Florida International University
FIU Digital Commons
-&$42*$"-"/%0.154&2/(*/&&2*/("$5-48
5#-*$"4*0/3
0--&(&0'/(*/&&2*/("/%0.154*/(
Securing Metering Infrastructure of Smart Grid: A
Machine Learning and Localization Based Key
Management Approach
Imtiaz Parvez
Department of Electrical and Computer Engineering, Florida International University*1"26;5&%5
Arif I. Sarwat
Department of Electrical and Computer Engineering, Florida International University"3"27"4;5&%5
Longfei Wei
Department of Electrical and Computer Engineering, Florida International University-7&*;5&%5
Aditya Sundararajan
Department of Electrical and Computer Engineering, Florida International University"35/%;5&%5
0--074)*3"/%"%%*4*0/"-702,3"4
)<13%*(*4"-$0..0/3;5&%5&$&!'"$
"240'4)& -&$42*$"-"/%0.154&2/(*/&&2*/(0..0/3
:*3702,*3#205()440805'02'2&&"/%01&/"$$&33#84)&0--&(&0'/(*/&&2*/("/%0.154*/("4*(*4"-0..0/34)"3#&&/"$$&14&%'02
*/$-53*0/*/-&$42*$"-"/%0.154&2/(*/&&2*/("$5-485#-*$"4*0/3#8"/"54)02*9&%"%.*/*342"4020'*(*4"-0..0/302.02&
*/'02."4*0/1-&"3&$0/4"$4
%$$;5&%5
&$0..&/%&%*4"4*0/
"26&9"27"4 &*5/%"2"2"+"/&$52*/(&4&2*/(/'2"3425$452&0'."242*%"$)*/&&"2/*/("/%
0$"-*9"4*0/"3&%&8"/"(&.&/41120"$)/&2(*&3
energies
Article
Securing Metering Infrastructure of Smart Grid:
A Machine Learning and Localization Based Key
Management Approach
Imtiaz Parvez, Arif I. Sarwat *, Longfei Wei and Aditya Sundararajan
Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33174, USA;
iparv001@fiu.edu (I.P.); lwei004@fiu.edu (L.W.); asund005@fiu.edu (A.S.)
* Correspondence: asarwat@fiu.edu; Tel.: +1-305-348-4941
Academic Editor: Chunhua Liu
Received: 20 April 2016; Accepted: 22 August 2016; Published: 29 August 2016
Abstract:
In smart cities, advanced metering infrastructure (AMI) of the smart grid facilitates
automated metering, control and monitoring of power distribution by employing a wireless network.
Due to this wireless nature of communication, there exist potential threats to the data privacy in
AMI. Decoding the energy consumption reading, injecting false data/command signals and jamming
the networks are some hazardous measures against this technology. Since a smart meter possesses
limited memory and computational capability, AMI demands a light, but robust security scheme.
In this paper, we propose a localization-based key management system for meter data encryption.
Data are encrypted by the key associated with the coordinate of the meter and a random key index.
The encryption keys are managed and distributed by a trusted third party (TTP). Localization of
the meter is proposed by a method based on received signal strength (RSS) using the maximum
likelihood estimator (MLE). The received packets are decrypted at the control center with the key
mapped with the key index and the meter’s coordinates. Additionally, we propose the k-nearest
neighbors (kNN) algorithm for node/meter authentication, capitalizing further on data transmission
security. Finally, we evaluate the security strength of a data packet numerically for our method.
