Aung Maw

Daniel Reijsbergen, Aung Maw, Tien Tuan Anh Dinh et al.

Smart grids leverage the data collected from smart meters to make important operational decisions. However, they are vulnerable to False Data Injection (FDI) attacks in which an attacker manipulates meter data to disrupt the grid operations. Existing works on FDI are based on a simple threat model in which a single grid operator has access to all the data, and only some meters can be compromised. Our goal is to secure smart grids against FDI under a realistic threat model. To this end, we present a threat model in which there are multiple operators, each with a partial view of the grid, and each can be fully compromised. An effective defense against FDI in this setting is to share data between the operators. However, the main challenge here is to incentivize data sharing. We address this by proposing an incentive mechanism that rewards operators for uploading data, but penalizes them if the data is missing or anomalous. We derive formal conditions under which our incentive mechanism is provably secure against operators who withhold or distort measurement data for profit. We then implement the data sharing solution on a private blockchain, introducing several optimizations that overcome the inherent performance limitations of the blockchain. Finally, we conduct an experimental evaluation that demonstrates that our implementation has practical performance.

Daniel Reijsbergen, Zheng Yang, Aung Maw et al.

Smart grids leverage data from smart meters to improve operations management and to achieve cost reductions. The fine-grained meter data also enable pricing schemes that simultaneously benefit electricity retailers and users. Our goal is to design a practical dynamic pricing protocol for smart grids in which the rate charged by a retailer depends on the total demand among its users. Realizing this goal is challenging because neither the retailer nor the users are trusted. The first challenge is to design a pricing scheme that incentivizes consumption behavior that leads to lower costs for both the users and the retailer. The second challenge is to prevent the retailer from tampering with the data, for example, by claiming that the total consumption is much higher than its real value. The third challenge is data privacy, that is, how to hide the meter data from adversarial users. To address these challenges, we propose a scheme in which peak rates are charged if either the total or the individual consumptions exceed some thresholds. We formally define a privacy-preserving transparent pricing scheme (PPTP) that allows honest users to detect tampering at the retailer while ensuring data privacy. We present two instantiations of PPTP, and prove their security. Both protocols use secure commitments and zero-knowledge proofs. We implement and evaluate the protocols on server and edge hardware, demonstrating that PPTP has practical performance at scale.