Securing the Home Energy Management Platform

Energy management in households gets increasingly more attention in the struggle to integrate more sustainable energy sources. Especially in the electrical system, smart grid systems are envisioned to be part in the efforts towards a better utilisation of the energy production and distribution infrastructure. The Home Energy Management System (HEMS) is a critical infrastructure component in this endeavour. Its main goal is to enable energy services utilising smart devices in the households based on the interest of the residential consumers and external actors. With the role of being both an essential link in the communication infrastructure for balancing the electrical grid and a surveillance unit in private homes, security and privacy become essential to address. In this chapter, we identify and address potential threats Home Energy Man‐ agement Platform (HEMP) developers should consider in the progress of designing architecture, selecting hardware and building software. Our approach starts with a general view of the involved stakeholders and the HEMS. Given the system over‐ view, a threat model is constructed from the HEMP developer's point of view. Based on the threats that have been detected, possible mitigation strategies are proposed taking into account the state of the art of technology for securing platforms.

[1]  N. Asokan,et al.  Mobile Platform Security , 2013, Mobile Platform Security.

[2]  Vijay Varadharajan,et al.  TrustLite: a security architecture for tiny embedded devices , 2014, EuroSys '14.

[3]  Kristian Beckers,et al.  A Threat Analysis Methodology for Smart Home Scenarios , 2014, SmartGridSec.

[4]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[5]  Yang Li,et al.  A Security Architecture in Cyber-Physical Systems: Security Theories, Analysis, Simulation and Application Fields , 2015 .

[6]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[7]  Ramesh Karri,et al.  Hardware and embedded security in the context of internet of things , 2013, CyCAR '13.

[8]  Rune Hylsberg Jacobsen,et al.  Infrastructure for Intelligent Automation Services in the Smart Grid , 2014, Wirel. Pers. Commun..

[9]  Dominik Engel,et al.  Evaluation of OSGi-based architectures for customer energy management systems , 2015, 2015 IEEE International Conference on Industrial Technology (ICIT).

[10]  Toke Haunstrup Christensen,et al.  Country-specific factors for the development of household smart grid solutions: Comparison of the electricity systems, energy policies and smart grid R&D and demonstration projects in Spain, Norway and Denmark , 2013 .

[11]  Ijeoma Onyeji,et al.  Consumer engagement: An insight from smart grid projects in Europe , 2013 .

[12]  Peter Palensky,et al.  Demand Side Management: Demand Response, Intelligent Energy Systems, and Smart Loads , 2011, IEEE Transactions on Industrial Informatics.

[13]  Nicolas Georay I-JVM: a Java Virtual Machine for Component Isolation in OSGi , 2009 .

[14]  William McKeever,et al.  Threat modeling for security assessment in cyberphysical systems , 2013, CSIIRW '13.

[15]  Michael Wagner,et al.  Security Architecture of the OGEMA 2.0 Home Energy Management System , 2013 .

[16]  Nada Golmie,et al.  NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 3.0 , 2014 .

[17]  Ahmad-Reza Sadeghi,et al.  TyTAN: Tiny trust anchor for tiny devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[18]  Rune Hylsberg Jacobsen,et al.  Consumer-Centric and Service-Oriented Architecture for the Envisioned Energy Internet , 2015, 2015 Euromicro Conference on Digital System Design.

[19]  James Newsome,et al.  Trustworthy Execution on Mobile Devices: What Security Properties Can My Mobile Platform Give Me? , 2012, TRUST.

[20]  Wouter Joosen,et al.  A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements , 2011, Requirements Engineering.

[21]  Andrew P. Martin,et al.  Hardware Security for Device Authentication in the Smart Grid , 2012, SmartGridSec.

[22]  Eric S. K. Yu,et al.  Towards modelling and reasoning support for early-phase requirements engineering , 1997, Proceedings of ISRE '97: 3rd IEEE International Symposium on Requirements Engineering.