Security and Privacy Support For Smart Grid
Open Access
- Author:
- Fan, Jingyao
- Graduate Program:
- Computer Science and Engineering (PHD)
- Degree:
- Doctor of Philosophy
- Document Type:
- Dissertation
- Date of Defense:
- June 18, 2021
- Committee Members:
- Chitaranjan Das, Program Head/Chair
Yan Li, Major Field Member
Sencun Zhu, Major Field Member
Anna Squicciarini, Outside Unit & Field Member
Guohong Cao, Chair & Dissertation Advisor - Keywords:
- smart grid
security
privacy
power system - Abstract:
- Smart grid has brought many improvements to the electric power infrastructure. With fine-grained and real-time sensor/meter data, the control center can monitor the power system states and deliver control commands to various actuators, resulting in better energy efficiency and better fault tolerance. However, smart grid also introduces security and privacy challenges related to meter data collection and control command delivery. First, the meters may be compromised and provide forged data measurements to the control center which will have wrong estimates of the system states that potentially cause disastrous actions. Second, although smart meters help with monitoring the system states, they also bring threats to user privacy. The rich power consumption data in residential smart meters may leak appliance usage information which can be exploited for inferring user activities. Third, the devices that issue control commands may be compromised to send forged commands, and executing such fake commands will cause damage and disturbances to the power grid. Due to the close integration of cyber and physical technology in smart grid, as well as the high likelihood of cascading failures in power systems, traditional security and privacy solutions in wireless sensor networks and control systems can not be directly applied to solve these problems. The goal of this dissertation is to provide security and privacy support for smart grid by addressing these challenges. First, we propose resource-aware schemes to prevent false data injection attacks by relying on some secure meters. Different from existing work that does not consider the resource constraints of electric utilities, we address the problem in a more practical setting and answer the following question. Given a limited budget to secure some measurement meters, which meters should be secured to make the power grid more resilient to data forgery attacks? We first formalize the problem which is NP-hard, and then propose a heuristic algorithm that ranks and selects meters to minimize the probability of attackers launching successful false data injection attacks. Second, we identify a new attack which leverages the reactive power data of smart meters and show that reactive power alone can be exploited to breach user privacy. The attack can extract reactive power-based appliance signatures and then identify the ON/OFF events of appliances to infer user activities. To mitigate privacy disclosure caused by the new attack, we propose a novel technique to obfuscate the reactive power measured by smart meters. The technique uses capacitors installed within a user’s household to store and provide reactive power in a controlled manner, to smooth power fluctuations, so that the reactive power changes caused by the ON/OFF of appliances are hidden from the smart meter. Finally, to secure control commands, we propose a novel solution based on the electromagnetic (EM) field generated by the current in the power lines. We model the EM field around the power lines and the current flowing in the power lines, and propose a deterministic algorithm and a probability-based algorithm to infer the current level based on the EM field strength. With the inferred current level, we can validate if the command given by the protective relay is valid or not. We build a simulator and a real testbed to evaluate the performance of our approaches. Evaluations results based on real power station layout and power load data show that our approach can effectively protect against control command attacks.