Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                

An Open Source Framework For Smart Meters: Data Communication and Security Traffic Analysis

Download as pdf or txt
Download as pdf or txt
You are on page 1of 9

This article has been accepted for publication in a future issue of this journal, but has not been

fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 1

An Open Source Framework for Smart Meters:


Data Communication and Security Traffic Analysis
Rodrigo T. Caropreso, Ricardo A. S. Fernandes, Member, IEEE, Diana P. M. Osorio, Member, IEEE,
Ivan N. Silva, Member, IEEE

Abstract—In this paper, it is proposed a structured methodol- increase greatly data network traffic, assuming a relevant role
ogy to define the architecture for a communication framework for the evaluation of data exchange on smart metering and
with multi-frame capability, which can be embedded in a resi- AMI [5].
dential smart meter hardware for Smart Grid applications. This
framework is based on TCP/IP protocol, and it is considered There are several communication technologies such as
that data is exchanged via wireless. The architectural model Bluetooth, Power Line Communication (PLC) and wireless
was based upon the state of the art in Software Engineering, mesh networks using ZigBee under consideration with no
making use of Design Patterns and the principles of low coupling clear consensus for a standard so far. Some work has gotten
and high cohesion which result in a solution that is both, more acceptable results using simulation analysis for mesh networks
reliable and maintainable. A security module is also provided
and the framework performance is evaluated, in terms of packet and ZigBee [5], [6], whilst some research on data reliability
throughput and computational effort of the security layer on the related to AMI has presented good results on analyzing
processing device, via practical experiments of some laboratory residential load control [7], [8].
scenarios. Furthermore, errors on some frames are introduced In addition, side-by-side with data reliability issues, there
in order to evaluate the feasibility of this framework in real is a special concern on security aspects of grid data traffic,
field applications. Results show that this framework architecture
supports acceptable transfer rates even with extra computational where cyber-attacks may cause eavesdroppers to get access
cost due to the use of data encryption and separated processing on sensitive information collected by smart meters, which may
modules, making it a feasible proposal for the considered appli- result in financial losses to companies or householders.
cation context. In this sense, several recommendations and guidelines were
Index Terms—client/server framework, data exchange, embed- proposed (and some of them are still under development), such
ded algorithm, encryption, private key, smart meters. as European Union Directive (2017/27/EU) which establishes
a common framework of measures for the energy efficiency
within EU and security issues for smart meter and data
I. I NTRODUCTION
communication, and privacy of final consumers [9]. On United

R ECENTLY, Smart Grids (SG) have received great at-


tention by industry, regulatory agencies, and scientific
community for being recognized as the major evolution of
States, the Energy Independence and Security Act of 2007
provided by the Department of Energy with the responsibility
of developing the smart grid program, which derives from
power systems. This concept allows the integration among the US-FIPS-140 Publication Series to coordinate the require-
electrical power systems and communication technologies in ments and standards for cryptography modules that include
order to improve power production, management and con- both hardware and software components. The IEEE 1547 and
sumption in an intelligent, sustainable, and reliable manner [1]. 2030 series of publications and development activities address
In this context, smart meters represent a key component of priority engineering topics such as energy storage systems
a SG, being designed to monitor and record the electrical security, conformance, and testing [10].
energy consumption and enabling a utility to gather this On the other hand, the Computer Systems Engineering is a
information [2]. Thus, smart meters provide a communication field under research for more than 40 years, focused on both
interface for the grid’s last mile consumers, composing the hardware and software development. In this context, hardware
so-called Advanced Measurement Infrastructure (AMI) [3]. development decisions are closely related to its embedded
As a result, data collected and processed by a smart meter software decisions [11], [12]. Also, a design problem known
must eventually be exchanged with another grid node, such as as partitioning [13] states that it is a recurrent lack of vision
a concentrator, which will create a huge traffic demand, mak- over the implemented requirements on hardware and software,
ing the evaluation of this data traffic a major concern on the and there is not a deterministic solution for this problem [14].
aspects of reliability (QoS), standardization, and security [4]. It is important to notice that community efforts are oriented
It is worthy to mention that concepts such as Neighborhood to define algorithms or communication evaluation (infrastruc-
Area Networks (NAN) and Building Area Networks (BAN) ture) though there is a lack for works that present, in details,
the model of their methodologies in terms of data com-
Manuscript received October 13, 2017; revised November 27, 2017; ac- munication and standardization with no application protocol
cepted February 01, 2018.
Rodrigo de T. Caropreso and Ivan N. Silva are with the Department of defined to exchange data. Thus, one of the major obstacles
Electrical Engineering, University of São Paulo, São Carlos, 13566-590, when designing a smart meter with such functionalities is
Brazil. (e-mails: rcaropreso@usp.br, insilva@sc.usp.br). the interoperability on the grid using distinct communication
Ricardo A. S. Fernandes and Diana P. M. Osorio are with the Department of
Electrical Engineering, Federal University of São Carlos, São Carlos, 13565- devices.
905, Brazil. (e-mails: ricardo.asf@ufscar.br, dianamoya@ufscar.br). Following the above context, this paper proposes a multi-

