Soon, any householder would be equipped with a smart meter to provide some information about its energy consumption for the energy management, billing, and other purposes. While the data generated by the smart meters is beneficial for the energy suppliers and managers, it is harmful to the users’ security where some personal information can be inferred from the smart meter’s data. For example, related to multimedia, TV power consumption can reveal the program user is watching. There exist studies attempting to prohibit any leakage of user's identifiable information from the smart meter’s data by proposing privacy concerned protocols, but they either ignore providing any security analysis or do not follow a common methodology to evaluate the security breaches and privacy guarantees of their solutions. Due to this fact, it would be advantageous to establish a framework by which existing solutions could be comparable with respect to the different levels of privacy they provide for users.
In this STSM we aimed at proposing a methodology for security assessment of aggregation protocols in the smart grids by analyzing possible attacks and malicious behavior of the involved entities. For this purpose, we investigated the existing aggregation protocols to extract and analyze the possible scenarios where the user can be identified from the data either provided by the smart meters or leaked while the protocol’s execution. By applying game based proof techniques, we came up with a methodology, consists of security definitions and games, to evaluate the security of aggregation protocols. Moreover, we achieved a classification and visualization method for different levels of security by which the security of the aggregation protocols is easily comparable.