Home Publications

0 1586
Jose Horta, Daniel Kofman, David Menga. Télécom ParisTech ISBN 2016D002 Feb. 2016.

Abstract: The electricity distribution grid was not designed to cope with load dynamics imposed by high penetration of electric vehicles, neither to deal with the increasing deployment of distributed Renewable Energy Sources. Distribution System Operators (DSO) will increasingly rely on flexible Distributed Energy Resources (flexible loads, controllable generation and storage) to keep the grid stable and to ensure quality of supply. In order to properly integrate demand-side flexibility, DSOs need new energy management architectures, capable of fostering collaboration with wholesale market actors and prosumers. We propose the creation of Virtual Distribution Grids (VDG) over a common physical infrastructure, to cope with heterogeneity of resources and actors, and with the increasing complexity of distribution grid management and related resources allocation problems. Focusing on residential VDG, we propose an agent-based hierarchical architecture for providing Demand Side
Management services through a market-based approach, where households transact their surplus/lack of energy and their flexibility with neighbours, aggregators, utilities and DSOs. For implementing the overall solution, we consider fine-grained control of smart homes based on Internet of Things technology. Homes seamlessly transact self-enforcing smart contracts over a blockchain-based generic platform. Finally, we extend the architecture to solve existing problems on smart home control, beyond energy management.

Joel Mathias, Rim Kaddah, Ana Bušić, Sean Meyn

Proceeddings of the 49th Hawaii International Conference on Systems Sciences (IEEE). Mar. 2016.
DOI: 10.1109/HICSS.2016.312

Abstract: In discussions at the 2015 HICSS meeting, it was argued that loads can provide most of the ancillary services required today and in the future. Through load-level and grid-level control design, high-quality ancillary service for the grid is obtained without impacting quality of service delivered to the consumer. This approach to grid regulation is called demand dispatch: loads are providing service continuously and automatically, without consumer interference. In this paper we ask, what intelligence is required at the grid-level? In particular, does the grid-operator require more than one-way communication to the loads? Our main conclusion: risk is not great in lower frequency ranges, e.g., PJM’s RegA or BPA’s balancing reserves. In particular, ancillary services from refrigerators and pool-pumps can be obtained successfully with only one-way communication. This requires intelligence at the loads, and much less intelligence at the grid level.

Rim Kaddah, Daniel Kofman, Fabien Mathieu, Michal Pioro

Proceedings of the 11th International Conference on Innovations in Information Technology (IEEE). Nov. 2015.
DOI: 10.1109/INNOVATIONS.2015.7381509

Abstract: The Internet of Things (IoT) paradigm brings an opportunity for advanced Demand Response (DR) solutions. Indeed, it enables visibility and control on the various appliances that may consume, store or generate energy within a home. It has been shown that a centralized control on the appliances of a set of households leads to efficient DR mechanisms; unfortunately, such solutions raise privacy and scalability issues. In this paper we propose an IoT-based DR approach that deals with these issues. Specifically, we propose and analyze a scalable two levels control system where a centralized controller allocates power to each house on one side and, each household implements an IoT- based DR local solution on the other side. A limited feedback to the centralized controller allows to enhance the performance with little impact on privacy. The solution is proposed for the general framework of capacity markets.

Ziad Ismaïl, Jean Leneutre, Alia Fourati

Security of Industrial Control Systems and Cyber Physical Systems (Springer). Pages: 157-167, Sep. 2015.
DOI: 10.1007/978-3-319-40385-4_11

Abstract: The improved communication and remote control capabilities of industrial control systems equipment have increased their attack surface. As a result, managing the security risk became a challenging task. The consequences of attacks in an industrial control system can go beyond targeted equipment to impact services in the industrial process. In addition, the success likelihood of an attack is highly correlated to the attacker profile and his knowledge of the architecture of the system. In this paper, we present the Attack Execution Model (AEM), which is an attack graph representing the evolution of the adversary’s state in the system after each attack step. We are interested in assessing the risk of cyber attacks on an industrial control system before the next maintenance period. Given a specific attacker profile, we generate all potential attacker actions that could be executed in the system. Our tool outputs the probability and the time needed to compromise a target equipment or services in the system.