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 2

frame communication framework architecture model, which is TABLE I


open and scalable. C OMMUNICATION F RAMEWORK CHARACTERISTICS
ID IC SC MF SM ToE TR
The main contributions of this paper is three-folded: 1) A [18] N N N N Sim 500 kbps
to propose a structured architecture definition for a data B [19] N/A Y N Y N/A N/A
process and communication framework. This framework has C [16] N Y N N Sim N/A
Client/Server multi-frame capability by using TCP/IP protocol D [6] Y N N N HW/Sim 4.5 Mbps
on a wireless network. 2) to define an inter operable and op- Table I identifies the following characteristics for each
erating system module-based architecture for the framework, framework: if it interoperability capabilities (IC); security
which can be embedded in a residential smart meter hard- capabilities (SC); multi-frame capabilities (MF), if it was
ware for Smart Grid applications as well as on concentrator provided a software model (SM), type of experiment executed
nodes. 3) to evaluate proposed architecture via experimental (ToE) where HW means hardware and ’Sim’ indicates that a
measures, when the majority of related literature is focused on simulation tool was used; and the transfer rate when applicable
network simulations. (TR).
The wireless network was defined because it is easy to
configure and deploy, when compared to wired networks III. C LIENT /S ERVER A RCHITECTURE
(and throughput tends to be lower which configures a ’worst According to the Internet Protocol (IP), which is commonly
case scenario’ evaluation). A security model based on the employed for data exchange, the communication can be per-
OpenSSL Library is also implemented and evaluated in order formed by two different protocols, namely [20], [21]:
to establish the computational cost of encryption algorithms on 1) Transmission Control Protocol (TCP): a connection-
bidirectional communication. Furthermore, the entire proposed oriented data exchange with ”delivery assurance”;
methodology is based upon Object Oriented Model and Design 2) User Datagram Protocol (UDP): a connectionless data
Patterns principles where all schemes being presented on exchange for streaming communication or asynchronous
Unified Modeling Language (UML) diagrams which can be events, i.e. alarms triggering and publisher-subscriber
easily reproduced and reused. messages.
The rest of the paper is organized as follows. Section
For each of the above protocols, a limit size for pack-
II presents some related works on the area. Fundamental
age transmission, the so-called Maximum Transmission Unit
concepts on Client/Server Architecture are presented on Sec-
(MTU), is defined. Thus, for the Ethernet frames of the
tion III. Section IV describes the main aspects concerning
proposed framework, the maximum size of the package, when
security and how it was implemented on framework. Section
it reaches the Logical Link Control layer (just before being
V describes the object oriented implementation of framework
sent as an electrical signal), is 1500 bytes.
modules. Section VI presents the practical experiments and
In this sense, in order to offer a reliable data exchange
analysis on packet transfer rate and, finally, Section VII
in a SG environment and to support interoperability between
concludes the paper.
device manufacturers, which is required by SG standards or
recommendations such as IEC 61850. Then, in addition to
II. R ELATED W ORKS
the communication aspects, the qualitative properties of the
A number of data exchange techniques have been investi- devices must be observed by considering its configuration and
gated in distinct context for SG and its challenges related to management [22]. Such issues must be implemented on the
data communication and security [4], [15]. Communication Framework, as a Data Exchange Middleware,
Regarding data privacy and grid security, some proposals which is a set of services associated to the Protocol Stack
addressing security solutions and authentication protocols for located between network and application layers. Therefore,
SG have been presented in the literature [16], [17]. In these services can be divided into the following categories:
[18], a Transport Protocol for Smart Grid is proposed and 1) Client/Server – centralized and connection-oriented
the concept of aggregation at the communication transport model between two network devices. It is focused on
level is introduced to address traffic issues. In [6] data synchronous message exchanging, where a Client sends
communication interference analysis is conducted through a data and waits for the Server response [23];
theoretical approach on ZigBee network. 2) Publisher/Subscriber – distributed and non-connection-
It is important to highlight that on aforementioned works, oriented model, where two or more network devices
there is a lack of software modeling in order to reproduce may be involved. Herein, the message exchanging flows
the communication layer and embed it on a meter. In [19], a asynchronously, where data is delivered from a Publisher
software model for a smart metering gateway is presented and to the Client, subscribed for receiving that specific
discussed. However, the model is not implemented and tested message [23].
for performance evaluation. It is worthwhile to mention that the amount of data for
The approach followed by this paper aims to overcome gathering and processing is going to define the assertiveness
the lack of modeling for an open communication and service of the decisions regarding energy and consumption on the
layer which is the presented framework. Thus, some of the entire SG. Therefore, a higher volume of data collection,
main characteristics of the aforementioned works can be storage, traffic and processing is required. Hence, to comply
summarized on a table: with this, it is necessary to embed a multi-frame capability