Keywords:
advanced metering infrastructure (AMI); data security; key management system;
k-nearest neighbors (kNN); received signal strength (RSS); smart city; smart meter; smart grid
1. Introduction
The smart grid is the modern electric power system utilizing an innovative communication
and distribution system to deliver electricity to end users with improved monitoring, control and
efficiency. A touted feature of the smart grid is the interaction among its entities using bidirectional
communication. advanced metering infrastructure (AMI) is the distribution-level building block of
the smart grid, consisting of millions of meters. The data of energy consumption are collected and
reported by smart meters to the control center of the service provider (SP) periodically (typically
with a resolution of 15 min) different from conventional meters, which record the entire monthly
consumption data. It also allows consumers to engage in the electricity trade, more formally called “net
metering”, by selling surplus power back to the grid. AMI caters to the SP, the control and monitoring
for outage management, demand response, disaster prevention and disaster recovery. Consequently,
the communication in AMI is bidirectional [
1
–
6
]. The assessment of current methodologies employed
by smart meters and their mesh/hierarchical connected wired/wireless network constituting the AMI
are highly recommended considering the fact that it is the most imperative aspect of the smart grid
from the perspective of utility companies, as well as the consumers.
Cyber physical systems (CPS) and the reliability of the smart grid have been the key points
of interest, where a system needs to be designed to detect and prevent an unauthorized access by
Energies 2016, 9, 691; doi:10.3390/en9090691 www.mdpi.com/journal/energies
Energies 2016, 9, 691 2 of 18
integrating both cyber and physical components of the grid [
7
]. The attacker might want to decode data
packets, gain control and command over various components of the smart grid, inject false commands,
jam the network and take over the control of the system. Smart meters are the primary basis for the
collection of consumer usage data through access points (APs). Observing the power consumption
data and usage patterns of electricity, a thief/attacker can learn the presence or absence of consumers
at home and, thus, poses a greater threat for the community.
In 2013, the U.S. electric utilities had 51,924,502 AMI smart meter installations of which
about 89% were residential customer installations [
8
]. These meters mainly consist of in-built
full-duplex communication mode with periodical/on-demand reception and transmission of data.
Different solutions for various attacks are proposed based on the usage of electricity in residential
areas and security protocols involving various wireless local area networks (WLANs) [
9
–
11
].
An experimental setup was performed to analyze the routine usage of electricity corresponding to the
time of the day. It was observed that easily-identifiable loads, such as boilers, directly corresponded to
the time when laundry, meals and showers were taken. These data can be utilized by potential hackers
to break into vacant residences [12].
The main hindrance of implementing security schemes in AMI is the limited memory and
computational capability of smart meters. Additionally, AMI is a huge network comprised of thousands
of meters. This requires AMI to have a light, but robust security scheme. In the geographical
coordinate-based encryption scheme [
13
–
15
], for localization, the global positioning system (GPS) was
proposed. However, GPS does not work well in some places, such as inside a multi-storied building,
hilly places, as well as coordinates derived by GPS will expose the exact location of the consumer
house. Furthermore, it exposes the exact position of the meter/consumer.
In this paper, we propose a key management-based security scheme utilizing the location of
meters, derived from received signal strength (RSS) of the radio signal. The localization of meters by
the RSS-based method will create a local positioning map different from the geographic coordinate
system, in which every meter has its own coordinate. For data encryption, secret keys mapped with
the coordinate points of the meters and a random index are proposed in our technique. The keys
are distributed among the meters periodically by a trusted third party (TTP) of the key management
system. Furthermore, we introduce the k-nearest neighbors (kNN) algorithm for meter authentication
during the transport of data packets. The kNN algorithm is a technique used to predict class labels
of unknown data [
16
–
18
]. The kNN classifier is simple, efficient and easy to implement. It is one of
the most widely-used algorithms in pattern evaluation, text characterization, diagnosis of cancer and
many more. In a real-world scenario, there are many datasets with little or no prior knowledge about
their distribution. kNN is amongst the best choice for the classification with a dataset with little or
no prior knowledge. For these reasons, the combination of data encryption by secret key and node
authentication using the kNN algorithm provides a potential solution for AMI.
The rest of this paper is organized as follows: Section 2 provides a brief insight into the different
challenges faced by security systems. Section 3 describes the literature review corresponding to our
model. Section 4 gives the AMI architecture. Section 5 elicits the algorithm for the localization and
kNN for the secure transmission of packets, in detail. Section
6 describes the encryption and data
flow process. The simulation for localizing meters in residential areas and the kNN algorithm for
node authentication are illustrated in Section 7. The security strength of a data packet is analyzed in
Section 8. Finally, a brief conclusion is given in Section 9.
