Elsevier

Computers & Security

Volume 73, March 2018, Pages 307-325
Computers & Security

MASKER: Masking for privacy-preserving aggregation in the smart grid ecosystem

https://doi.org/10.1016/j.cose.2017.11.008Get rights and content

Abstract

The introduction of information and communication technologies to the traditional energy grid offers advantages like efficiency, increased reliability, resilience and better control of demand-response, while on the other hand poses customers' privacy at risk. Aggregation of electricity consumption readings in intermediate nodes is needed for efficient network utilisation; however, by using information collected by a smart meter, an attacker can deduce whether a house is empty from its residents, which devices are being used, residents' habits and so on. Here, we propose a privacy-preserving aggregation protocol that obfuscates individual consumption readings, while at the same time allows their aggregation without loss of accuracy. The same protocol is easily extensible to support privacy-preserving customer billing as well. Our solution is lightweight and presents additive homomorphic properties based on standard and easy to implement cryptographic operations, while it does not require an always available trusted third party for its operation. Finally, we show that knowledge of the obfuscated values does not affect customer privacy, since they cannot reveal enough information for an attacker to infer real consumption values.

Introduction

The smart grid is the result of the modernisation of the existing energy grid in such a way that customers, as well as utilities, have the ability to monitor, control, and predict energy usage. To this end, the EU has plans to replace at least 80% of its electricity meters with smart ones by the year 2020 (European Commission, 2016). Moreover, according to a US report (T. E. foundation, 2014), the smart meter installations in the USA have reached 50 millions of devices as of July 2014.

The advantages of the smart grid in a large scale are national energy independence, emissions control, and global warming combat. In the grid operator/utility level it enables more granular definition of pricing policy, better capacity and usage planning, increased resilience and protection against cyber-physical attacks, while it provides more flexibility to energy markets. Regarding customers, the smart grid will enable them manage actively their energy usage, control energy bills, and be involved as renewable energy producers.

Despite the numerous benefits from its adoption, the smart grid comes with several security and privacy concerns. Customers need to frequently send their energy usage to the utility, something that exposes them to privacy invasions. Here, we study energy metering data aggregation and its privacy implications. An example of open energy metering data is the website bwired.nl, which presents, among many other things, real consumption data in real time since 2008. Since the website serves a different purpose (i.e., promoting Home Automation) than ours, a large amount of personal data are exposed and provided without any privacy protection. From there, residents habits can be easily tracked by analysing the relevant smart meter data (gas, water, and electric consumption). Using such metering data, it is possible to determine the number of people living in a household, when they are absent, the TV program they are watching (Greveler et al., 2012), even their religion or other habits based on profiling (Garcia and Jacobs, 2011). The aforementioned facts clearly support the opinion that fine-granular smart meter measurements constitute a serious privacy and security threat for energy consumers.

In order not to overwhelm utility servers with excessive traffic, the main approach followed by existing work is to use intermediate aggregators to locally aggregate consumption data for a geographic area before sending the result to the utility operator. An alternative approach is to group multiple messages together with a common protocol header before forwarding to the utility (Karimi et al., 2015). The comparison of the two approaches, based on simulations, has shown that the former reduced the total size of received messages on the utility side by 98.5% compared to the later (Shiobara et al., 2015). Thus, in our proposal we chose to follow the first approach.

In the past few years, several privacy-preserving billing and metering data aggregation schemes have been proposed. The main goal of these schemes is to transmit electricity measurements to utility providers in a secure manner. A privacy-preserving aggregation protocol is defined as follows:

Definition 1 (Privacy-preserving aggregation protocol)

In the context of smart grid, a privacy-preserving aggregation protocol is a protocol that provides in-network aggregation of end-user consumption data, while at the same time protecting the privacy of individual consumptions and the linkage of a house with a specific consumption.

Accordingly, the definition of an aggregation protocol as secure is as follows:

Definition 2 (Secure aggregation protocol)

An aggregation protocol is considered secure when it provides confidentiality, integrity, and non-repudiation of individual end-user consumption data.

