Home Authors Posts by SEIDO LAB



Ziad Ismaïl, Jean Leneutre, David Bateman, Lin Chen

Proceedings of the 16th International Symposium on High Assurance Systems Engineering (IEEE). Jan. 2015.
DOI: 10.1109/HASE.2015.24

Abstract: The communication infrastructure is a key element for management and control of the power system in the smart grid. The communication infrastructure, which can include equipment using off-the-shelf vulnerable operating systems, has the potential to increase the attack surface of the power system. The interdependency between the communication and the power system renders the management of the overall security risk a challenging task. In this paper, we address this issue by presenting a mathematical model for identifying and hardening the most critical communication equipment used in the power system. Using non-cooperative game theory, we model interactions between an attacker and a defender. We derive the minimum defense resources required and the optimal strategy of the defender that minimizes the risk on the power system. Finally, we evaluate the correctness and the efficiency of our model via a case study.

Rim Kaddah, Daniel Kofman, Michal Pioro

Proceedings of the International Workshop on Intelligent Energy Systems (IEEE). Oct. 2014.
DOI: 10.1109/IWIES.2014.6957044

Abstract: We consider demand response solutions having the capability to monitor different variables at users’ premises, like presence and temperature, and to control individual appliances. We focus on the optimal control of the appliances during time periods where the available capacity is not enough to satisfy the demand generated by houses operating freely. We propose an approach to define the utility of appliances as a function of monitored variables, as well as control schemes to optimize this utility. Global optimums can be reached when a centralized entity (i.e., an aggregator) can gather information from each user and control each individual appliance. This may not be always possible, for example for privacy and/or scalability reasons. We therefore consider, in addition, a system where decisions are taken partially at a centralized site (global power allocation per home) and partially at customer premises (sharing of the allocated power among local appliances). Performances of proposed control mechanisms are evaluated and compared. We show the potential value of introducing demand response mechanisms at fine granularity.

0 1591
Ziad Ismaïl, Jean Leneutre, David Bateman, Lin Chen

Journal on Selected Areas in Communications (IEEE). Pages: 1486-1499, Volume: 32, Issue: 7, Jul. 2014.

Abstract: The widespread deployment of smart meters in the advanced metering infrastructure (AMI) raises privacy concerns. Analyzing the data collected from smart meters can expose habits and can be potentially used to predict consumers’ behaviors. In this paper, we analyze the confidentiality of information in the AMI consisting of nodes with interdependent correlated security assets. On each node, the defender can choose one of several security modes available. We try to answer the following questions: 1) What is the expected behavior of a rational attacker?; 2) What is the optimal strategy of the defender?; and 3) Can we configure the security modes on each node to discourage the attacker from launching any attacks? In this paper, we formulate the problem as a noncooperative game and analyze the behavior of the attacker and the defender at the Nash equilibrium. The attacker chooses his targets in order to collect the maximum amount of data on consumers, and the defender chooses the encryption level of outbound data on each device in the AMI. Using our model, we derive the minimum defense resources required and the optimal strategy of the defender. Finally, we show how our framework can be applied in a real-world scenario via a case study.

Rayhana Baghli, Bruno Traverson

Proceedings of the 2nd International Conference on Model-Driven Engineering and Software Development (SCITEPRESS). Jan. 2014.

Abstract: Business rules are defined, specified and validated by business experts but they are designed and implemented by technical implementers. Each of them uses languages adapted to their activity and skill. Verbalization of business rules permits to business experts to get a semi-natural expression of rules designed by technical implementers thus facilitating their task of validation. A transformation tool is proposed to automate verbalization and applied to OCL (Object Constraint Language) constraints in the Utility domain.