Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Dresden, 22/05/2014 Felipe de Sousa Silva Simmhan, Kumnhare,

Published byRosalind Glenn Modified over 8 years ago

Similar presentations

Presentation on theme: "An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Dresden, 22/05/2014 Felipe de Sousa Silva Simmhan, Kumnhare,"— Presentation transcript:

1 An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Dresden, 22/05/2014 Felipe de Sousa Silva Simmhan, Kumnhare, Cao and Prasanna

2 Outline Introduction Analysis of User Characteristics Consumes Smart Grid Utility Third Party Providers Analysis of Data Characteristics Diversity of Data Sources Data Size and Temporal Granularities Data Aggregation and Transformation Data Access and Disseminations… Analysis of Application Characteristics 2

3 Introduction Smart Grids are reality in the Real world; Electric utilities are migrating to Power Grids that use large scale smart meter deployments at power consumers; This enables utilities to monitor electricity usage as it occurs and provide feedback to consumers; Once that Smart Grids are online they are also targets for cyber attacks; This paper is based on Los Angeles Smart Grid: Support over 1.4 million electrical customers Data on the order of terabytes potentially processed daily Dynamic system with peak operation occurring during the day and information processing needs slowing down at night. 3

4 Analysis of User Characteristics There are three major participants in the Smart Grid ecosystem Consumers Utilities Third Party Service Providers (TPSP) Each participant has your own requirements of privacy and security; Discuss how these stakeholders interact with the Smart Grid software architecture deployed on Clouds; 4

5 Analysis of User Characteristics Consumers Residential May provide limited access to utilities to directly control their appliances and voluntarily reduce their power usage when notified of real-time pricing or other incentives by the utility Commercial They are willing to pay more than the residential consumers for power quality guarantees They also have significant power requirements Industrial Similar to Commercial but in large scale. Security and privacy are much more critical 5

6 Analysis of User Characteristics Consumers Consumers may share additional information with the utility which can be integrated with the usage data for generating better forecast models; Residential Appliances Temperature Social Network Activity Industrial and Commercial Inform the utilities in advance about peak times … however disclosure of such information to attackers can potentially reveal critical information; 6

7 Analysis of User Characteristics Smart Grid Utility Utilities are central to the Smart Grid ecosystem and have several responsibilities; Generation Transmission Distribution Maintaining customer satisfaction Complying with regulatory norms The utilities use the Cloud infrastructure to store and process large quantities of data collected from Smart meters; Once that utilities has all the data this can raises regulatory compliance and privacy issues; 7

8 Analysis of User Characteristics Third Party Service Providers We envision a Smart Grid ecosystem where various other applications deployed by TPSP can offering a range of value added services to the consumers; … however, regulatory norms may restrict Smart Grid data to flow out of the utility infrastructure; An solution for that is create a sandboxed environment where the TPSP can deploy your applications inside the utilities infrastructure; The TPSP may not agree with this solution because can potentially expose various proprietary algorithms as well as intellectual property; 8

9 Analysis of User Characteristics 9 User roles and their security/privacy concerns in a Smart Grid

10 Analysis of Data Characteristics Diversity of Data Sources The intelligence and adaptiveness depends on the ability to acquire and integrate diverse information that help perform accurate load forecasting; Direct sources: Consumer smart meters Smart appliances data Sensors at transformers and distribution stations Customer information systems Indirect sources: Historical Forecast weather Social network 10

11 Analysis of Data Characteristics Diversity of Data Sources Cloud platforms need to support secure data acquisition from different information sources; Once that we are dealing with multiple sources of date we have to ensure the security of the data following policies defined by the data owners; 11

12 Analysis of Data Characteristics Data Size and Temporal Granularities Smart Grid utilities need to handle data at extreme scales of data size; Systems can report fine-grained usage of smart appliances, on the order of bytes/kilobytes; … this data accumulated from millions of consumers over years can grow to petabytes We need a technology that can handler with small and big amounts of data and should be scalable 12

13 Analysis of Data Characteristics Data Size and Temporal Granularities More than that, the varying granularities of data sizes and their time sensitiveness poses a challenge in enforcing security and privacy policies in a Cloud 13

14 Analysis of Data Characteristics Data Aggregation and Transformation Information collected by the utilities from different sources needs to be processed and aggregated to provide various services to the consumer; Some times your need to combine data in differents formats ( Legacy ); Aggregating data from multiple owners gives rise to a range privacy concerns; Integrating such legacy data with Smart Grid data hosted on Clouds poses challenges both in terms of conversion to appropriate data format and enforcing access control mechanism to ensure privacy 14

15 Analysis of Data Characteristics Data Access and Dissemination Access control policies should support granular access at levels ranging from individual raw streams to large historical data archives ; It is necessary to support mechanisms to allow consumers to specify and update access policies; Access policies may depend on dynamically changing external information. There is a trade-off between maintaining consistent access policies for each consumer, and the resource costs for updating the access control list frequently 15