Privacy-preserving aggregation approaches need to protect customers from third parties, that wish to gain access to their consumption data when these data are in transit or are being processed. Also, they need to protect energy consumers against intermediate aggregators, since the latter cannot always be considered trusted. We argue that, regarding the aforementioned definitions, a privacy-preserving aggregation protocol should also be secure, so that consumption data are not disclosed or modified by unauthorised parties. Such schemes have to meet several other requirements to be considered appropriate for supporting aggregation in the smart grid, like accuracy, scalability and efficiency. While a significant volume of work has been done on privacy-preserving aggregation for the smart grid, related schemes fail to satisfy all the necessary requirements, while in many cases they present drawbacks that make them inadequate for large scale deployment.

In this paper, we propose a privacy-preserving aggregation solution that responds to the aforementioned issues: (a) it preserves the privacy and security of energy consumers, and (b) it fulfils all requirements that are needed so as to be appropriate for the smart grid. Our proposal is a masking protocol where each smart meter shares a series of cryptographically generated pseudorandom values with the utility (in contrast to homomorphic-based, like Garcia and Jacobs, (2011) and Li et al. (2010), or asymmetric encryption-based solutions, like Bohli et al. (2010) and Efthymiou and Kalogridis (2010); an extensive comparison of our solution with related work is provided in Section 6). These values act as masks and are used to obfuscate the real consumption readings of the smart meter. This way, an intermediate aggregator can provide the utility with an aggregated consumption from several smart meters without actually knowing the masks or the real consumptions. Moreover, no special aggregator architecture is needed, thus, intermediate aggregators can be organised in an abstract way allowing for multiple levels of aggregation. Later on, the utility subtracts the used masks from the total sum received by the intermediate aggregators, with the result being the real combined consumption of all relevant smart meters. This way, the only entity that has access to a real consumption value is the smart meter itself. Our contribution is a secure and scalable solution that imposes low computation overhead, and is easily implementable. Based on the entropies of consumptions and masked readings, we prove that there is no information leakage during the operation of our protocol. The evaluation of our method provides also computation analysis, showing that it imposes low overhead, especially on smart meters which have limited hardware capabilities.

On the smart meter side, these sensitive information are protected by utilising a Trusted Execution Environment (TEE) for storing data and executing critical operations (similar to Paverd and Martin (2012)). Regarding the reliability of the TEE, it is a technology that is being used for more than a decade (Sabt et al., 2015). Moreover, it is used by large manufacturers like Nokia and Samsung, and as stated in Ekberg et al. (2014): “Almost every smartphone and tablet today contains a TEE like ARM TrustZone”. The cost of a System on Chip (SoC) that incorporates a TEE is low; for example, Artik 51 from Samsung costs under 60$. The security assurances provided by the TEE differ slightly depending on the implementation; one of the most common is ARM's TrustZone (our proposal is based on Open-TEE which follows TrustZone's specifications). According to these specifications, the main building blocks of the TEE include: secure boot, secure storage, isolated execution, and remote attestation. These mechanisms provide confidentiality and authenticity of the executed code and stored data, integrity of CPU registers, memory and sensitive I/O, and proofs of trustworthiness to third-parties (Sabt et al., 2015).

The rest of the paper is organised as follows. In Section 2, we present a reference architecture, the security model and requirements for privacy-preserving aggregation. We also present in more detail the motivation behind our work, based on the weaknesses we identified after studying existing work in the field. Next, Section 3 presents assumptions and the operation of our protocol; we also discuss issues related to its operation and how billing can be supported by our protocol. Section 4 demonstrates the evaluation of our proposal in terms of security and performance. Section 5 presents related work in the field of privacy-preserving aggregation, while Section 6 compares existing work with MASKER. Finally, Section 7 concludes the paper.

