IOT5_20110013 GISFI # 05, June 20 – 22, 2011, Hyderabad, India

1

Privacy Requirements of User Data in Smart Grids

Jaydip Sen

Tata Consultancy Services Ltd.Jaydip.Sen@tcs.com

2

Outine

1. What is a Smart Grid ?

2. Components of Smart Grid Architecture

3. Privacy Requirements

4. Use Cases– Customer information access– Customer enablement

IOT5_20110013 GISFI # 05, June 20 – 22, 2011, Hyderabad, India

What is a Smart Grid?• A smart grid integrates advanced sensing technologies, control methods, and

integrated communications into the current electricity grid. – US Dept. of Energy )

IOT5_20110013 GISFI # 05, June 20 – 22, 2011, Hyderabad, India

Smart Grid: The Energy InternetSmart Grid: The Energy Internet

Electrical Infrastructure

“Intelligence” Infrastructure

4GISFI # 05, June 20 – 22, 2011,

Hyderabad, IndiaIOT5_20110013

Components of Smart Grid

5IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• Smart Grid network– Real-time pricing– Consumption management– Integration of plug-in hybrid electric vehicles for grid energy storage– Integration of distributed generation such as photovoltaic system and wind

turbine

• Advanced metering– Advanced metering infrastructure (AMI) and Advanced Meter Reading

(AMR) capabilities in power distribution system has the potential to save energy suppliers and consumers’ significant amount of money

• Demand Management

Personal Information on Smart Grids

6IOT5-20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• Personal information is defined in the Freedom of Information and Protection of privacy Act (FIPPA) as “recorded information about an identifiable individual.

• For example, “personal information” includes the address and telephone number of an identifiable individual and individuals’ name where it appears with other personal information relating to the individual or where the disclosure of the name would reveal other personal information about the individual.

• Utilities should be careful when anonymizing personal information and in concluding that the information is in fact anonymized. It is possible in some cases that removing identifiers such as name and address may not guarantee that personal information is de-identified.

• It is predicted that smart grids will generate eight times in order of magnitude more data than today’s traditional power network. Privacy of user data is a serious concern.

Some Examples of Privacy Control

7IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• Customers may only view data relating to their own consumption.• Utilities may only see data relating to their own customers.• Retailers may only see data relating to their own customers• Billing agents may only have access to view billing quantities.• Utilities may have the ability to edit meter readings only for their

customers.• Some users may not have the ability to view data.• Only appropriately authorized users may have the ability to modify

data.

Privacy Requirements in Smart Grids

8IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• Smart grid systems should feature privacy principles in their overall project governance framework and proactively embed privacy requirements into their designs, in order to prevent privacy-invasive events from occurring.

• Smart grid systems must ensure that privacy is the default – the “no action required” mode of protecting one’s privacy – its presence is ensured.

• Smart Grid systems must build in privacy end-to-end, throughout the entire life-cycle of any personal information collected.

• Smart grid systems must be designed with respect for consumer privacy, as a core foundational requirement.

Use Case – Customer Information Access

9IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• The utilities give access to the meter reading information to the customers to assist them in managing their power consumption.

• Challenges – robust mechanisms required for user registration, authentication and data protection. The greatest challenge is how to design the information flow to mitigate potential privacy concerns of the customers.

• Encryption of the smart meter information is required.

• Only a numeric ID and consumption information should be transmitted over the wireless mesh network. The meter-to-customer correlation is to be performed securely at the utility’s data center.

• The transformer meters should communicate over a different wireless network than the smart meters. If the smart meter network were ever to be compromised, malicious third parties would not be able to perform the same transformer –to-smart meter correlation, as could be done by the utility provider.

Use Case – Customer Enablement

10IOT5_20110013 GISFI #05, June 20 – 22, 2011, Hyderabad, India

• A utility is in the process of rolling out smart meters and billing system changes to support time-of-use billing and expects that future programs will include further customer enablement such as demand-response programs, conservation programs, voluntary curtailment etc.

• Customer enablement introduces new challenges in security and privacy.

• There are three basic activities in this case: • Enrolment – the ability of an authorized customer to enroll and define his mode of

participation.• Usage – the active operation and management of participating customer. • Termination – the ability of a customer to terminate his active participation.

• The features are to be delivered based on business requirements to permit demand response registrants to terminate their enrolment and to provide eligible device information to a demand response program.

• These will lead to supplementary requirements establishment such as data retention, sharing of personal information etc.

11

Thank You

GISFI # 05, June 20 – 22, 2011, Hyderabad, India

IOT5_20110013