2. Challenges Faced by Advanced Metering Infrastructure Meters
Like any other systems, the AMI needs to fulfill four primary requirements of security viz.
confidentiality, integrity, availability and accountability (non-repudiation) [
19
]. Confidentiality implies
that data must be accessible only to the authorized users, and all unauthorized attempts must be
denied. Since fine-grained consumption data of a smart meter convey consumers’ lifestyle patterns,
habits and energy usage, they must be concealed. Integrity requires reflecting authentic data correctly
Energies 2016, 9, 691 3 of 18
without any modification, addition or deletion. Since the hackers, as well as the consumers might
want to alter the consumption data, integrity is a vital issue in the AMI data.
Availability means that the data must be available on demand at all times for authorized users of
the system. Availability follows the concept of authorization, which in turn implies that the data in
the system can be used only by users who are allowed to have access. This involves the concept of
access controls, wherein not all users have the same degree of freedom and control over the dataset of
the system. There are restrictions to using specific aspects of data, which ensures that not everything
can be accessed by everyone. Availability takes this one step further by ensuring that the accessible
data must not be denied to the user by the system at any point of time. Since the adversaries might
want to jam the network, thereby preventing the system from making the data available, or much
worse, incapacitating the system’s feature to make the data available, the AMI must comply with this
requirement. Accountability (non-repudiation) means that an entity doing a specific job must not deny
it from doing that. In AMI, accountability ensures timely responses to the command and control, the
integrity of the billing profile, etc.
End-user privacy is another challenge of AMI data security. Smart meters are essentially small
banks of customer usage snapshots; when aggregated together over a period of time, they provide
an immense wealth of information that if put to the wrong use might compromise the privacy of
customers. Smart meters provide data that is usually granular or fine-grained and the high-frequency
type of energy measurements whose illegitimate analysis results in or may result in the invasion of
privacy, near real-time surveillance and behavioral profiling. When the analysis is coupled with an
even more threatening hazard, such as manipulation of the analyzed data, the attackers get to open a
window to observe how many people are at home and at what times, to determine people’s sleeping
and eating routines, appliance usage patterns and home vacancy patterns.
Taking it one step further, hackers become capable of wirelessly updating smart meter firmware
and remotely disconnect a user or a large section of users. Attackers, armed with different consumer
patterns, can stage efficient electricity thefts and frauds, running up bogus charges or cause an electrical
appliance to malfunction, shutdown or surge, causing physical damage to life and property.
The AMI meters are inherently susceptible to buffer overflows and the seven state machine
flaws, as illustrated in [
20
]. Attacks that exploit its hardware vulnerabilities, such as bus sniffing,
clock speed and power glitches, are also prevalent [
21
]. An attacker can create abnormal operating
conditions by varying the time and voltage levels crucial to the meter performance, consequently
gaining access to previously inaccessible parts of the system. Exposing the chip’s surface to lasers,
micro-probing to inject false signals, capturing or intercepting data and manipulating registers are
some of the more advanced methods employed to compromise the meter’s integrity in a physical, as
well as cyber fashion. In recent times, differential power analysis and other similar techniques have
been successfully used to extract the secret keys and circumvent the embedded IC security mechanisms
altogether, as shown in [
22
]. Therefore, all of these issues need to be addressed in the data security of
AMI. In the scope of this study, we look forward to providing a security scheme that will endure all of
the challenges.
3. Literature Review
Data security is the prime challenge faced by AMI, as explained in Section 2. In order to be
accountable for securing data, many models/techniques have been proposed in the literature. Some of
these models are verifiable computation models, anonymization, perturbation models, data obfuscate
techniques, trusted aggregators, etc. [23].