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 3

on the framework services in order to make it capable of is vulnerable of being analyzed by untrusted entities. Hence, a
sending pieces of information beyond the MTU limitation in a framework providing a common and extensible interface, with
controllable way. Taking this into account, for the framework multi-frame and security capabilities, is attractive from a safe
proposed on this research, the Client/Server architecture was Data Analytics perspective. Considering this, a security model
modeled first, since it provides a better control on the measured is proposed regarding usual encryption algorithms related to
throughput as well as the security issues described on the next data exchange, which are summarized as follows:
section. • Symmetric-key algorithm – it considers that both sender
The object-oriented implementation proposed on this paper and receiver share a unique key, which is used to encrypt
enfolds a Client/Server architecture with synchronous data or decrypt the message. The drawback of this algorithm
exchange and support for high speed multi-frame traffic. Thus, is that if a third party has access to the key, the security
one of the key aspects of the Server Application is, precisely, of data is lost;
supporting multiple connections. Therefore, the implementa- • Asymmetric-key algorithm – it is also called “Public-
tion must have multi-threading capability. Hence, it is possible key cryptography” as it makes use of two distinct keys
to model the connection mechanism as well as the iterations (mathematically related), a public key that can be dis-
and procedures involved in a Client/Server connection. tributed and a private key that must be safely stored by
These procedures can be understood by the sequence di- its owner. A message encrypted with the public key can
agram depicted in Fig. 1, where it can be noticed that the only be decrypted by its correspondent private key and
Server creates a socket object through the Socket() method, vice-versa.
followed by the TCP initialization by using the methods Bind() Thus, the security protocol proposed in this paper follows
and Listen(). Then, the Server stays on a wait state until a the three-step handshake depicted in Fig. 2.
Client establishes a connection through the Accept() method.
Meanwhile, the Client application establishes a connection
with the Server through the Connect() method, after creating
its own socket object. At this moment, the Server creates a
thread for handling the connection with the Client and returns
to listen for new connections.

