Abstract
Analysing data acquired from one or more buildings (through specialist sensors, energy generation capability such as PV panels or smart meters) via a cloud-based Local Energy Management System (LEMS) is increasingly gaining in popularity. In a LEMS, various smart devices within a building are monitored and/or controlled to either investigate energy usage trends within a building, or to investigate mechanisms to reduce total energy demand. However, whenever we are connecting externally monitored/controlled smart devices there are security and privacy concerns. We describe the architecture and components of a LEMS and provide a survey of security and privacy concerns associated with data acquisition and control within a LEMS. Our scenarios specifically focus on the integration of Electric Vehicles (EV) and Energy Storage Units (ESU) at the building premises, to identify how EVs/ESUs can be used to store energy and reduce the electricity costs of the building. We review security strategies and identify potential security attacks that could be carried out on such a system, while exploring vulnerable points in the system. Additionally, we will systematically categorize each vulnerability and look at potential attacks exploiting that vulnerability for LEMS. Finally, we will evaluate current counter measures used against these attacks and suggest possible mitigation strategies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ashton, K.: That ‘internet of things’ thing. RFiD J. 22(7), 97–114 (2009)
Barcena, M.B., Wueest, C.: Insecurity in the internet of things. In: Security Response, Symantec (2015)
Bera, S., Misra, S., Rodrigues, J.J.: Cloud computing applications for smart grid: a survey. IEEE Trans. Parallel Distrib. Syst. 26(5), 1477–1494 (2015)
Bhattasali, T., Chaki, R., Sanyal, S.: Sleep deprivation attack detection in wireless sensor network. arXiv preprint arXiv:1203.0231 (2012)
Diaz-Montes, J., AbdelBaky, M., Zou, M., Parashar, M.: CometCloud: enabling software-defined federations for end-to-end application workflows. IEEE Internet Comput. 19(1), 69–73 (2015)
Diaz-Montes, J., Xie, Y., Rodero, I., Zola, J., Ganapathysubramanian, B., Parashar, M.: Exploring the use of elastic resource federations for enabling large-scale scientific workflows. In: Proceedings of Workshop on Many-Task Computing on Clouds, Grids, and Supercomputers (MTAGS), pp. 1–10 (2013)
Dierks, T.: The transport layer security (TLS) protocol version 1.2 (2008)
Dlamini, M., Eloff, M., Eloff, J.: Internet of things: emerging and future scenarios from an information security perspective. In: Southern Africa Telecommunication Networks and Applications Conference (2009)
Falk, R., Fries, S.: Managed certificate whitelisting-a basis for internet of things security in industrial automation applications. In: SECURWARE 2014, p. 178 (2014)
Farooq, M., Waseem, M., Khairi, A., Mazhar, S.: A critical analysis on the security concerns of internet of things (IoT). Int. J. Comput. Appl. 111(7), 1–6 (2015)
Fossati, T., Tschofenig, H.: Transport layer security (TLS)/datagram transport layer security (DTLS) profiles for the internet of things. Transport (2016)
Frier, A., Karlton, P., Kocher, P.: The ssl 3.0 protocol, vol. 18, p.2780. Netscape Communications Corporation (1996)
Garcia-Morchon, O., Kumar, S., Struik, R., Keoh, S., Hummen, R.: Security considerations in the IP-based internet of things (2013)
Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S.L., Kumar, S.S., Wehrle, K.: Security challenges in the IP-based internet of things. Wirel. Personal Commun. 61(3), 527–542 (2011)
Hummen, R., Wirtz, H., Ziegeldorf, J.H., Hiller, J., Wehrle, K.: Tailoring end-to-end IP security protocols to the internet of things. In: 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–10. IEEE (2013)
Jha, A., Sunil, M.: Security considerations for internet of things. L&T Technology Services (2014)
Ji, L., Lifang, W., Li, Y.: Cloud service based intelligent power monitoring and early-warning system. In: Innovative Smart Grid Technologies-Asia (ISGT Asia), pp. 1–4. IEEE (2012)
