Kemal Akkaya

A Survey on Smart Grid Cyber-Physical System Testbeds

An increasing interest is emerging on the development of smart grid cyber-physical system testbeds. As new communication and information technologies emerge, innovative cyber-physical system testbeds need to leverage realistic and scalable platforms. Indeed, the interdisciplinary structure of the smart grid concept compels heterogeneous testbeds with different capabilities. There is a significant need to evaluate new concepts and vulnerabilities as opposed to counting on solely simulation studies especially using hardware-in-the-loop test platforms. In this paper, we present a comprehensive survey on cyber-physical smart grid testbeds aiming to provide a taxonomy and insightful guidelines for the development as well as to identify the key features and design decisions while developing future smart grid testbeds. First, this survey provides a four step taxonomy based on smart grid domains, research goals, test platforms, and communication infrastructure. Then, we introduce an overview with a detailed discussion and an evaluation on existing testbeds from the literature. Finally, we conclude this paper with a look on future trends and developments in cyber-physical smart grid testbed research.

Self-deployment of mobile underwater acoustic sensor networks for maximized coverage and guaranteed connectivity

Self-deployment of sensors with maximized coverage in Underwater Acoustic Sensor Networks (UWASNs) is challenging due to difficulty of access to 3-D underwater environments. The problem is further compounded if the connectivity of the final network is desired. One possible approach to this problem is to drop the sensors on the water surface and then move them to certain depths in the water to maximize the 3-D coverage while maintaining the initial connectivity. In this paper, we propose a fully distributed node deployment scheme for UWASNs which only requires random dropping of sensors on the water surface. The idea is based on determining the connected dominating set (CDS) of the initial network on the surface and then adjust the depths of all neighbors of a particular dominator node (i.e., the backbone of the network) for minimizing the coverage overlaps among them while still keeping the connectivity with the dominator. The process starts with a leader node and spans all the dominators in the network for repositioning them. In addition to depth adjustment, we studied the effects of possible topology alterations due to water mobility caused by several factors such as waves, winds, currents, vortices or random surface effects, on network coverage and connectivity performance. On the one hand the mobility of nodes may help the topology to get stretched in 2-D, which helps to maximize the coverage in 3-D. On the other hand the mobility may cause the network to get partitioned where some of the nodes are disconnected from the rest of the topology. We investigated the best node deployment time where 2-D coverage is maximized and the network is still connected. To simulate the mobility of the sensors, we implemented meandering current mobility model which is one of the existing mobility models for UWASNs that fits our needs. The performance of the proposed approach is validated through simulation. Simulations results indicate that connectivity can be guaranteed regardless of the transmission and sensing range ratio with a coverage very close to a coverage-aware deployment approach.

Scalable Certificate Revocation Schemes for Smart Grid AMI Networks Using Bloom Filters

Given the scalability of the advanced metering infrastructure (AMI) networks, maintenance and access of certificate revocation lists (CRLs) pose new challenges. It is inefficient to create one large CRL for all the smart meters (SMs) or create a customized CRL for each SM since too many CRLs will be required. In order to tackle the scalability of the AMI network, we divide the network into clusters of SMs, but there is a tradeoff between the overhead at the certificate authority (CA) and the overhead at the clusters. We use Bloom filters to reduce the size of the CRLs in order to alleviate this tradeoff by increasing the clusters’ size with acceptable overhead. However, since Bloom filters suffer from false positives, there is a need to handle this problem so that SMs will not discard important messages due to falsely identifying the certificate of a sender as invalid. To this end, we propose two certificate revocation schemes that can identify and nullify the false positives. While the first scheme requires contacting the gateway to resolve them, the second scheme requires the CA additionally distribute the list of certificates that trigger false positives. Using mathematical models, we have demonstrated that the probability of contacting the gateway in the first scheme and the overhead of the second scheme can be very low by properly designing the Bloom filters. In order to assess the scalability and validate the mathematical formulas, we have implemented the proposed schemes using Visual C. The results indicate that our schemes are much more scalable than the conventional CRL and the mathematical and simulation results are almost identical. Moreover, we simulated the distribution of the CRLs in a wireless mesh-based AMI network using ns-3 network simulator and assessed its distribution overhead.

