Smart Grid Metering Networks: A Survey on Security, Privacy
and Open Research Issues
Author
Kumar, Pardeep, Lin, Yun, Bai, Guangdong, Paverd, Andrew, Dong, Jin Song, Martin,
Andrew
Published
2019
Journal Title
IEEE Communications Surveys & Tutorials
Version
Accepted Manuscript (AM)
DOI
https://doi.org/10.1109/COMST.2019.2899354
Copyright Statement
© 20109 IEEE. Personal use of this material is permitted. Permission from IEEE must be
obtained for all other uses, in any current or future media, including reprinting/republishing this
material for advertising or promotional purposes, creating new collective works, for resale or
redistribution to servers or lists, or reuse of any copyrighted component of this work in other
works.
Downloaded from
http://hdl.handle.net/10072/395272
Griffith Research Online
https://research-repository.griffith.edu.au
1
Smart Grid Metering Networks: A Survey on
Security, Privacy and Open Research Issues
Pardeep Kumar Member, IEEE , Yun Lin Member, IEEE, Guangdong Bai, Andrew Paverd Member, IEEE,
Jin Song Dong, and Andrew Martin Member, IEEE
Abstract— Smart grid (SG) networks are newly upgraded
networks of connected objects that greatly improve reliability,
efficiency and sustainability of the traditional energy infras-
tructure. In this respect, the smart metering infrastructure
(SMI) plays an important role in controlling, monitoring and
managing multiple domains in the SG. Despite the salient features
of SMI, security and privacy issues have been under debate
because of the large number of heterogeneous devices that are
anticipated to be coordinated through public communication
networks. This survey paper shows a brief overview of real
cyber attack incidents in traditional energy networks and those
targeting the smart metering network. Specifically, we present a
threat taxonomy considering: (i) threats in system-level security,
(ii) threats and/or theft of services, and (iii) threats to privacy.
Based on the presented threats, we derive a set of security and
privacy requirements for SG metering networks. Furthermore,
we discuss various schemes that have been proposed to address
these threats, considering the pros and cons of each. Finally, we
investigate the open research issues to shed new light on future
research directions in smart grid metering networks.
Index Terms—Smart grid communications, smart metering,
security, privacy, research directions.
I. INTRODUCTION
S
MART grid (SG) networks are envisioned to be the next
evolutionary step of power supply networks [1]. These
networks typically include several advancements that will im-
prove the efficiency and reliability and provide uninterrupted
energy supply to homes and businesses. In addition, SG also
includes various renewable energy sources (e.g., solar, wind,
etc.), distributed generation (DG) and distributed storage (DS)
[2]–[6]. As shown by market research [7], the SG market is
projected to grow $20.83 billion in 2017 to $50.65 billion
by 2022. This market shift has therefore generated significant
interest from governments, industries and academia. The main
abbreviations are summarized in Table I.
SG networks consist of different domains, including (i) bulk
generation, (ii) energy transmission, (iii) energy distribution,
(iv) customers, (v) operation, (vi) market and (vii) service
P. Kumar is with the Department of Computer Science, Swansea University,
Swansea, United Kingdom, (email:pardeep.kumar@swansea.ac.uk)
Y. Lin is with the School of Computing, National University of Singapore,
Singapore, (email:llmhyy@gmail.com)
G. Bai is with the School of Information and Communication Technology,
and the Institute for Integrated and Intelligent Systems, Griffith University,
Australia, (email: g.bai@griffith.edu.au)
A. Parerd is the Microsoft Security Response Centre, Microsoft Research
Cambridge, United Kingdom, (email: andrew.paverd@ieee.org)
J.S. Dong is with the School of Computing, National University of
Singapore, Singapore, (email: dcsdjs@nus.edu.sg)
A. Martin is with the University of Oxford, Oxford, United Kingdom,
(email: andrew.martin@cs.ox.ac.uk)
Bulk Generation
Energy Distribution
Energy Transmission
Domestic and non-
domestic customers
Operation
Market
Service
Provider
Energy flow
Information
flow
Fig. 1. A high-level conceptual model of the SG [8] [9] [10].
provider, as shown in Fig. 1. The upper domains, i.e., bulk gen-
eration, energy transmission, energy distribution and customer
are primarily connected by two-way energy flow (illustrated
with black solid lines). These upper domains are managed and
controlled by the underlying domains, i.e., operation, market
and service provider, via two-way information flow (illustrated
with red dotted lines) [8]. This two-way flow of energy and
data will enable new functionality between the consumers and
utilities in the SG.
