This document summarizes a pitch for providing security solutions for smart metering and smart grids. It outlines the context and need for privacy and security measures to enable distributed applications in smart grids while protecting personal data. The research goals are described as enabling privacy-preserving data collection, secure infrastructure for authentication, integration of payment methods, low-power security for in-home devices, and providing legal frameworks for remaining privacy risks. Partners are sought among vendors, manufacturers, service providers, and software companies active in this domain.

1. ICON PITCH: Security for smart metering/smart grids iMinds 16/12/2010 Ingrid Verbauwhede, Stefaan Seys K.U.Leuven IBBT-COSIC

2. Smart Grids [Smart-e project]

3. Context and Need Providing a secure and privacy friendly infrastructure for the upcoming smart grids Many initiatives both from industry and academia, but not always sufficient attention for security/privacy aspects eNovates charging poles initiative “ Slimme meter” in Nederland IBBT Smart-e and SPARC Not providing privacy measures in the “slimme meter” has lead to a delay of the project

4. Context and Need The smart grid will enable distributed applications (charging poles at shopping centres, etc.); without countermeasures, this will allow location tracking, which may leak personal data: Where you live, where you work, when you work, when you are abroad, how often you visit the pharmacist, etc. Combination of smart grids with modern payment methods (e.g., NFC phone or RFID built in car) requires strong authentication methods, while still providing privacy. In house wireless actuators will require low-power authentication methods -> low-power embedded security COSIC has been active in this domain: Low power public key implementations, secure and privacy friendly road tolling, oblivious transfer schemes, etc.

5. Research Goals Enabling privacy preserving data collection for billing, etc. Providing a secure infrastructure for authenticated data collection (fraude prevention) Secure integration of modern paymethods (NFC, RFID) Low-power embedded security for the in-house actuators Providing a regulatory/legal framework to cover the remaining privacy risks. Building a demonstrator

6. Looking for Partners Vendors, manufacturors active in this field. Service providers Distribution, Data Network Payments Charging poles, Software (end-user application) providers Etc.