Ziad Ismaïl, Danai Symeonidou, Fabian Suchanek

Proceedings of the 24th International Conference on World Wide Web (ACM). Pages: 203-206, May 2015.
DOI: 10.1145/2740908.2742836

Abstract: Internet users typically have several online accounts – such as mail accounts, cloud storage accounts, or social media accounts. The security of these accounts is often intricately linked: The password of one account can be reset by sending an email to another account; the data of one account can be backed up on another account; one account can only be accessed by two-factor authentication through a second account; and so forth. This poses three challenges: First, if a user loses one or several of his passwords, can he still access his data? Second, how many passwords does an attacker need in order to access the data? And finally, how many passwords does an attacker need in order to irreversibly delete the user’s data? In this paper, we model the dependencies of online accounts in order to help the user discover security weaknesses. We have implemented our system and invite users to try it out on their real accounts.

Ziad Ismaïl, Jean Leneutre, David Bateman, Lin Chen

Proceedings of the 16th International Symposium on High Assurance Systems Engineering (IEEE). Jan. 2015.
DOI: 10.1109/HASE.2015.24

Abstract: The communication infrastructure is a key element for management and control of the power system in the smart grid. The communication infrastructure, which can include equipment using off-the-shelf vulnerable operating systems, has the potential to increase the attack surface of the power system. The interdependency between the communication and the power system renders the management of the overall security risk a challenging task. In this paper, we address this issue by presenting a mathematical model for identifying and hardening the most critical communication equipment used in the power system. Using non-cooperative game theory, we model interactions between an attacker and a defender. We derive the minimum defense resources required and the optimal strategy of the defender that minimizes the risk on the power system. Finally, we evaluate the correctness and the efficiency of our model via a case study.

Rim Kaddah, Daniel Kofman, Michal Pioro

Proceedings of the International Workshop on Intelligent Energy Systems (IEEE). Oct. 2014.
DOI: 10.1109/IWIES.2014.6957044

Abstract: We consider demand response solutions having the capability to monitor different variables at users’ premises, like presence and temperature, and to control individual appliances. We focus on the optimal control of the appliances during time periods where the available capacity is not enough to satisfy the demand generated by houses operating freely. We propose an approach to define the utility of appliances as a function of monitored variables, as well as control schemes to optimize this utility. Global optimums can be reached when a centralized entity (i.e., an aggregator) can gather information from each user and control each individual appliance. This may not be always possible, for example for privacy and/or scalability reasons. We therefore consider, in addition, a system where decisions are taken partially at a centralized site (global power allocation per home) and partially at customer premises (sharing of the allocated power among local appliances). Performances of proposed control mechanisms are evaluated and compared. We show the potential value of introducing demand response mechanisms at fine granularity.

0 1431
Ziad Ismaïl, Jean Leneutre, David Bateman, Lin Chen

Journal on Selected Areas in Communications (IEEE). Pages: 1486-1499, Volume: 32, Issue: 7, Jul. 2014.
DOI:10.1109/JSAC.2014.2332095

Abstract: The widespread deployment of smart meters in the advanced metering infrastructure (AMI) raises privacy concerns. Analyzing the data collected from smart meters can expose habits and can be potentially used to predict consumers’ behaviors. In this paper, we analyze the confidentiality of information in the AMI consisting of nodes with interdependent correlated security assets. On each node, the defender can choose one of several security modes available. We try to answer the following questions: 1) What is the expected behavior of a rational attacker?; 2) What is the optimal strategy of the defender?; and 3) Can we configure the security modes on each node to discourage the attacker from launching any attacks? In this paper, we formulate the problem as a noncooperative game and analyze the behavior of the attacker and the defender at the Nash equilibrium. The attacker chooses his targets in order to collect the maximum amount of data on consumers, and the defender chooses the encryption level of outbound data on each device in the AMI. Using our model, we derive the minimum defense resources required and the optimal strategy of the defender. Finally, we show how our framework can be applied in a real-world scenario via a case study.