Accueil Publications

Ziad Ismaïl, Jean Leneutre, David Bateman, Lin Chen

Book chapter in Game Theory for Security and Risk Management
Stefan Rass, Stefan Schauer (Editors)
ISBN 978-3-319-75268-6

Abstract: In complex interdependent systems, the interactions between the attacker and the defender play an important role in defining the optimal defense strategy. In this context, game theory offers a mathematical framework to study interactions between different players with the same or conflicting interests. For example, Law et al. [20] investigate false data injection attacks on the power grid and formulate the problem as a stochastic security game between an attacker and a defender. Amin et al. [21] present a framework to assess risks to cyber-physical systems when interdependencies between information and physical systems may result in correlated failures.

In this chapter, we address the issue of the security risk management of interdependent communication and electric infrastructures in the smart grid by proposing an analytical model for hardening security on critical communication equipment used to control the power grid. Using noncooperative game theory, we analyze the behavior of an attacker and a defender. The attacker tries to compromise communication equipment to cause the maximum impact on the power grid. On the other hand, the defender tries to protect the power system by hardening the security on communication equipment, while taking into account the existence of backup control equipment in the communication infrastructure. In [22] and [23], we proposed an analytical model based on game theory for optimizing the distribution of defense resources on communication equipment taking into account the interdependencies between electric and communication infrastructures and defined a methodology to assess some of the parameters of the model. In this chapter, we make a number of extensions to this model in an attempt to answer the following questions: Is security by obscurity a good strategy for the defender? Under which conditions can a player guarantee a certain payoff? How can we strategically assess the initial security risk on communication equipment? Is deception required from the part of the defender to better protect the system? As we will see, while some of these questions can be analyzed analytically in the general case, some answers to these questions are system dependent and will therefore be analyzed in the case study. Throughout this chapter, the communication system refers to the telecommunication infrastructure responsible of controlling and monitoring the electric system.

José Horta, Daniel Kofman, David Menga, Mathieu Caujolle

Proc. of the ACM e-Energy Conference, Karlsruhe, Germany, June 2018.
DOI: 10.1145/3208903.3208937

Abstract: The limited capacity of distribution grids for hosting renewable generation is one of the main challenges towards the energy transition. Local energy markets, enabling direct exchange of energy between prosumers, help to integrate the growing number of residential photovoltaic panels by scheduling flexible demand for balancing renewable energy locally. Nevertheless, existing scheduling mechanisms do not take into account the phases to which households are connected, increasing network unbalance and favoring bigger voltage rises/drops and higher losses. In this paper, we reduce network unbalance by leveraging market transactions information to dynamically allocate houses to phases using solid state switches. We propose cost effective mechanisms for the selection of households to switch and for their optimal allocation to phases. Using load flow analysis we show that only 6% of houses in our case studies need to be equipped with dynamic switches to counteract the negative impact of local energy markets while maintaining all the benefits. Combining local energy markets and dynamic phase switching we improve both overall load balancing and network unbalance, effectively augmenting DER hosting capacity of distribution grids.

Sawsan Al Zahr

[Invited paper] Proc. of the IEEE MENACOMM Confrence, Jounieh, Lebanon, Apr. 2018
DOI: 10.1109/MENACOMM.2018.8371044

Abstract: Along with the growing penetration of renewable energy sources, demand side management (DSM) is becoming a key component of future energy systems such as smart grids. DSM aims at balancing the demand for power with intermittent renewable energy sources such as wind and solar units. DSM deploys various mechanisms to influence customer’s capability and willingness to modify their power consumption according to the utility’s energy production and the distribution capacity. DSM aims at either saving energy in sustainable manner (i.e. energy response) or/and shifting the time of energy use to off-peak hours (i.e. demand response). Indeed, DSM does not necessarily reduce the total customer’s power consumption but reshapes consumption patterns. Hence, DSM is expected to reduce the need for investments in networks and power plants in order to meet peak demands. In this paper, we propose an advanced demand response (DR) solution for individual households. Considering a household equipped with various domestic loads, we aim at optimally scheduling the day-ahead power consumption under timevariable rates while taking advantage of modular and deferrable loads, e.g. electric vehicle. Our proposal is numerically illustrated through real-life scenarios, elaborated using an existing simulator of human behavior regarding power consumption.

