – – Always follows protocol Cannot break cryptographic primitives – Attempts to learn/infer/deduce sensitive information –

  15. Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  16. Adversary Model for OpenADR Source: OpenADR Alliance: The OpenADR Primer (2012)

  17. Adversary Model for OpenADR Adapted from: OpenADR Alliance: The OpenADR Primer (2012)

  18. External D-Y Adversary Goal Potential attack Mitigation S-1 Modify messages TLS (integrity) S-2 (e.g. change bid amount) S-1 Falsify messages TLS (mutual authentication) S-2 (e.g. falsify bids) P-1 Eavesdrop on messages to learn TLS (confidentiality) P-2 private information P-1 Traffic analysis Dummy traffic (permitted by P-2 (e.g. measure encrypted traffic) specification)  Specification satisfies all security and privacy goals ● * Assuming no compromised keys

  19. Consumer as a D-Y Adversary Goal Potential attack Mitigation S-2 Falsify messages Detected by service provider (e.g. falsify bids) (TLS mutual authentication makes consumer uniquely identifiable) S-2 Masquerade as other consumers TLS mutual authentication makes consumer uniquely identifiable  Specification satisfies all security goals ● * Assuming no compromised keys  Privacy goals as before

  20. DRAS as an HBC Adversary Goal Potential attack Mitigated using P-1 Link bids to individual consumers End-to-end encryption between consumer and utility (Karwe & Strüker) P-2 Infer private information from the End-to-end encryption received bids between consumer and utility (Karwe & Strüker)  Security goals not applicable (HBC adversary)  Privacy goals not satisfied by OpenADR specification Require additional mechanisms –

  21. Utility/Supplier as an HBC Adversary Goal Potential attack Mitigated using P-1 Link bids to individual consumers ? P-2 Infer private information from the ? received bids  Privacy goals not satisfied by OpenADR specification Require further research –  Conflict between privacy and security goals TLS mutual authentication allows utility to detect masquerading but – ensures that utility will be able to link bids to consumers

  22. Adversary Model for OpenADR Adapted from: OpenADR Alliance: The OpenADR Primer (2012)

  23. Demand Response Systems Security & Privacy Goals Adversary Models Analysis of OpenADR Proposed Solution

  24. Trustworthy Remote Entity (TRE)  Trusted third-party Intermediary between consumers and external entities – Information processing (aggregation, perturbation, etc.) –  Utilizing Trusted Computing Secure/measured boot – Remote attestation of system state – Minimal trusted computing base – Isolated execution environment –  Multiple TREs in the grid Multiple redundancy – Load balancing –

  25. Proposed Architecture

  26. Conclusions  DR is an important aspect of the future smart grid  Specific DR security and privacy goals In addition to smart metering goals –  Various adversary models  Multiple sources of threats Must be addressed before wide-scale deployment –  Proposed solution Opportunities for further research –

  27. Security & Privacy in Smart Grid Demand Response Systems Andrew Paverd Department of Computer Science University of Oxford Supervisors: Andrew Martin (Department of Computer Science) Ian Brown (Oxford Internet Institute)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Security and Privacy Challenges in the Smart Grid Patrick McDaniel and Stephen McLaughlin CS 598

Security and Privacy Challenges in the Smart Grid Patrick McDaniel and Stephen McLaughlin CS 598

Security and Privacy Challenges in the Smart Grid Patrick McDaniel and Stephen McLaughlin CS 598 AB Fall 2016 October 20 Presented by: Simon Kim 1 The Smart Grid 2 The Smart Grid Modernization of the existing electrical system A

546 views • 15 slides
Security and Privacy in the Smart Energy Grid Martin Erich Jobst Chair for Network Architectures

Security and Privacy in the Smart Energy Grid Martin Erich Jobst Chair for Network Architectures

Security and Privacy in the Smart Energy Grid Martin Erich Jobst Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen July 01, 2013 Martin Erich Jobst: Security and Privacy in the

774 views • 53 slides
Privacy-friendly Forecasting for the Smart Grid using Homomorphic Encryption J. Bos 1 , W.

Privacy-friendly Forecasting for the Smart Grid using Homomorphic Encryption J. Bos 1 , W.