To realise the aforementioned domains, one of the main
infrastructures is smart metering that will not only help to
evaluate the status of a power grid but also to manage those
distributed resources. It is anticipated that a large number
of heterogeneous devices (e.g., smart meters, sensors, etc.)
will be deployed between consuming points and monitoring
and controlling centers [11]–[13]. The term smart metering
system defines an intelligent electronic device that measures
energy usage data, with more precise information than a
traditional meter, and sends and receives data via two-way
communication [14]. As a result, smart metering networks
equipped with the information and communication technology
(ICT [15]), and working together with intelligent sensors allow
utility companies to manage and control the SG. Despite the
control and management capabilities of smart metering, the
collected metering data can be used by automated and intel-
ligent systems to enable new applications. These applications
may include load management programs, DG and DS control
systems and billing [13], [16], [17].
However, the mass dependence on ICT and smart metering
network technologies also open up several threat surfaces,
especially when the utility companies integrate several auto-
mated applications. A report published by the United States
Computer Emergency Readiness Team (US-CERT) warns that
2
the advanced persistent threat activities are targeting energy
sectors [18]. Recent studies reveal that the energy companies
can be predominantly subjected to targeted attacks [19], [20].
A targeted attack on the SG metering network could poten-
tially lead to slowdown or shutdown of the power grid systems,
and cripple the utility delivery systems. Exploitation of vul-
nerabilities in the SG metering network could affect individual
consumers, as well as infrastructure such as substations and
control centers [21]. Moreover, a threat is not only limited
to the SG metering network security but it can raise many
privacy issues for end-customers. For instance, a smart meter
usually sends energy reports every 15/30 minutes periodically
over wireless communication. An eavesdropper can intercept
such reports to invade the privacy of consumers, for example,
what time the property is occupied or empty [22] [23]. As a
result, the individuals’ private life patterns can be inferred or
can be used for criminal purposes.
Following the aforementioned issues, security and privacy
issues recently have been the subject of extensive research
because the public safety, and the national economy and secu-
rity are rely heavily on the energy networks. Although security
and privacy weaknesses are continuously being discovered in
the network technologies, protocols, and devices used in the
energy systems, the significance of threats to system level
security, threats or theft via services, and threats to privacy
are not always fully understood in SG metering networks. In
the following subsection, we discuss recent survey papers in
this field, and point out the distinguishing features and main
contributions of our work.
A. Existing Work
Recently, several survey papers have been conducted on the
security and privacy issues in SG domain, as follows.
Security: In 2013, Wang-Lu analyzed security challenges
in the SG network, including transmission and distribution
subsystems, AMIs, and HANs [24]. The authors presented
the security requirements and thoroughly evaluated network
threats with case studies. Moreover, the research mainly
considered cryptographic countermeasures including authen-
tication and key management in various SG domains. This
paper includes detailed analytical analysis including several
traditional protocols (e.g., distributed network protocol) in the
energy domains. Nevertheless, since 2013, extensive novel and
advanced security methods have been published and those
need to be explored.
In 2014, Komninos et al. presented smart grid and smart
home security [21]. The authors mainly considered the in-
teraction between the smart home and SG environments,
and classified their security risks. The paper discussed some
representative threats and evaluated theoretical impacts from
smart home to smart grid and vice versa. The authors provided
a survey of the available literature as the security counter-
measures and included the SG’s ongoing activities over the
period of 2009 – 2013. Though, Komninos et al. reviewed
several papers from the viewpoint of security countermeasures
including privacy, the critical analysis of these schemes (if any)
were not discussed.
