1
A Time-Sensitive Model for Data
Tampering Detection for the Advanced
Metering Infrastructure
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure 2
Smart Grids and Advance Metering Infrastructure
Smart Grids are modern power grids based on the integration of
cyber and physical systems that enable efficient transmission of
electricity, constant monitoring and self-healing properties in case of
failures.
The Advanced Metering Infrastructure is constituted by smart meters
and the communication infrastructure for dealing with bi-directional
communication between smart meters, service operators and energy
consumers/prosumers.
Smart meters are a central point for the provision of smart services
to energy consumers. However, the wide diffusion has also increased
several concerns for service operators.
3
Advance Metering Infrastructure - Diagram
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
Data Tampering Attacks
Data tampering activities are often referred to as false data injection attacks in
the context of cyber-physical security of the Smart Grid.
Attackers can change the smart meter measurements by either compromising the
hardware devices locally, injecting false data packets sent to control centers or by
changing data exchanged in other parts of the Smart Grids infrastructure.
Cyber and physical attacks can lead to some effects on power measurements
reported by smart meters. Compromissions can be both derived from physical or
cyber aspects connected to the Advance Metering Infrastructure.
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure 4
5
Data Tampering Attacks - Types
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
Cyber Physical Effect on Power
Measurements
Compromise meters
through remote network
exploit
Break into the meter Stop reporting entire
consumption
Modify the firmware/storage
on meters
Reverse the meter Remove large applicances
from measurement
Steal credentials to login to
meters
Disconnect the meter Cut the report by a given
percentage
Exhaust CPU/memory Physically extract the
password
Alter appliance load profile
to hide large loads
Intercept/alter
communications
Abuse optical port to gain
access to meters
Report zero consumption
Flood the NAN bandwidth Bypass meters to remove
loads from measurement
Report negative
consumption (act as a
generator)
Data - Statements
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure 6
7
Proposed Model for Data Tampering Detection
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
8
Proposed Model for Data Tampering Detection
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
Formal Results: Soundness, Completeness and Decidability
9
Proof of Concept
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
●
UMass Smart* Dataset (http://traces.cs.umass.edu/index.php/Smart/Smart)
●
Theoretical Proof of Concept
●
Practical Proof of Concept: HomeA-meter3_2016
●
Original Data from the dataset
●
“h” and “m” are extracted from the data
●
Simulated Data Injection Attack
●
“h” is equal to the mean plus three times the standard deviation
10
Proof of Concept – Theoretical Proof of Concept
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
11
Proof of Concept – Practical Proof of Concept
m="0.00010kW"
h="3.50000kW"
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
12
Proof of Concept – Simulated Data Injection Attack
m="0.00009kW"
h="0.66114kW"
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
13
Conclusion
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
●
The time-sensitive model allows for the detection of anomalies in energy
consumption from smart meters in the context of data tampering activities.
●
The model offers the tracking along the time dimension of these activities,
allowing for the flagging of irregularities that are sustained in time.
●
The model is able to detect any case of data tampering in smart meters, as it
would not automatically target any peak or valley in the consumption, but rather
those that prolong their existence over time.
●
The effectiveness of the model has been shown through a proof of concept,
both theoretically and based on a real dataset.
14
Future Works
A Time-Sensitive Model for Data Tampering Detection for the Advanced Metering Infrastructure
●
Implementation of an ontology and a semantic web reasoner based upon the
model described.
●
Testing within an anomaly detection framework, thus allowing more data to be
obtained for further validation.
●
Implementing the model in different domains like the communication solutions
that are readily available.
●
Modifying the model so the temporal dimension may be changed from a linear
one to a branching one.