Jing, Q., Vasilakos, A.V., Wan, J., Lu, J., Qiu, D.: Security of the internet of things: perspectives and challenges. Wirel. Netw. 20(8), 2481–2501 (2014)
Kasinathan, P., Pastrone, C., Spirito, M.A., Vinkovits, M.: Denial-of-service detection in 6LoWPAN based internet of things. In: IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 600–607. IEEE (2013)
Kim, H., Kim, Y.-J., Yang, K., Thottan, M.: Cloud-based demand response for smart grid: architecture and distributed algorithms. In: IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 398–403. IEEE (2011)
Krishnaswami, J.: Denial-of-service attacks on battery-powered mobile computers. Ph.D. thesis, Virginia Polytechnic Institute and State University (2004)
Laustsen, J.: Energy efficiency requirements in building codes, energy efficiency policies for new buildings. Int. Energy Agency (IEA) 2, 477–488 (2008)
Li, X., Lo, J.-C.: Pricing and peak aware scheduling algorithm for cloud computing. In: Innovative Smart Grid Technologies (ISGT), IEEE PES, pp. 1–7. IEEE (2012)
Li, X., Lu, R., Liang, X., Shen, X.: Side channel monitoring: packet drop attack detection in wireless ad hoc networks. In: IEEE International Conference on Communications (ICC), pp. 1–5. IEEE (2011)
Li, X., Lu, R., Liang, X., Shen, X., Chen, J., Lin, X.: Smart community: an internet of things application. IEEE Commun. Mag. 49(11) (2011)
Li, Z., Parashar, M.: A computational infrastructure for grid-based asynchronous parallel applications. In: Proceedings of the 16th International Symposium on High Performance Distributed Computing, pp. 229–230. ACM (2007)
Lin, X., Lu, R., Shen, X., Nemoto, Y., Kato, N.: SAGE: a strong privacy-preserving scheme against global eavesdropping for eHealth systems. IEEE J. Sel. Areas Commun. 27(4), 365–378 (2009)
Maheshwari, K., Lim, M., Wang, L., Birman, K., van Renesse, R.: Toward a reliable, secure and fault tolerant smart grid state estimation in the cloud. In: Innovative Smart Grid Technologies (ISGT), IEEE PES, pp. 1–6. IEEE (2013)
Mayer, C.P.: Security and privacy challenges in the internet of things. Electron. Commun. EASST 17, 1–12 (2009)
Montes, J.D., Zou, M., Singh, R., Tao, S., Parashar, M.: Data-driven workflows in multi-cloud marketplaces. In: IEEE 7th International Conference on Cloud Computing, pp. 168–175. IEEE (2014)
Moonsamy, V., Batten, L.: Mitigating man-in-the-middle attacks on smartphones-a discussion of SSL pinning and DNSSec. In: Proceedings of the 12th Australian Information Security Management Conference, pp. 5–13. Edith Cowan University (2014)
University of Waikato: Weka 3 - data mining with open source machine learning software in Java (2017). http://www.cs.waikato.ac.nz/ml/weka/. Accessed 13 Jan 2017
OWASP: Man-in-the-middle attack (2016). https://www.owasp.org/index.php/Man-in-the-middle_attack/. Accessed 18 Apr 2016
Pérez-Lombard, L., Ortiz, J., Pout, C.: A review on buildings energy consumption information. Energy Build. 40(3), 394–398 (2008)
Perrig, A., Stankovic, J., Wagner, D.: Security in wireless sensor networks. Commun. ACM 47(6), 53–57 (2004)
Pirretti, M., Zhu, S., Vijaykrishnan, N., McDaniel, P., Kandemir, M., Brooks, R.: The sleep deprivation attack in sensor networks: analysis and methods of defense. Int. J. Distrib. Sens. Netw. 2(3), 267–287 (2006)
Poslad, S., Hamdi, M., Abie, H.: Adaptive security and privacy management for the internet of things (ASPI 2013). In: Proceedings of the 2013 ACM Conference on Pervasive and Ubiquitous Computing Adjunct Publication, pp. 373–378. ACM (2013)
United Nations Environment Programme: Why buildings (2016). http://www.unep.org/sbci/AboutSBCI/Background.asp. Accessed 11 Jan 2017
Rajeev, T., Ashok, S.: A cloud computing approach for power management of microgrids. In: Innovative Smart Grid Technologies-India (ISGT India), IEEE PES, pp. 49–52. IEEE (2011)
Raymond, D.R., Midkiff, S.F.: Denial-of-service in wireless sensor networks: attacks and defenses. IEEE Pervasive Comput. 7(1), 74–81 (2008)
Raza, S., Wallgren, L., Voigt, T.: SVELTE: real-time intrusion detection in the internet of things. Ad Hoc Netw. 11(8), 2661–2674 (2013)