TABLE I
ABBREVIATIONS AND DESCRIPTIONS
Abbreviation Description
ARP Address Resolution Protocol
AES Advanced Encryption Standard
AMI Advanced Metering Infrastructure
ABE Attribute-Based Encryption
AVISPA Automated Verification of Internet Security Protocols and
Applications
BOC Back Office Compromise
CR Cognitive Radio
CIA Confidentiality, Integrity and Availability
CI Critical Infrastructure
DCU Data Collector Unit
DPI Deep Packet Inspection
DoS Denial of Service
DNO Distribution Network Operator
DSS Distribution Sub-Station
DR, DRAS Demand Response, and Automation Server
DG, DS Distributed Generation, and Distributed Sources
DSR Dynamic Source Routing
ECC Elliptic Curve Cryptography
ECDSA Elliptic Curve Digital Signature Algorithm
FHE Full Homomorphic Encryption
HVE Hidden Vector Encryption
HAN Home Area Network
HEMS Home Energy Management System
HMI Human Machine Interfaces
HWMP Hybrid Wireless Mesh-Routing Protocol
IBC Identity-Based Cryptography
ICS Industrial Control System
ICT Information and Communication Technology
IED Intelligent Electronic Device
IoT Internet of Things
KDS Key Distribution Server
LTE Long-Term Evolution
MPS Main Power Supply
MAC Medium Access Control
MDMS Meter Data Management System
MITM Man-In-The-Middle
NAN neighbourhood area network
OIP Optimal Inspection Point
PREP Path Reply
PMU Phasor Measurement Unit
PHEV Plug-in Hybrid Electric Vehicles
PREQ Proactive Path Request
PUF Physically Unclonable Function
PLC PowerLine Communication
PKI Public Key Infrastructure
RFID Radio Frequency Identification
RTU Remote Terminal Units
SG, SM Smart Grid and Smart meter
SMI Smart Metering Infrastructure
SCADA Supervisory Control And Data Acquisition
SVM Support Vector Machine
TLS Transport Layer Security
TTP, TRE Trusted Third Party, and Remote Entity
TPM, TU Trusted Platform Module, Transmission Unit
US-CERT United State Computer Emergency Readiness Team
VPN Virtual Private Network
WSN Wireless Sensor Network
3
TABLE II
COMPARISON WITH OTHER SURVEYS
Security
issue
Privacy
issue
Real attack
incidents
Threat-I Threat-II Threat-III
Pros of
countermeasures
Cons of
countermeasures
Paper covered
[24]
√
ND ND
√
ND ND
√
ND 2008–2012
[21]
√ √
ND
√
LD LD
√
ND 2010–2014
[25]
√ √
ND LD LD LD
√
ND 2010–2016
[2] ND ND ND ND ND ND ND ND 2008–2015
[26]
√
ND ND
√
ND ND
√
ND 2009–2016
[23]
√
ND LD LD
√ √ √
2007–2014
[27] ND
√
ND ND ND LD
√
ND 2008–2015
[28]
√ √
ND LD LD LD
√
ND 2007–2014
[29] LD LD ND LD ND LD
√
ND 2010–2015
[17] LD LD ND LD LD LD LD ND 2010–2018
Ours
√ √ √ √ √ √ √ √
2010–2018
Threat-I: Threats to system level security; Threat-II: Threats or Theft via services; Threat-III: Threats to privacy;
√
- Detailed Discussion; LD - Limited
Discussion; ND - No Discussion
Tan et al. discussed security advances in SG over the period
of 2010 – 2015 [25]. The authors covered the data driven
approaches, e.g., data generation security, data acquisition
security, data storage security, data processing security and
security analytics in the SG networks. They thoroughly ana-
lyzed the suitability of various security analytics techniques,
e.g., statistical methods, data mining and visualization. These
techniques can be employed in data analytics to ensure security
of the SG networks. However, Tan et al. did not consider
whether the proposed techniques have negative implications
and other complexities from the viewpoint of the SG networks.