Section snippets

Architecture

In this paper, we focus on high frequency metering data (Efthymiou and Kalogridis, 2010) that are used for demand response. In such cases, the exact measurement from each smart meter is not necessary for the utility in order to perform the required actions (e.g. respond to electricity demand, load forecasting, and outage management); a collective sum from an area comprising a limited number of smart meters is enough. This makes it possible to protect the privacy of individual consumers, without

Our proposal: MASKER

In this section, we propose MASKER, a protocol that prevents leakage of private energy consumption data to non authorised parties, while meeting aggregation requirements. First, we analyse the security assumptions upon which the operation of our protocol is based. Then, we give operation details about MASKER, as well as explain how it can support billing.

Security

A well-known technique for masking data is random value perturbation (Agrawal and Srikant, 2000). This approach has also been applied in differential privacy models (Dwork and Roth, 2014), which provide mathematically rigorous definitions of privacy. However, it is important to notice that, in the random value perturbation-based approach, the aim is to preserve data privacy by adding random numbers. The closer the perturbed data are to the original, the less confidential that data set becomes.

Related work

In this section we analyse related work following the classification we defined in Section 2.4. Existing work in the field is extensive; thus, we selected a subset based on the following criteria to create a list that: (a) covers all categories, (b) includes the most highly cited works in each category, and (c) includes some more recent solutions. Following this procedure, we had to leave out works like the following, which are referenced here for the sake of completeness (Cho et al, 2014,

Comparative analysis of existing schemes with MASKER

We chose to present our proposal in the end, in order to be able to compare it with related work. The operation of MASKER has been presented in Section 3.2 in detail. Regarding the requirements presented in Section 2.3, our proposal meets all of them as shown in Fig. 3 and analysed below.

MASKER preserves consumer privacy while at the same time supporting intermediate aggregation. An indicative architecture is the one presented in Section 2.1, which assumes that there are intermediate entities

Conclusion

This paper presents a novel, lightweight privacy-preserving aggregation protocol for the smart grid that, compared to state-of-the-art, proves to be more efficient and fulfils all functional and security requirements. First, we presented a reference architecture and a security model for privacy-preserving aggregation, and studied related requirements specifically for the smart grid domain. Then, we proposed MASKER, a protocol based on masking that requires mainly arithmetic and a few

Acknowledgement

This research has been funded by the European Commission as part of the SMART-NRG project (FP7-PEOPLE-2013-IAPP Grant number 612294).

Georgios Karopoulos received a Diploma of Information and Communication Systems Engineer in 2003, an M.Sc. in Information and Communication Systems Security in 2005, and a Ph.D. in Computer Network Security in 2009, from the University of the Aegean, Greece. Currently, he is a Marie Curie fellow researcher at the department of Informatics and Telecommunications of the University of Athens, Greece. In the past, he was a postdoctoral researcher at IIT-CNR (Italy) in 2010–2011 and JRC (Italy) in

References (45)

  • R. Agrawal et al.

    Privacy-preserving data mining

    (2000)
  • ARM

    ARM security technology – Building a secure system using TrustZone technology

    (2009)
  • E. Barker

    Special publication 800-57 part 1 revision 4, recommendation for key management, part 1: General

    (2016)
  • E. Barker et al.

    NIST special publication 800-90A: Recommendation for random number generation using deterministic random bit generators

  • J.-M. Bohli et al.

    A privacy model for smart metering

    (2010)
  • S. Cho et al.

    Palda: Efficient privacy-preserving authentication for lossless data aggregation in smart grids

    (2014)
  • B. Defend et al.

    Implementation of privacy-friendly aggregation for the smart grid

    (2013)
  • F.F. Demertzis et al.

    Self-organised key management for the smart grid

    (2015)
  • C. Dwork et al.

    The algorithmic foundations of differential privacy

    Found Trends Theor Comput Sci

    (2014)
  • entsoe
  • C. Efthymiou et al.

    Smart grid privacy via anonymization of smart metering data

    (2010)
  • J.-E. Ekberg et al.

    The untapped potential of trusted execution environments on mobile devices

    IEEE Secur Priv

    (2014)
  • Z. Erkin et al.

