Cybersecurity of Demand Side Management in the Smart Electricity Grid: Privacy Protection, Battery Capacity Sharing and Power Grid under Attac

The presented research investigates two areas in security of Demand Side Management (DSM) systems in Smart Grid including privacy aware energy storage management and risk assessment of cyber attack on DSM communication infrastructure.;The first topic studies the privacy-cost saving tradeoff of an in-home energy storage system in demand response for an individual user. DSM systems in the electricity grid, which rely on two way communication between the consumers and utility, require the transmission of instantaneous energy consumption to utilities. Perfect knowledge of a user's power consumption profile by a utility is a violation of privacy and can be detrimental to the successful implementation of demand response systems. It has been shown that an in-home energy storage system (such as a battery/inverter) that provides a viable means to achieve the cost savings of instantaneous electricity pricing without inconvenience can also be used to hide a user's power usage pattern. A fundamental tradeoff exists between the costs saved and the degree of privacy achievable, and in this work, the tradeoff achievable by a finite capacity battery assuming a zero tolerance for activity delay is studied using a Markov process model for user's demands and instantaneous electricity prices. Due to high computational complexity (continuous state-action space) of the stochastic control model, inner and upper bounds are presented on the optimal tradeoff. In particular, a class of battery charging policies based on minimizing "revealing states" is proposed to derive achievable privacy-cost savings tradeoffs. The performance of this algorithm is compared with inner bounds derived using a greedy heuristic and upper bounds derived using an information theoretic rate distortion approach. The framework proposed is shown to be applicable even when users only desire partial information protection such as presence/absence of activity or specific appliances they wish to hide.;The second topic studies the competitive energy storage sharing in demand response. Deregulated electricity markets with time varying electricity prices and opportunities for consumer cost mitigation makes energy storage such as a battery an attractive proposition. Sharing a large capacity battery across a group of homes in a community, can not only alleviate the economic deterrents but also exploit the fact that users' activity patterns do not necessarily overlap. However, battery sharing induces competition for battery capacity between the users in general as they may want to maximize their own cost savings by occupying more battery capacity when the electricity price is low. Importantly, users might have privacy concerns when they communicate with the shared battery controller. The privacy aware management of such a shared battery is the focus of this work. A game theoretical framework was proposed to capture the competitive behaviors of users sending messages through a communication network to an independent battery controller with an infinite horizon limiting average signaling game formulation. The privacy requirement serves as a constraint on messaging behaviors. The battery controller manages the charging and discharging based on the received, albeit incomplete, information transmission. With such a framework, we study the battery sharing when users are cooperative and completely private. When the privacy requirement is relaxed, the competitive behaviors of users sending messages to the battery controller is studied. A credit based battery management strategy is designed for the battery controller to ensure an equilibrium of the game and achieves the social optimality. However, the credit based battery management requires long time established observations and may also "coerce" users to share their energy demands accurately with the controller. We therefore, propose, a class of stationary suboptimal privacy preserving battery management strategy in which the message set being restricted to be completely private or partially private. In addition, we demonstrate that by changing the size of the message set, different pairs of preserved privacy and cost savings can be achieved. Through numerical simulations on real electricity pricing and usage data, we demonstrate the cost effectiveness of battery capacity sharing and the tradeoff between privacy preserving and cost mitigation using privacy preserving battery management strategy.;The third topic study the risk assessment of cyber attack on DSM system including economically motivated meter tampering and malicious cyber attack. Cyber-enabled Demand Side Management (DSM) plays a crucial role in smart grid by providing automated decision-making capabilities that selectively schedule loads on these local grids to improve power balance and grid stability. Security and reliability of the cyber infrastructure that enables DSM is therefore critical to ensuring reliability and safety in energy delivery systems. The DSM communication are usually built on Advanced Metering Infrastructure (AMI). However, by virtue of topological weaknesses, it is vulnerable to cyber attacks that are undetectable or stealthy. In this work, we investigate the topological vulnerabilities of DSM networks that could result in potential theft of electricity through hacked smart meters. In particular, a provably correct risk assessment protocol is proposed to identify completely the individual nodes in mesh network based AMIs that are potential targets of such economically motivated stealthy cyber attacks. The protocol proposed utilizes knowledge of the network topology and data obtained from existing system monitoring technologies. A case study is provided to demonstrate the protocol and its effectiveness. Another major challenge in DSM security is that the feedback mechanism in the load management may aggravate the impact of cyber attack on the DSM system. We investigate the behavior of such feedback loop under the intentional cyber attack and evaluate its potential risk of overloading the power grid components. In particular, a tight upper bound is provided to characterize the potential risk when a fixed portion of the controllable loads are compromised.