Rayhana Bouali Baghli, Elie Najm, Bruno Traverson
Proc. of the 6th International Conference on Model-Driven Engineering and Software Development (MODELSWARD), Jan. 2018.

Abstract: In the context of the Internet of Things (IoT), it is necessary to design services that are loosely coupled to the objects on which they act. We call these loosely coupled services generic services. Based on a previous work that defines a three-levelled architecture for the IoT, we first propose a declarative approach to the design generic services for the IoT. Then, based on this declarative description, we define service orchestrators which are high level services that are able to manage access conflicts of services to connected objects. Next, we describe consistency rules to check validity of a generic service or an orchestrator. Finally, we illustrate our approach with use cases around services in a smart home.

Sawsan Al Zahr, Elias A. Doumith, Philippe Forestier

Proc. of the IEEE Globecom Confrence, Singapore, Singapore, Dec. 2017
DOI: 10.1109/GLOCOM.2017.8255068

Abstract: As the global energy policy is changing from a demand-driven to a supply-driven approach, demand side management (DSM) is becoming a key component of future energy systems. Indeed, it helps power grids’ operators to balance the demand for power with intermittent renewable energy sources such as wind and solar units. DSM consists in optimizing/adapting the power consumption to meet the production through various methods such as improving the energy efficiency by using better equipment and materials, implementing demand response (DR) solutions, etc. DSM mechanisms do not necessarily reduce the total power consumption, but reshape the consumption pattern. Hence, DSM is expected to reduce the need for investments in networks and power plants in order to meet peak demands. In this paper, we propose an advanced DR solution for individual households. Considering a household equipped with various domestic loads, we aim at optimally scheduling the day-ahead power consumption under time-variable rates while taking advantage of modular and deferrable loads, e.g., electric vehicle. For this purpose, we propose an exact approach to solve the problem of energy management within a household under both system’s and user’s constraints. Our proposal is numerically validated through real- life scenarios, elaborated using an existing simulator of human behavior regarding power consumption.

José Horta, Daniel Kofman, David Menga, Alonso Silva

Proc. of the IEEE Globecom Confrence, Singapore, Singapore, Dec. 2017
10.1109/SmartGridComm.2017.8340728

Abstract: Future electricity distribution grids will host a considerable share of variable renewable energy sources and local storage resources. Moreover, they will face new load structures due for example to the growth of the electric vehicle market. These trends raise the need for new paradigms for distribution grids operation, in which Distribution System Operators will increasingly rely on demand side flexibility and households will progressively become prosumers playing an active role on smart grid energy management. However, in present energy management architectures, the lack of coordination among actors limits the capability of the grid to enable the mentioned trends. In this paper we tackle this problem by proposing an architecture that enables households to autonomously exchange energy blocks and flexibility services with neighbors, operators and market actors. The solution is based on a blockchain transactive platform. We focus on a market application, where households can trade energy with their neighbors, aimed to locally balancing renewable energy production. We propose a market mechanism and dynamic transport prices that provide an incentive for households to locally manage energy resources in a way that responds to both prosumer and operator needs. We evaluate the impact of such markets through comprehensive simulations using power flow analysis and realistic load profiles, providing valuable insight for the design of appropriate mechanisms and incentives.