Fig. 2. Procedures of security socket layer (SSL) 3-way handshake.


As can be noticed in Fig. 2, the security handshake on the
framework is performed as follows:
1 - The Client starts a connection to Server and sends
its own certificate encrypted with the Server’s public key. In
turn, Server decrypts the certificate using its private key, and
sends its own certificate encrypted back to Client (if Client’s
certificate is valid);
2 - After both sides have validated their respective certifi-
cates, Client creates a symmetric key for the current session,
Fig. 1. Connection flow for client/server multi-frame data exchange. encrypting it with the Server’s public key, and sends it to
Server where it is decrypted by Server’s private key;
Moreover, it is important to mention that Send() and Re-
3 - Finally, Client encrypts a pass phrase with the session
ceive() events are the effective transport-frame core, where a
key and sends it to Server, which decrypts, validates the pass
number of N frames can be exchanged until a fail occurs or
phrase, and returns its own pass phrase for Client validation,
the Client forwards a Close() event indicating the end of the
providing an additional level of authentication. Both Client
current connection.
and Server can use this step to check if the encryption data
exchange services are fully-functional.
IV. DATA S ECURITY It is worthwhile to mention that symmetric key compu-
A device capable of gathering information on energy con- tational cost is lower when compared to asymmetric key
sumption, as the smart meter, may provide several advantages algorithm. For this reason, the asymmetric key is only applied
for the analysis and performance of the SG, since it can on the handshake phase, leaving the Smart Meter hardware
define user profile and prediction for energy usage [24], [25]. with more resources to perform other tasks. After handshake
However, all data generated and transmitted by such devices phase is completed, all data transfer is performed upon sym-

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 4

metric key algorithm. The algorithm used for Symmetric- encryption key for UDP message transfer (the key is also
key encryption/decryption is the AES (Advanced Encryption encrypted as described below).
Standard), a block cypher standard; whilst the algorithm used The payload is transferred on the pDataBuffer array and the
for Asymmetric-key encryption/decryption is the RSA (which attributes iFrameIndex, iTotalFrames, and iTotalbytes provide
stands for Ron Rivest, Adi Shamir and Leonard Adleman) the dimension of this payload. Finally, the iDataBufferLength
[26], based on prime numbers factoring, widely applied on is the size of data on current frame, which will be also used
communication networks. for security purposes.
Finally, the “certificates” used for client and server instances The extensibility contribution of this paper regarding the
are Global Unique Identifier (GUID) strings which can be framework communication model is provided by the Abstract-
generated and validated for experiments. However, this kind of Factory Design Pattern [28] which is depicted in Fig. 4.
certificate is not recommendable for real applications –where By using this pattern it is possible to create several concrete
a digital certificate provided by a certification authority is the instances of Clients as well as Servers (respectively CSock-
usual protocol to be followed. But, since one of the purposes etClient and CSocketServer) implementing the methods of
of this paper is to evaluate the performance of encryption algo- basic interfaces (CSocketClientBase and CSocketServerBase,
rithms implemented on the multi-frame architecture embedded respectively). This pattern allows interoperability, since only
on the smart meter, from technical perspective, the use of the concrete classes have to deal with issues such as Socket
encrypted GUID does not affect the results of the realized communication, which has distinct procedures to be called
experiments. when running on Windows or Linux, for example. In addition,
the existence of distinct factories on the model provides a
V. O BJECT-O RIENTED I MPLEMENTATION OF F RAMEWORK decoupling between Server and Client behaviors and can be
The benefits of Object-Oriented Programming as well as extended individually as needed (to create a Broker Server, for
design patterns on systems’ modeling –to ensure reusability, instance).
robustness, expansion and maintenance of a system– are
widely known [27], [28]. Therefore, it is important to mention
that the following model makes use of techniques available
on Software Engineering in order to have an extensible model
with low coupling level among the modules, which can be
incrementally implemented whenever necessary. In addition,
principles such as low coupling and high cohesion, when
correctly applied to an architectural design, may result in a
solution that is more reliable and maintainable [29], [30].
In this sense, for data exchange, the basic transport datagram
of the framework is depicted in Fig. 3.

