- Secure architecture
- Threat Analysis
- Privacy-aware Smart-Traffic
- Smart Security for Smart Homes
- Privacy preserving Visualization of Energy Consumption
- Privacy-aware Smart Metering
- Secure Information Flow
Intelligent Systems for the Smart Grid are key technologies for efficient resource planning and usage which eventually lead to saving resources without jeopardizing economy and prosperity. Furthermore, intelligent demand management in the domestic area will allow to adapt energy usage to intermittent electric power generation from renewable sources, which is occurring more and more often in decentralized grid systems, without reducing the freedom of the consumer. This approach is currently being investigated in the iZEUS project. However, issues with respect to security and privacy are subject for KASTEL. Large amounts of sensory data are collected for the intelligent control as well as fine-grained private data, which needs extraordinary protection. Furthermore, complex intelligent systems have always a greater surface for all kinds of attacks. To counter greater damage, it should be proven that the damage can be constrained as long as the attack remains local. While it is possible to protect controlling signals from the Smart Grid with classical means, the same means are not appropriate to protect private energy data as they are not held completely confidential. The associability of energy usage, habits and individuals should be made as difficult as possible.
Precise security terms for desirable properties are to be developed within the research project KASTEL as well as security mechanisms with comprehensible security properties within the complex overall system.
The first step to design a secure system is an in-depth analysis of the threats the system has to cope with. It has to be defined, what security in the system context actually means. Therefore, the goods that have to be protected and actual threats and attacks on these goods have to be identified.
The threat analysis is realized by security experts. The knowledge of these security experts is recorded in the form of generic threat trees to support a more systematic threat analysis in the future. The threat analysis also comprises recommendations for security mechanisms to cope with or to avoid the threats or attacks. As design decisions influence security mechanisms and vice versa, the threat analysis will be run alongside the design process as a continuous process.
Design of a secure Smart Home architecture
Based on the current design of the Energy Smart Home Lab a secure architecture for a Smart Home is developed which satisfies the large variety of functional and security requirements.
Functional requirements, legal and compliance requirements, and last but not least, technical security requirements resulting from a threat analysis are considered in the architecture.
- Organic smart home: architecture for energy management in intelligent buildings. Proceedings of the 2011 workshop on Organic computing. ACM, 2011.
- Integration intelligenter Steuerungskomponenten in reale Smart-Home-Umgebungen. GI Jahrestagung (1) 10 (2010): 455-460.
Privacy-aware Smart Metering
One important feature of the new Smart Grid will be an advanced metering infrastructure. Among other functions, advanced metering enables the monitoring of energy consumption and production within an electrical grid at a very high sampling rate. To achieve this goal, smart meters are deployed in households and send their data about consumption and production in short intervals. Energy suppliers, for example, can use the near real-time consumption data to control their production more efficiently and to offer their customers pricing schemes based on current offer and demand. But this new functionality also has risks. The close monitoring of single smart meters provides deep insight into the energy consumption of customers. And with detailed knowledge of their energy consumption surprisingly accurate conclusions about their private life can be drawn. The privacy of, for example, working hours, vacations, habits and even religious beliefs is at risk. To protect the privacy of customers, several protocols for Smart Metering were developed. By using peer-to-peer communication, smart meters cooperate and anonymize their meter readings prior to submission.
- SMART-ER: peer-based privacy for smart metering. Erscheint in: IEEE INFOCOM Workshop on Communications and Control for Smart Energy Systems, Toronto, Ontario, Canada, Mai 2014
- Smart Meter Speed Dating, short-term relationships for improved privacy in Smart Metering. 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 426-431, Vancouver, British Columbia, Canada, Oktober 2013
- Pseudonymous smart metering without a trusted third party. TRUSTCOM '13 Proceedings of the 2013 IEEE 12th International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, Australia, Juli 2013
- Elderberry: A peer-to-peer, privacy-aware smart metering protocol. Proceedings of the 2nd IEEE INFOCOM Workshop on Communications and Control for Smart Energy Systems (CCSES 2013), Turin, Italy, April 2013
- Echtzeit-Smart-Metering ohne Verletzung der Privatsphäre. VDE Kongress 2010 - E-Mobility, Leipzig, Germany, November 2010
In the context of Smart Traffic, overlay-based communication structures for Smart Traffic applications are being developed at the Institute of Telematics. Typical application scenarios are, e.g., dynamic, cooperative navigation as well as the location and reservation of charging stations for electric vehicles. For supporting these scenarios, an overlay-based GeoCast service was developed for requesting information concerning specific geographic regions (e.g., the traffic situation on a highway segment). One of the arguments for this type of service is the better protection of user privacy, since no central entity has a global view on all participants. Decentralized approaches are, however, vulnerable to a number of privacy attacks, in which attackers fake their location information or introduce a large number of virtual nodes into the network, which together can form a global view.
- Privacy in Overlay-based Smart Traffic Systems. Proceedings of the IEEE Workshop on Privacy and Anonymity for the Digital Economy (PADE 2013), Sydney, Australia, Oktober 2013
- OverDrive: An Overlay-based Geocast Service for Smart Traffic Applications. Proceedings of the 10th Annual Conference on Wireless On-Demand Network Systems and Services (WONS), Best paper award, Banff, AB, Canada, März 2013
Smart Security for Smart Homes
One research focus in KASTEL is the design of smart security solutions for smart environments. One scenario is the design of an intelligent but secure smart home system. Due to the increasing number of communicating devices (freezer, flatirons,..) and new communication scenarios (remote access to home devies, e.g. energy management system) there are a lot of interesting and important research topics with regard to network security. Some research topics are for example attack detection or useabiltiy aspects as well as the evaluation of energy-efficiency of security mechanisms.
Privacy preserving Visualization of Energy Consumption
The recording of energy consumption data or relevant sensor and device management data in private households enables a detailed analysis of the consumer’s energy consumption. On the one hand there is the possibility to show potential for economizing energy consumption and to make demand side management feasible. On the other hand, a highly resolved collection of energy data allows to draw conclusions regarding the consumption behavior of a private consumer and which household members are present at which time. If there is no access or usage control regarding the handling with personal energy data, there is a risk of the infliction of the private consumers' right of informational self-determination. As long as the access to the collected data is not adequately protected, the recording system can be used as means of surveillance of household members. Furthermore, implementations of privacy mechanisms have to guarantee that household members are not able to monitor each other.
So far there is no legal concept to solve this problem. The German data protection law doesn't address the protection of privacy and the implementation of data protection principles in this context appropriately. To design a privacy preserving visualization of energy consumption the aim of this project is to develop a visualization platform that enables the analysis of energy consumption by meanwhile limiting a potentially mutual monitoring by household members.
Secure Information Flow
A variety of systems communicate and process critical data in smart-home environments. Different actors in the system should have access to parts of the data, but not to other parts. Implementation of intended information flows within the distributed system on one hand depends on a correct understanding of allowed information flows, on the other hand on the correct implementation of components.
At the Institute of Theoretical Informatics, we perform research on formal specification of information flows, based on non-interference and strategies possible attackers could use, as well as I/O transition systems as basis for the semantic definition of components. Further, our research is dedicated to compositionality of secure components, with the goal of an analysis of a distributed system modularely by analysing single components. We work on deductive verification methods for non-interference properties in Java programs in order to prove an implementation of a component secure.