In [2], the authors surveyed smart electicity meter data
intelligence techniques for future energy systems. Alakhakoon
and Yu first discussed the key aspects of the smart metering
process, and the interest of different stakeholders. The authors
then briefly discussed the smart metering tools, including sup-
port vector machine, and fuzzy logic. These tools can be used
to achieve metering intelligence, and to support stakeholder
applications, e.g., consumer profiling and load forecasting. The
security and privacy issues were briefly discussed in the paper,
but they were not the main focus of the paper.
In 2016, He and Yan focused on the cyber physical attacks
in the SG [26]. Similar to Wang-Lu’s survey, the authors
discussed the attack scenarios on the energy generation, trans-
mission, distribution, and electricity markets. In addition, the
authors pointed out some of the significant defence mech-
anisms including protection, detection and mitigation. The
survey does not provide details (e.g., pros and cons) of the
defence techniques.
In 2018, Stellios et al. [30] discussed the Internet of Things
(IoT) enabled cyberattacks in several critical infrastructures
(CIs), e.g., industry, smart grid, transportation, and healthcare.
The authors modeled a threat vector that can be used against
IoT devices. The threat vector includes critical IoT enabled
attacks and verified attacks in the CI systems. In addition, the
paper pointed out the hidden IoT enabled attack paths in CIs
and services. The authors discussed very detailed cyberattacks
in CIs. However, descriptions of their mitigations and solutions
are at a high level.
Privacy: Finster and Baumgart conducted a survey on
privacy-aware smart metering [23]. The authors first formu-
lated significant problems concerning privacy in smart meter-
ing: (i) metering for billing, and (ii) metering for operations.
Furthermore, they discussed several countermeasures, such as
billing via trusted party, cryptography, anonymization, and
aggregation in order to provide data privacy to the consumers.
The paper includes threats and schemes that were published
mainly over the period from 2007 to 2014.
Another work focused on the shortcomings of smart meter
data privacy and their solutions [27]. The survey covered
the following use cases: (i) billing, (ii) operations, and (iii)
value-added services. The authors mainly covered the research
results from 2008 to 2015. In addition, the authors in [23] and
[27] mainly discussed privacy concerns without considering
insecure networks. For instance, as the smart meter data
travels through insecure networks, consumers’ privacy can be
breached at network level. In addition, the detailed security
issues are not the scope of both surveys.
In 2014, Mohassel et al. presented a survey on advanced
metering infrastructure (AMI) [28]. They discussed the basic
concepts of AMI and briefly presented the physical and cyber
security challenges including privacy. The paper addressed
limited but significant security and privacy requirements in the
AMI network. However, the authors neither included detailed
threat model and discussion on the state-of-the-art security
schemes nor presented the privacy-preserving schemes. In
the same vein (in 2016), Yasin presented a survey on smart
metering and SG communication [29]. However, the survey
papers presented in [28] [29] mainly focus the literature
published from 2008 to 2014. In 2018, Wang et al. presented
a review of smart meter data analytics, methodologies and
challenges in many of smart metering key applications [17].
However, security and privacy issues are not the main goal of
the review paper.
B. Comparison with our survey
The previous surveys have their own advantages. Some of
the work presented in [21], [25], [26], and [30] categorized
many of security issues, for instance smart grid to home and
vice versa, security analytics, physical and cybersecurity, and
IoT enabled attacks in CIs, respectively, in SG. None of the
existing survey covers recent real-time attack incidents on the
4
energy networks, except the work presented in [30]. Other
works [23], [27] and [28] focus on privacy in SG metering net-
works and present high level solutions with limited analysis. In
contrast to the existing survey papers, this survey provides up-
to-date activities of rapidly advancing research on SG metering
network security and privacy. Moreover, most of the existing
survey papers do not consider the detailed threat taxonomy by
categorizing it in terms of (i) threats to system level security,
(ii) threats and/or theft via services, and (iii) threats to privacy.
Moreover, we have pointed out various security and privacy
requirements that can be considered from the very beginning
of the SG metering network design. In addition, this survey
provides an analysis of previously published schemes which
are proposed as the security and privacy countermeasures,
and includes their pros and cons. Table II summarized a
comparison between the existing survey papers and our paper.