The work in [
24
] proposed a tested and established method to provide security to the meter data
integrity by either using digital signatures that a TTP might sign with a time stamp to enforce not
just integrity, but also authentication. Additionally, data hashing using secure hash algorithm-256
(SHA-256) before performing the signature provides an added layer of security, so that the third
party need not store the keys in plain text, but can just store the hash values of the keys for each
Energies 2016, 9, 691 4 of 18
smart meter. Though the computation of hashes might add a minimal overhead, the meters need to
compute hashes every time before transmitting the data packets. In [
11
], a 128-bit advanced encryption
standard-galois counter mode (AES-GCM) cryptographic system-based secure integrated circuit (IC)
was proposed with the in-depth comparison of performance between the hardware and software-based
crypto-engines. An integrated authentication and confidentiality (IAC) is proposed in [
25
] to mutually
authenticate the back office with the smart meters in order to obtain the correct cryptographic keys to
be used for performing secure data communications. However, this allows the back offices to exploit
the encryption and message authentication engines that are custom-made for the particular security
necessities and system-imposed restrictions.
Anonymization of meter data was done in [
26
], describing the mechanism of how a third party
escrow authenticates anonymous meter readings without being aware of a particular smart meter
identification (ID) or location or its corresponding customer. In [
27
], physical layer-based security
has been proposed, where noise is added from a known distribution before transmitting and is
reconstructed as an approximation of the original data. However, there exists a trade-off between the
level of privacy achieved and the loss of information.
The method shown in [
28
] depicts a privacy-aware architecture for demand response analysis
that does not require the centrally-collected AMI data, thus reducing the privacy issues associated
with behavioral profiling and other threats and vulnerabilities discussed earlier. However, neither of
these works take into account the efficiency and scalability issues pertaining to the authentication and
privacy protocols presented between the AMI meters and the back office.
Although [
29
] proposes a homomorphic encryption to solve the pressing security concerns, when
a large network is considered, the data retrieval at the control center becomes tedious and cumbersome.
Game theory is another fruitful modeling algorithmic paradigm that has been exploited by [
12
,
30
]
wherein they put it to use viewing an attacker and a defender scenario accompanied by an attack level
and a severity level.
In the case of trusted aggregators, many studies can be found that include a TTP, key management,
node-to-node authentication, etc. A node-to-node encryption by different secret keys has been
proposed in [
31
]. However, again, for a huge network scenario, the packet overhead increases,
since authentication needs to happen at every single node in the message packet’s path. In [
32
,
33
],
a public key management infrastructure (PKI) is proposed both to distribute the key and to manage the
network. As with any PKI method, the distribution of the public keys becomes a point of vulnerability
that entails various complications. Longitude, altitude and time form an encryption key in [
13
–
15
]
for the purpose of data encryption. This technique ensures that the data cannot be decrypted outside
a particular facility, such as a local utility company control center, different government agencies or
corporations. For determining longitude and altitude, GPS has been proposed. However, GPS does
not work well in some places, such as multi-storied buildings, hilly places and forests. Moreover, in
today’s signal processing system, any coordinate point can be generated at any place.
Here, in our paper, we propose a data encryption technique associated with latitude, longitude
and a random key index. The longitude and altitude are derived by the RSS-based technique. Since the
RSS-based technique involves error in determining the coordinates of meters, AMI will create a private
coordinate system with constant error (due to constant position of the meter). These private coordinates
will not expose the exact coordinates of meters/consumers. Moreover, if we consider each cluster of
meters served by a TTP, our technique becomes scalable. Additionally, we use the kNN algorithm to
ensure that the message is received from neighbor meters not from any unauthorized entity. This node
authentication will also help to intercept malicious packets.
4. Architecture of Advanced Metering Infrastructure
Millions of smart meters are engineered to communicate with the local utility SP/control center
using the AMI network. The bidirectional networks can be a mesh, or a hierarchical, or a hybrid.
Periodic collection, storing and transmission of enormous volumes of data packets via the regional