Saxena, M.: Security in wireless sensor networks-a layer based classification. Department of Computer Science, Purdue University (2007)
Simmhan, Y., Aman, S., Kumbhare, A., Liu, R., Stevens, S., Zhou, Q., Prasanna, V.: Cloud-based software platform for big data analytics in smart grids. Comput. Sci. Eng. 15(4), 38–47 (2013)
Simmhan, Y., Kumbhare, A.G., Cao, B., Prasanna, V.: An analysis of security and privacy issues in smart grid software architectures on clouds. In: IEEE International Conference on Cloud Computing (CLOUD), pp. 582–589. IEEE (2011)
Stajano, F., Anderson, R.: The resurrecting duckling: security issues for ubiquitous computing. Computer 35(4), supl22–supl26 (2002)
Suo, H., Wan, J., Zou, C., Liu, J.: Security in the internet of things: a review. In: International Conference on Computer Science and Electronics Engineering (ICCSEE), vol. 3, pp. 648–651. IEEE (2012)
Tang, L., Li, J., Wu, R.: Synergistic model of power system cloud computing based on mobile-agent. In: 3rd IEEE International Conference on Network Infrastructure and Digital Content (IC-NIDC), pp. 222–226. IEEE (2012)
Ugale, B.A., Soni, P., Pema, T., Patil, A.: Role of cloud computing for smart grid of India and its cyber security. In: Nirma University International Conference on Engineering (NUiCONE), pp. 1–5. IEEE (2011)
Wang, Y., Attebury, G., Ramamurthy, B.: A survey of security issues in wireless sensor networks (2006)
Wang, Y., Deng, S., Lin, W.-M., Zhang, T., Yu, Y.: Research of electric power information security protection on cloud security. In: International Conference on Power System Technology (POWERCON), pp. 1–6. IEEE (2010)
Wen, M., Lu, R., Zhang, K., Lei, J., Liang, X., Shen, X.: PaRQ: a privacy-preserving range query scheme over encrypted metering data for smart grid. IEEE Trans. Emerg. Top. Comput. 1(1), 178–191 (2013)
Weng, T., Agarwal, Y.: From buildings to smart buildings—sensing and actuation to improve energy efficiency. IEEE Des. Test 29(4), 36–44 (2012)
Wijayasekara, D., Linda, O., Manic, M., Rieger, C.: Mining building energy management system data using fuzzy anomaly detection and linguistic descriptions. IEEE Trans. Ind. Inform. 10(3), 1829–1840 (2014)
Yang, C.-T., Chen, W.-S., Huang, K.-L., Liu, J.-C., Hsu, W.-H., Hsu, C.-H.: Implementation of smart power management and service system on cloud computing. In: 9th International Conference on Ubiquitous Intelligence & Computing and 9th International Conference on Autonomic & Trusted Computing (UIC/ATC), pp. 924–929. IEEE (2012)
Zanella, A., Bui, N., Castellani, A., Vangelista, L., Zorzi, M.: Internet of things for smart cities. IEEE Internet Things J. 1(1), 22–32 (2014)
Zhang, K., Liang, X., Lu, R., Shen, X.: Sybil attacks and their defenses in the internet of things. IEEE Internet Things J. 1(5), 372–383 (2014)
Zhang, Y.: Technology framework of the internet of things and its application. In: International Conference on Electrical and Control Engineering (ICECE), pp. 4109–4112. IEEE (2011)
Zhao, K., Ge, L.: A survey on the internet of things security. In: 9th International Conference on Computational Intelligence and Security (CIS), pp. 663–667. IEEE (2013)
Zia, T., Zomaya, A.: Security issues in wireless sensor networks. In: International Conference on Systems and Networks Communications (ICSNC 2006), p. 40. IEEE (2006)
Acknowledgment
This work was carried out in the InnovateUK/EPSRC-funded “Ebbs and Flows of Energy Systems” (EFES) project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Anthi, E., Javed, A., Rana, O., Theodorakopoulos, G. (2018). Secure Data Sharing and Analysis in Cloud-Based Energy Management Systems. In: Longo, A., et al. Cloud Infrastructures, Services, and IoT Systems for Smart Cities. IISSC CN4IoT 2017 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 189. Springer, Cham. https://doi.org/10.1007/978-3-319-67636-4_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-67636-4_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67635-7
Online ISBN: 978-3-319-67636-4
eBook Packages: Computer ScienceComputer Science (R0)