Rayhana Bouali Baghli, Elie Najm, Bruno Traverson

Proceedings of the 20th International Enterprise Distributed Object Computing Workshop (IEEE). Sep. 2016
DOI: 10.1109/EDOCW.2016.7584391

Abstract: We propose a data-centric three leveled modeling architecture in an effort towards a Model Driven approach of services for the Internet of Things (IoT): a resources level, an artifacts level and a semantic level. In this architecture, the resources level abstracts all important pieces of information describing real objects as resources. The artifacts level allows to collect all objects and contexts information necessary for the execution of a given service. The semantic level introduces semantic notions to the architecture. So, data and actions are named in a standardized naming and the rules facilitate the interaction of the system with the non-expert users. We illustrate our architecture on a small example in which we present all three levels.

Ziad Ismaïl, Christophe Kiennert, Jean Leneutre, Lin Chen

Transactions on Information Forensics and Security (IEEE). Pages: 1685-1699, Volume: 11, Issue: 8, , Aug. 2016.
DOI:10.1109/TIFS.2016.2549002

Abstract: The new developments in cloud computing have introduced significant security challenges to guarantee the confidentiality, integrity, and availability of outsourced data. A service level agreement (SLA) is usually signed between the cloud provider (CP) and the customer. For redundancy purposes, it is important to verify the CP’s compliance with data backup requirements in the SLA. There exist a number of security mechanisms to check the integrity and availability of outsourced data. This task can be performed by the customer or be delegated to an independent entity that we will refer to as the verifier. However, checking the availability of data introduces extra costs, which can discourage the customer of performing data verification too often. The interaction between the verifier and the CP can be captured using game theory in order to find an optimal data verification strategy. In this paper, we formulate this problem as a two player non-cooperative game. We consider the case in which each type of data is replicated a number of times, which can depend on a set of parameters including, among others, its size and sensitivity. We analyze the strategies of the CP and the verifier at the Nash equilibrium and derive the expected behavior of both the players. Finally, we validate our model numerically on a case study and explain how we evaluate the parameters in the model.

Jose Horta, Daniel Kofman, David Menga. Télécom ParisTech ISBN 2016D002 Feb. 2016.

Abstract: The electricity distribution grid was not designed to cope with load dynamics imposed by high penetration of electric vehicles, neither to deal with the increasing deployment of distributed Renewable Energy Sources. Distribution System Operators (DSO) will increasingly rely on flexible Distributed Energy Resources (flexible loads, controllable generation and storage) to keep the grid stable and to ensure quality of supply. In order to properly integrate demand-side flexibility, DSOs need new energy management architectures, capable of fostering collaboration with wholesale market actors and prosumers. We propose the creation of Virtual Distribution Grids (VDG) over a common physical infrastructure, to cope with heterogeneity of resources and actors, and with the increasing complexity of distribution grid management and related resources allocation problems. Focusing on residential VDG, we propose an agent-based hierarchical architecture for providing Demand Side
Management services through a market-based approach, where households transact their surplus/lack of energy and their flexibility with neighbours, aggregators, utilities and DSOs. For implementing the overall solution, we consider fine-grained control of smart homes based on Internet of Things technology. Homes seamlessly transact self-enforcing smart contracts over a blockchain-based generic platform. Finally, we extend the architecture to solve existing problems on smart home control, beyond energy management.

Joel Mathias, Rim Kaddah, Ana Bušić, Sean Meyn

Proceeddings of the 49th Hawaii International Conference on Systems Sciences (IEEE). Mar. 2016.
DOI: 10.1109/HICSS.2016.312

Abstract: In discussions at the 2015 HICSS meeting, it was argued that loads can provide most of the ancillary services required today and in the future. Through load-level and grid-level control design, high-quality ancillary service for the grid is obtained without impacting quality of service delivered to the consumer. This approach to grid regulation is called demand dispatch: loads are providing service continuously and automatically, without consumer interference. In this paper we ask, what intelligence is required at the grid-level? In particular, does the grid-operator require more than one-way communication to the loads? Our main conclusion: risk is not great in lower frequency ranges, e.g., PJM’s RegA or BPA’s balancing reserves. In particular, ancillary services from refrigerators and pool-pumps can be obtained successfully with only one-way communication. This requires intelligence at the loads, and much less intelligence at the grid level.