Privacy-friendly Forecasting for the Smart Grid using Homomorphic Encryption J. Bos 1 , W. Castryck 2 , 3 , I. Iliashenko 2 and F . Vercauteren 2 , 4 1 NXP Semiconductors 2 COSIC, KU Leuven and imec 3 Universit de Lille-1 4 Open Security Research

853 views • 72 slides
Paper Presentation 2 - Privacy in the smart grid 2014-04-08 by Anders Nordin

Paper Presentation 2 - Privacy in the smart grid 2014-04-08 by Anders Nordin

Paper Presentation 2 - Privacy in the smart grid 2014-04-08 by Anders Nordin http://www.eon.se/100koll Content Part 1: Smart Grid Privacy via Part 3: Smart metering de- Anonymization of Smart pseudonymization Metering Data

642 views • 16 slides
CPS: Market Analysis of Attacks Against Demand Response in the Smart Grid Carlos Barreto,

CPS: Market Analysis of Attacks Against Demand Response in the Smart Grid Carlos Barreto,

CPS: Market Analysis of Attacks Against Demand Response in the Smart Grid Carlos Barreto, carlos.barretosuarez@utdallas.edu Alvaro A. Cardenas, alvaro.cardenas@utdallas.edu Nicanor Quijano, nquijano@uniandes.edu.co Eduardo Mojica,

330 views • 20 slides
Smart Grid Customer Privacy TCIPG Consumer Acceptance of Smart Grid October 31 , 2012 Kevin B.

Smart Grid Customer Privacy TCIPG Consumer Acceptance of Smart Grid October 31 , 2012 Kevin B.

Smart Grid Customer Privacy TCIPG Consumer Acceptance of Smart Grid October 31 , 2012 Kevin B. Jones, PhD Associate Director and Senior Fellow for Energy Technology & Policy Institute for Energy and the Environment Vermont Law School

274 views • 15 slides
Power Grid Impacts Resulting From Unintentional Demand Response J EFF D AGLE , PE Chief

Power Grid Impacts Resulting From Unintentional Demand Response J EFF D AGLE , PE Chief

Power Grid Impacts Resulting From Unintentional Demand Response J EFF D AGLE , PE Chief Electrical Engineer, Advanced Power Systems Pacific Northwest National Laboratory TCIPG Seminar Series on Technologies for a Resilient Power Grid February

680 views • 30 slides
Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but

Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but

Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but Through Active Customer it does include Participation in Wholesale Electricity Interval meters Markets Storage and load flexibility

465 views • 15 slides
GRID PHD GRID, PHD The Smart Grid Cyber Security and the Future of Keeping the Lights On The

GRID PHD GRID, PHD The Smart Grid Cyber Security and the Future of Keeping the Lights On The

GRID PHD GRID, PHD The Smart Grid Cyber Security and the Future of Keeping the Lights On The Smart Grid, Cyber Security, and the Future of Keeping the Lights On Kelly Ziegler Chi f O Chief Operating Officer ti Offi National Board of

1.01k views • 48 slides
Cyber-Physical Security for the Smart Grid Deepa Kundur Texas A&M University (Joint work

Cyber-Physical Security for the Smart Grid Deepa Kundur Texas A&M University (Joint work

Cyber-Physical Security for the Smart Grid Deepa Kundur Texas A&M University (Joint work with Shan Liu, Takis Zourntos and Karen Butler-Purry) CYBER SECURITY POWER SYSTEMS DYNAMICAL SYSTEMS 2 A Smarter Grid MARRIAGE OF INFORMATION

1.86k views • 46 slides
Privacy-Enhanced Bi-Directional Communication in the Smart Grid using Trusted Computing Andrew

Privacy-Enhanced Bi-Directional Communication in the Smart Grid using Trusted Computing Andrew

Privacy-Enhanced Bi-Directional Communication in the Smart Grid using Trusted Computing Andrew Paverd, Andrew Martin, Ian Brown University of Oxford https://www.cs.ox.ac.uk/people/andrew.paverd/tre Smart Grid Architecture NIST Model Smart

538 views • 27 slides
Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B.

5/18/2016 Security and Privacy 12A. Operating Systems Security Operating Systems Principles 12B. Authentication 12C. Authorization Security and Privacy 12D. Trust 12E. At-Rest Encryption Mark Kampe (markk@cs.ucla.edu) Security and Privacy

116 views • 8 slides
On Privacy in Smart Metering Systems with Periodically Time-Varying Input Distribution Yu Liu a ,

On Privacy in Smart Metering Systems with Periodically Time-Varying Input Distribution Yu Liu a ,

On Privacy in Smart Metering Systems with Periodically Time-Varying Input Distribution Yu Liu a , Ashish Khisti a , Aditya Mahajan b GlobalSIP Symposium on Privacy and Security 14 Nov, 2017 a University of Toronto b McGill University Smart-meter

