Towards a framework for engineering smart-grid-specific privacy requirements

Privacy has become a critical topic in the engineering of electric systems. This work proposes an approach for smart-grid-specific privacy requirements engineering by extending previous general privacy requirements engineering frameworks. The proposed extension goes one step further by focusing on privacy in the smart grid. An alignment of smart grid privacy requirements, dependability issues and privacy requirements engineering methods is presented. Starting from this alignment a Threat Tree Analysis is performed to obtain a first set of generic, high level privacy requirements. This set is formulated mostly on the data instead of the information level and provides the basis for further project-specific refinement.

[1]  A. Cavoukian,et al.  SmartPrivacy for the Smart Grid: embedding privacy into the design of electricity conservation , 2010 .

[2]  Stephen B. Wicker,et al.  Privacy-Aware Design Principles for Information Networks , 2011, Proceedings of the IEEE.

[3]  Mathias Uslar,et al.  Requirements for Smart Grid ICT-architectures , 2012, 2012 3rd IEEE PES Innovative Smart Grid Technologies Europe (ISGT Europe).

[4]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[5]  G. W. Hart,et al.  Nonintrusive appliance load monitoring , 1992, Proc. IEEE.

[6]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[7]  Frank Pallas Smart Grid Information Security and Privacy , 2014 .

[8]  E. Quinn Privacy and the New Energy Infrastructure , 2009 .

[9]  Dominik Engel,et al.  Wavelet-based load profile representation for smart meter privacy , 2013, 2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT).

[10]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[11]  Kristian Beckers,et al.  Comparing Privacy Requirements Engineering Approaches , 2012, 2012 Seventh International Conference on Availability, Reliability and Security.

[12]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[13]  Georgios Kalogridis,et al.  Smart Grid Privacy via Anonymization of Smart Metering Data , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[14]  Fernando Pérez-González,et al.  Privacy-preserving data aggregation in smart metering systems: an overview , 2013, IEEE Signal Processing Magazine.

[15]  M. Lisovich,et al.  Privacy Concerns in Upcoming Residential and Commercial Demand-Response Systems , 2008 .

[16]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[17]  Maritta Heisel,et al.  A comparison of security requirements engineering methods , 2010, Requirements Engineering.

[18]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.