IoT-based occupancy monitoring techniques for energy-efficient smart buildings

With the proliferation of Internet of Things (IoT) devices such as smartphones, sensors, cameras, and RFIDs, it is possible to collect massive amount of data for localization and tracking of people within commercial buildings. Enabled by such occupancy monitoring capabilities, there are extensive opportunities for improving the energy consumption of buildings via smart HVAC control. In this respect, the major challenges we envision are 1) to achieve occupancy monitoring in a minimally intrusive way, e.g., using the existing infrastructure in the buildings and not requiring installation of any apps in the users smart devices, and 2) to develop effective data fusion techniques for improving occupancy monitoring accuracy using a multitude of sources. This paper surveys the existing works on occupancy monitoring and multi-modal data fusion techniques for smart commercial buildings. The goal is to lay down a framework for future research to exploit the spatio-temporal data obtained from one or more of various IoT devices such as temperature sensors, surveillance cameras, and RFID tags that may be already in use in the buildings. A comparative analysis of existing approaches and future predictions for research challenges are also provided.

Privacy-preserving protocols for secure and reliable data aggregation in IoT-enabled Smart Metering systems

Abstract As the Internet of Things (IoT) gets more pervasive, its areas of usage expands. Smart Metering systems is such an IoT-enabled technology that enables convenient and high frequency data collection compared to existing metering systems. However, such a frequent data collection puts the consumers’ privacy in risk as it helps expose the consumers’ daily habits. Secure in-network data aggregation can be used to both preserve consumers’ privacy and reduce the packet traffic due to high frequency metering data. The privacy can be provided by performing the aggregation on concealed metering data. Fully homomorphic encryption (FHE) and secure multiparty computation (secure MPC) are the systems that enable performing multiple operations on concealed data. However, both FHE and secure MPC systems have some overhead in terms of data size or message complexity. The overhead is compounded in the IoT-enabled networks such as Smart Grid (SG) Advanced Metering Infrastructure (AMI). In this paper, we propose new protocols to adapt FHE and secure MPC to be deployed in SG AMI networks that are formed using wireless mesh networks. The proposed protocols conceal the smart meters’ (SMs) reading data by encrypting it (FHE) or computing its shares on a randomly generated polynomial (secure MPC). The encrypted data/computed shares are aggregated at some certain aggregator SM(s) up to the gateway of the network in a hierarchical manner without revealing the readings’ actual value. To assess their performance, we conducted extensive experiments using the ns-3 network simulator. The simulation results indicate that the secure MPC-based protocol can be a viable privacy-preserving data aggregation mechanism since it not only reduces the overhead with respect to FHE but also almost matches the performance of the Paillier cryptosystem when it is used within a proper sized AMI network.

Investigating Public-Key Certificate Revocation in Smart Grid

The public key cryptography (PKC) is essential for securing many applications in smart grid. For the secure use of the PKC, certificate revocation schemes tailored to smart grid applications should be adopted. However, little work has been done to study certificate revocation in smart grid. In this paper, we first explain different motivations that necessitate revoking certificates in smart grid. We also identify the applications that can be secured by PKC and thus need certificate revocation. Then, we explain existing certificate revocation schemes and define several metrics to assess them. Based on this assessment, we identify the applications that are proper for each scheme and discuss how the schemes can be modified to fully satisfy the requirements of its potential applications. Finally, we study certificate revocation in pseudonymous public key infrastructure (PPKI), where a large number of certified public/private keys are assigned for each node to preserve privacy. We target vehicles-to-grid communications as a potential application. Certificate revocation in this application is a challenge because of the large number of certificates. We discuss an efficient certificate revocation scheme for PPKI, named compressed certificate revocation lists (CRLs). Our analytical results demonstrate that one revocation scheme cannot satisfy the overhead/security requirements of all smart grid applications. Rather, different schemes should be employed for different applications. Moreover, we used simulations to measure the overhead of the schemes.

Customized Certificate Revocation Lists for IEEE 802.11s-Based Smart Grid AMI Networks

Public-key cryptography (PKC) is widely used in smart grid (SG) communications to reduce the overhead of key management. However, PKC comes with its own problems in terms of certificate management. Specifically, certificate revocation lists (CRLs) need to be maintained and distributed to the smart meters (SMs) in order to ensure security of the communications. The size of CRLs may grow over time and eventually may introduce additional delay, bandwidth, and storage overhead when various applications are run on SG. In this paper, we propose novel algorithms for creating customized CRLs with reduced size for IEEE 802.11s-based advanced metering infrastructure (AMI) networks. Rather than maintaining a huge-size single CRL that introduces unnecessary search time and storage, the idea is to cluster/group SMs within the AMI network and create CRLs based on these groups. The grouping is mainly done in such a way that they bring together the SMs that will be very likely to communicate so that the CRLs will be kept local to that group. To this end, we propose two novel grouping algorithms. The first algorithm is a bottom-up approach, which is based on the existing routes from the SMs to the gateway. Since the SMs will be sending their data to the gateway through the nodes on the route, this forms a natural grouping. The second approach is a top-down recursive approach, which considers the minimum spanning tree of the network and then divides it into smaller subtrees. Via grouping, the length of the CRL for each SM and the corresponding distribution overhead can be reduced significantly. Simulation results have shown that our approach can maintain a balance between the size of the CRL and the number of signatures generated by CAs while guaranteeing security of the communications.