665 views • 40 slides
Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of

Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of

Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of Melbourne Smart Grid Cyber Security The smart power grid is transforming towards a large cyber- physical system. The increased reliance of

397 views • 22 slides
SECURITY IN THE SMART GRID R E B E C C A VA N DY K E MY BACKGROUND Masters student in ECE

SECURITY IN THE SMART GRID R E B E C C A VA N DY K E MY BACKGROUND Masters student in ECE

SECURITY IN THE SMART GRID R E B E C C A VA N DY K E MY BACKGROUND Masters student in ECE department with focus in Communication Systems BS in Electrical and Computer Engineering with a minor in Computer Science Completed two

125 views • 12 slides
NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of Standards and Technology U.S. Department of Commerce 11 January 2010 Why Do We Need Smart Grids? Fundamental Drivers Smart Grid goals Reduce

711 views • 34 slides
Virtualization CERN openlab II quarterly review 20 September 2006 Hvard Bjerke Community,

Virtualization CERN openlab II quarterly review 20 September 2006 Hvard Bjerke Community,

Virtualization CERN openlab II quarterly review 20 September 2006 Hvard Bjerke Community, tracking Visit to USENIX, Argonne National Labs Testing Xen paravirtualization and VT extensions new machines Montecito / VT-i Dempsey /

422 views • 6 slides
Political Risk Analysis with Chinese Characteristics T H E C U R I O U S C A S E O F C H I N A

Political Risk Analysis with Chinese Characteristics T H E C U R I O U S C A S E O F C H I N A

Political Risk Analysis with Chinese Characteristics T H E C U R I O U S C A S E O F C H I N A - V E N E Z U E L A R E L A T I O N S Introduction Topic: China, Political Risk, Venezuela What is Political Risk? China, Stability and

439 views • 8 slides
netfilter/iptables training Nov 05/06/07, 2007 Day 1 by Harald Welte

netfilter/iptables training Nov 05/06/07, 2007 Day 1 by Harald Welte

netfilter/iptables training Nov 05/06/07, 2007 Day 1 by Harald Welte <laforge@netfilter.org> 1 netfilter/iptables tutorial Contents Day 1 Introduction Highly Scalable Linux Network Stack Netfilter Hooks Packet selection based on IP

342 views • 20 slides
Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a

Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a

Congestion? What Congestion? Mark Handley Is there a problem to be solved? TCP has done a pretty good job since 1988 of matching offered load to available capacity and avoiding congestion collapse. Doesnt need any support from the

194 views • 17 slides
CHOICE NAVIGATION ASSESSMENT FOR MASS CUSTOMIZATION CONFIGURATION WORKSHOP VIENNA 2013 BY/

CHOICE NAVIGATION ASSESSMENT FOR MASS CUSTOMIZATION CONFIGURATION WORKSHOP VIENNA 2013 BY/

CHOICE NAVIGATION ASSESSMENT FOR MASS CUSTOMIZATION CONFIGURATION WORKSHOP VIENNA 2013 BY/ KJELD NIELSEN Agenda 1. Intro 2. Choice Navigation and Configuration 3. Metrics and KPI 4. Conclusions and further research C H O I C E N A V I G A

442 views • 19 slides
ProdProc - Product and Production Process Modeling and Con fi guration Dario Campagna and Andrea

ProdProc - Product and Production Process Modeling and Con fi guration Dario Campagna and Andrea

ProdProc - Product and Production Process Modeling and Con fi guration Dario Campagna and Andrea Formisano Dept. of Mathematics and Computer Science, University of Perugia, Italy Overview Why product and process con fi guration? The

401 views • 13 slides
IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS

IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS

IDENTIFY THE VALUE IN AN ENTERPRISE-WIDE DEPLOYMENT OF ADDITIVE MANUFACTURING PROCESS INDUSTRIES Chris Krampitz, P.E. Stratasys Consulting Principal Consultant - Americas 1 OBJECTIVES Identify industry challenges addressed by Additive

605 views • 31 slides
BIG DATA: Revolutionizing construction business through socmed data mining REVOLUTIONIZING

BIG DATA: Revolutionizing construction business through socmed data mining REVOLUTIONIZING

BIG DATA: Revolutionizing construction business through socmed data mining REVOLUTIONIZING CONSTRUCTION BUSINESS THROUGH SOCMED DATA MINING 01 02 03 Socmed Data The Big Data The Big Data Mining Concept Adoption DATA THE BIG DATA

656 views • 29 slides

More recommend