C. Our Contribution
Our work makes the following new contributions:
• A comprehensive view of security and privacy con-
cerns: Security and privacy are relevant albeit indepen-
dent concerns in the SG metering network. We discuss the
relationship between security and privacy in SG metering
networks. By providing such a comprehensive view, we
aim to shed light on how a SG security protocol can be
designed with regard to these respective concerns.
• Detailed taxonomy of SG attacks: We provide a de-
tailed and hierarchical taxonomy of SG metering attacks,
considering the attack surface of SG communication and
the attack intentions. The taxonomy includes the most
up-to-date literature to the best of our knowledge.
• A comprehensive study for security and privacy goals
and corresponding solutions: We summarize several
security and privacy goals in SG metering networks.
In addition, we provide comprehensive reviews on var-
ious existing solutions (with their pros and cons) which
claimed to address different security and privacy goals.
• Future research directions: Based on our study, we
identify further research problems to be addressed, along
with their early solutions and future directions.
D. Organisation of the paper
The overall organisation of this paper is shown in Fig. 2. To
facilitate the discussion (in Section III – X), we summarize the
background of SG metering network in Section II. In Section
III, discusses real attack incidents on the energy networks
and smart metering networks. These incidents reveal the lack
of adequate protection in SG metering networks. To explore
the security and privacy issues, we define a threat model
and a threat taxonomy that aim to understand several threats
in SG networks in Section IV.A, Section IV.B, respectively.
Then following the extensive literature from the industry and
academia, Section IV.C defines the principal security and
privacy requirements for SG metering networks. Based on
Section IV, we broadly explore the threat taxonomy (i.e.,
threats to system level security, threats to services and threats
I. Introduction
Problem statement
II. Background
SG metering network
IV. Threat modeling, taxonomy, security and
privacy goals
Briefly present real attack incidents, and define
threat model, taxonomy, and security & privacy
goals in SG metering network
III. Real attack incidents
V. Threats to
system level security
VI. Threats to
Services
VII. Threats to
privacy
VIII. Mitigations to
system level security
IX. Mitigations to
Services
X. Mitigations to
privacy
Detailed threats taxonomy, and state of the art
countermeasures with pros and cons in SG
metering network
XI. Future directions XII. Conclusions
Threats &
solutions
Threats &
solutions
Threats &
solutions
Fig. 2. Overall organisation of the survey paper.
to privacy) in SG metering network in Section V – VII.
Following Section V – VII, we provide comprehensive reviews
of various schemes (with their pros and cons) that have
been proposed to enhance security in the SG networks, while
maintaining privacy in Section VIII – X. In Section XI, we
discuss open (research) issues that need to be explored for the
future directions and conclusions are drawn in Section XII.
II. BACKGROUND OF SMART GRID METERING NETWORKS
The overall success of a SG and its emerging paradigms
are mainly fostered by the advanced metering infrastructure
(AMI) or smart metering infrastructure (SMI). Note that AMI
and SMI are used interchangeably. The SMI not only improves
the value added services for the customers, but also develops
the remote control functionality from the utility side (i.e.,
control center) to smart meters. Moreover, the SMI could lead
the opportunities to make plug-in hybrid electric vehicles to
vehicle-to-grid application as the distributed renewable energy
sources. As shown in Fig. 3, the SG metering network is a wide
network and it consists of several technologies, as follows.
A. Smart Meter – Consumer side
The SG is assumed to be incorporated with a variety of
smart functionalities, e.g., dynamic pricing, demand response,
outage notification, power connect/disconnect, theft detection,
communication with other smart devices and so on [32] [28].
To accomplish these functionalities, a smart meter plays one
of the important roles. Note that the SMI is not only limited
to smart electricity meters, but it also includes smart gas
and water meters. A smart meter is typically installed at the
![Fig. 1. A high-level conceptual model of the SG [8] [9] [10].](/figures/fig-1-a-high-level-conceptual-model-of-the-sg-8-9-10-2w893tbn.webp)
![TABLE IV LATENCY ASSOCIATED WITH APPLICATIONS [80]](/figures/table-iv-latency-associated-with-applications-80-3cxwzyjc.webp)