Secure Data Obfuscation Scheme to Enable Privacy-Preserving State Estimation in Smart Grid AMI Networks

While the newly envisioned smart(er) grid (SG) will result in a more efficient and reliable power grid, its collection and use of fine-grained meter data has widely raised concerns on consumer privacy. While a number of approaches are available for preserving consumer privacy, these approaches are mostly not very practical to be used due to two reasons. 1) Since the data is hidden, this reduces the ability of the utility company to use the data for distribution state estimation. 2) The approaches were not tested under realistic wireless infrastructures that are currently in use. In this paper, we propose to implement a meter data obfuscation approach to preserve consumer privacy that has the ability to perform distribution state estimation. We then assess its performance on a large-scale advanced metering infrastructure (AMI) network built upon the new IEEE 802.11s wireless mesh standard. For the data obfuscation approach, we propose two secure obfuscation value distribution mechanisms on this 802.11s-based wireless mesh network (WMN). Using obfuscation values provided via this approach, the meter readings are obfuscated to protect consumer privacy from eavesdroppers and the utility companies while preserving the utility companies ability to use the data for state estimation. We assessed the impact of this approach on data goodput, delay, and packet delivery ratio (PDR) under a variety of conditions. Simulation results have shown that the proposed approach can provide very similar performance to that of nonprivacy approach with negligible overheads on the meters and network.

An Attribute-Based Signcryption Scheme to Secure Attribute-Defined Multicast Communications

We consider a special type of multicast communications existing in many emerging applications such as smart grids, social networks, and body area networks, in which the multicast destinations are specified by an access structure defined by the data source based on a set of attributes and carried by the multicast message. A challenging issue is to secure these multicast communications to address the prevalent security and privacy concerns, i.e., to provide access control, data encryption, and authentication to ensure message integrity and confidentiality. To achieve this objective, we present a signcryption scheme called CP_ABSC based on Ciphertext-Policy Attribute Based Encryption (CP_ABE) [2] in this paper. CP_ABSC provides algorithms for key management, signcryption, and designcryption. It can be used to signcrypt a message/data based on the access rights specified by the message/data itself. A multicast destination can designcrypt a ciphertext if and only if it possesses the attributes required by the access structure of the data. Thus CP_ABSC effectively defines a multicast group based on the access rights of the data. CP_ABSC provides collusion attack resistance, message authentication, forgery prevention, and confidentiality. It can be easily applied to secure push-based multicasts where the data is pushed from the source to multiple destinations and pull-based multicasts where the data is downloaded from a repository by multiple destinations. Compared to CP_ABE, CP_ABSC combines encryption with signature at a lower computational cost for signcryption and a slightly higher cost in designcryption for signature verification.

Assessing the feasibility of fully homomorphic encryption for Smart Grid AMI networks

Despite the potential benefits of smart meters as part of the Smart Grid initiative, the deployment of smart meters has aroused several concerns on consumer privacy. To address such concerns, various solutions are proposed in recent years under a variety of assumptions. Nonetheless, all of these solutions require a trust relationship between the consumers and utilities or third-party service providers which still does not convince some of the consumers for using smart meters. An ultimate solution is to hide the data from utilities or third-parties by using fully homomorphic encryption (FHE) systems while still allowing them to do processing on the encrypted data for their needs. However, the FHE systems are recently started to be realized and their wider deployment for certain applications has not been explored yet. In this paper, we investigate the feasibility of using FHE systems on an IEEE 802.11s-based Advanced Metering Infrastructure (AMI) application when preserving the privacy of the consumers. We design and adapt one of the existing FHE schemes for AMI and test its overhead under a variety of conditions on an 802.11s-based wireless mesh network using ns-3 network simulator. Compared to traditional encryption and partially homomorphic systems, FHE comes with significant overhead in terms of data size and delay. Nevertheless, the results indicate that such delay and data size overhead are still in acceptable limits that can be handled by the existing meters and networks.