    Private computation of spatial and temporal power consumption with smart meters

  • European Commission

    Smart grids and meters

  • S. Finster et al.

    Elderberry: A peer-to-peer, privacy-aware smart metering protocol

    (2013)
  • S. Finster et al.

    Privacy-aware smart metering: A survey

    IEEE Commun Surv Tutor

    (2015)
  • F.D. Garcia et al.

    Privacy-friendly energy-metering via homomorphic encryption

  • GlobalPlatform

    TEE System Architecture

  • U. Greveler et al.

    Multimedia content identification through smart meter power usage profiles

    (2012)
  • HeW. et al.

    PDA: Privacy-preserving data aggregation in wireless sensor networks

    (2007)
  • M. Jawurek et al.

    Smart metering de-pseudonymization

    (2011)
  • B. Karimi et al.

    Scalable meter data collection in smart grids through message concatenation

    IEEE Trans Smart Grid

    (2015)
  • Cited by (16)

    • Lightweight, Divide-and-Conquer privacy-preserving data aggregation in fog computing

      2021, Future Generation Computer Systems
      Citation Excerpt :

      Further, performing data aggregation at a cloud server/single aggregator [18,19] increases the computational burden on the cloud server/single aggregator, which results in high latency, degraded reliability, and scalability. Also, the use of a single aggregator may lead to Denial of Service (DoS) and a single point of failure risks [11–19]. CISCO’s researchers proposed a fog computing concept in 2012 as an alternative paradigm to solve the aforementioned issues found in many IoT applications [20].

    • Machine learning in the Internet of Things: Designed techniques for smart cities

      2019, Future Generation Computer Systems
      Citation Excerpt :

      Therefore, millions of subscribers send the energy consumption data on a daily basis to smart meters, which is prone to attacks due to the nature of wireless broadcast method [148]. In other words, the smart meters’ generated data can be leaked easily and the energy patterns of subscribers may be deduced, which raises the issue of subscribers’ privacy [149]. The privacy protection in smart grids is one of the leading research topics [150] and thereby several organizations, such as IEEE and the US National Institute of Standards and Technology, are developing better privacy solutions.

    • DFTMicroagg: a dual-level anonymization algorithm for smart grid data

      2022, International Journal of Information Security
    View all citing articles on Scopus

    Georgios Karopoulos received a Diploma of Information and Communication Systems Engineer in 2003, an M.Sc. in Information and Communication Systems Security in 2005, and a Ph.D. in Computer Network Security in 2009, from the University of the Aegean, Greece. Currently, he is a Marie Curie fellow researcher at the department of Informatics and Telecommunications of the University of Athens, Greece. In the past, he was a postdoctoral researcher at IIT-CNR (Italy) in 2010–2011 and JRC (Italy) in 2012–2014. His research interests are in the areas of network security, smart grid security and Critical Infrastructure protection.

    Christoforos Ntantogian received his B.Sc degree in Computer Science and Telecommunications in 2004 and his M.Sc degree in Computer Systems Technology in 2006 both from the Department of Informatics and Telecommunications of University of Athens. In 2009 he received his Ph.D. from the University of Athens (Department of Informatics and Telecommunications). Currently, he is an adjunct lecturer at the Department of Digital Systems of the University of Piraeus for the “Digital Systems Security” postgraduate programme. He has participated in numerous projects realized in the context of EU Programs. His research interests lie in the system and software security.

    Christos Xenakis received his B.Sc degree in computer science in 1993 and his M.Sc degree in telecommunication and computer networks in 1996, both from the Department of Informatics and Telecommunications, University of Athens, Greece. In 2004 he received his Ph.D. from the University of Athens (Department of Informatics and Telecommunications). Since 2007 he is a faculty member of the Department of Digital Systems of the University of Piraeus, Greece, where currently is an Associate Professor, a member of the Systems Security Laboratory and the director of the Postgraduate Degree Programme, on “Digital Systems Security”.

    View full text