16 Analysis of Data Characteristics Data Access and Dissemination Data collected for one purpose may be used by a number of future and unintended applications; For example, GPS data from an individual’s PEV can used to predict its charging schedule and hence can be used for load fore- casting; … however, the same information can also be used to mine user’s travel pattern which can be integrated with information about other social activities and hence monitor a user’s actions 16

17 Analysis of Data Characteristics Data Storage and Regulatory Compliance Information acquired and integrated by the power utility needs to be preserved over long time periods; This data is necessary both for the utility operations, as well as for complying with regulations and legal requirements; The longer duration of data preservation means some of the security codes and privacy policies will have to evolve over time as user’s perception of privacy changes and the computational ability to break cryptographic algorithms increases; 17

18 Analysis of Data Characteristics 18

19 Analysis of Application Characteristics Application Services Applications include demand forecast services for utilities, consumer usage analysis sites and mobile apps, home and building power management software, and information aggregation and sharing services Data shared between these applications need to be secured and their privacy preserved; Utilities may provide services and application platforms on public and private Cloud platforms that offer a secure sandbox 19

20 Analysis of Application Characteristics Application Access Smart Grid applications can be designed to be accessed as local executable, mobile applications and online web- sites and Web services; Applications may also be shared as a virtual machine (VM) image that can be instantiated for a Cloud IaaS; These approaches provide different mechanisms for securely accessing the applications and ensuring data privacy; 20

21 Analysis of Application Characteristics Legacy and Emerging Applications Utilities that are moving to Smart Grids often have legacy systems for meter data and customer information management in place; Moving to a Smart Grid software architecture will, in practice, necessitate co-existence of legacy and emerging applications since not all Smart Grid utilities can re-architect their entire system; In such cases, a security and privacy framework will have to be compatible with both new and existing applications; This challenge can be mitigated by migrating legacy applications to VMs with identical configuration as the legacy system and running both the new and old software stack on Cloud infrastructure; 21

22 Conclusions We classify various factors and user roles that contribute to Cloud security and privacy; We organize known security concerns in Clouds from a Smart Grid application, and identify several unique privacy and regulatory issues that pose a challenge for further research; We expect this article to guide both researchers and developers in building secure and privacy-reserving Smart Grid applications; 22

23 Questions ? 23

24 References An analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6008758 24

25 25 Thank You !

Download ppt "An Analysis of Security and Privacy Issues in Smart Grid Software Architectures on Clouds Dresden, 22/05/2014 Felipe de Sousa Silva Simmhan, Kumnhare,"

Similar presentations

Managing Hardware and Software Assets

Managing Hardware and Software Assets
Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab
World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI 2010. All rights reserved ETSI Smart Grid workshop, June 14th 2010.

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI All rights reserved ETSI Smart Grid workshop, June 14th 2010.
IT Industry & Cloud Computing. Trends ‘2011- The year of high salaries and immense job opportunities for IT job seekers’ (Source – Blog.Timesjobs.com)

IT Industry & Cloud Computing. Trends ‘2011- The year of high salaries and immense job opportunities for IT job seekers’ (Source – Blog.Timesjobs.com)
AMI & Grid Data Analytics & Analysis Management Platform Page  1 What does this platform offer? Our tool is a next generation grid management software.

AMI & Grid Data Analytics & Analysis Management Platform Page  1 What does this platform offer? Our tool is a next generation grid management software.
Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.

Chapter 22: Cloud Computing and Related Security Issues Guide to Computer Network Security.
Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.

Clouds C. Vuerli Contributed by Zsolt Nemeth. As it started.
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Cloud Testing – Guidelines and Approach. Agenda Understanding “The Cloud”? Why move to Cloud? Testing Philosophy Challenges Guidelines to select a Cloud.

Cloud Testing – Guidelines and Approach. Agenda Understanding “The Cloud”? Why move to Cloud? Testing Philosophy Challenges Guidelines to select a Cloud.
CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.

CLOUD COMPUTING AN OVERVIEW & QUALITY OF SERVICE Hamzeh Khazaei University of Manitoba Department of Computer Science Jan 28, 2010.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.

Virtual Machine approach to Security Gautam Prasad and Sudeep Pradhan 10/05/2010 CS 239 UCLA.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
Advanced Metering Infrastructure

Advanced Metering Infrastructure
Discussion on LI for Mobile Clouds

Discussion on LI for Mobile Clouds
Plan Introduction What is Cloud Computing?

Plan Introduction What is Cloud Computing?
Smart Cities & Smart Utility

Smart Cities & Smart Utility
Introduction to Cloud Computing

Introduction to Cloud Computing
IOT5_20110013GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.
Copyright 2009 Trend Micro Inc. OfficeScan 10.5 VDI-aware endpoint security.

Copyright 2009 Trend Micro Inc. OfficeScan 10.5 VDI-aware endpoint security.

Similar presentations

Ads by Google