Security and Privacy in Smart Grid Demand Response Systems

Abstract

Various research efforts have focussed on the security and privacy concerns arising from the introduction of smart energy meters. However, in addition to smart metering, the ultimate vision of the smart grid includes bi-directional communication between consumers and suppliers to facilitate certain types of Demand Response (DR) strategies such as demand bidding (DR-DB). In this work we explore the security and privacy implications arising from this bi-directional communication. This paper builds on the preliminary work in this field to define a set of security and privacy goals for DR systems and to identify appropriate and realistic adversary models. We use these adversary models to analyse a DR-DB system, based on the Open Automated Demand Response (OpenADR) specifications, in terms of the security and privacy goals. Our analysis shows that whilst the system can achieve the defined security goals, the current system architecture cannot achieve the privacy goals in the presence of honest-but-curious adversaries. To address this issue, we present a preliminary proposal for an enhanced architecture which includes a trusted third party based on approaches and technologies from the field of Trusted Computing.