Fig. 4. Abstract client/server factory pattern.

The framework communication model is supported by Sock-


etCommLibrary depicted in Fig. 5.
It is possible to notice that the library is composed by
classes needed to instantiate a Client application CSocketClient
as well as a Server application CSocketServer, following the
pattern previously described (AbstractFactory). These classes
are responsible for supporting the connection and commu-
nication initialization procedures. It is important to mention
Fig. 3. Transport data frame. that a fundamental class for managing data exchange is the
In this datagram, the iCommand attribute represents the CSocketManager class, which provides services capable of
operation code to be executed, iFrameStatus is the current performing a full-duplex multi-frame communication.
communication state and enFrameType describes the class of Finally, both Server and Client classes make use of
transferred frame (numeric or text, as an example). The fields CSSLManager, which is a proxy for the SecurityLibrary.
lQtyofTypedElements and iSizeOfTypeOnFrame are used to It is important to highlight that one relevant distinction
describe any specific aspect regarding interoperability (size of between Client and Server classes is that CSocketClient is
an integer, as an example). a single-thread descriptor, which means it has only a single
The security issues are addressed by the fields deviceID, instance of a CSocketManager object whilst CSocketServer
which is the sender identification (usually encrypted as de- class is modeled as a multi-threaded connection server, thus
scribed below) and udpSessionKey containing the payload supporting multiple instances of CSocketManager objects.

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 5

An additional library was created to provide socket com- purposes. In addition, by modeling an architecture based on a
munication and data access, namely SecurityLibrary, which is common Operating System (OS), rather than an specific Real-
depicted in Fig. 6. The security package is composed by Proxy Time Operating System (RTOS) or CPU instruction set, it may
Design Pattern classes, which encapsulate the basic encryp- attain a larger set of platforms with minor constraints.
tion/decryption services needed by the framework, where the Moreover, it is important to point out that while the man-
cryptographic algorithms are implemented by the openSSL, an ufacturing characteristics of a commercial smart meter must
open-source toolkit. ensure a set of standards compliance, this paper has focused
on the design of a framework model for data processing and
transfer, which may be embedded in a low-cost customizable
hardware.
Regarding the proposed architecture, the smart meter is able
to execute specific and more complex tasks in a timely manner
as presented in [31] and provides a middleware interface for
hardware access so-called Hardware Abstraction Layer (HAL).
In this sense, developers may focus only on meter operation
and data processing, while data transfer and security is already
assured by the previously defined interface proposed in this
paper.
VI. A NALYSIS ON DATA PACKET T RANSFER R ATE
In order to evaluate the reliability and feasibility of the
multi-frame Client/Server architecture proposed in this paper,
a set of tests was performed taking into consideration scenarios
related to data traffic as well as packet loss. On both scenarios,
the Client application was running on the Beagle Bone Black
Fig. 5. Framework client/server model.
whilst the server was running on a Desktop Intel Core-i5-
3470M@3.20 GHz CPU with 8.0 GB RAM and Windows
10. The router used on this configuration is an IEEE 802.11g
wireless access point for 10/100 Base-T connections.
The parameters of each application can be configured
through a file of properties and, for the first experiment,
the SSL encryption was disabled to work as a reference
measurement. Both applications were capable of saving the
binary data on a file for further comparisons. Considering
this, it was possible to verify through experiments if both
encrypted and decrypted data were being transferred without
errors, avoiding false positives.
For Client and Server applications, it is necessary to config-
ure the Server IP and Port used for connection. Additionally,
to configure the Beagle Bone Black as a Client, it is necessary
to setup the sampling time which simulates data acquisition
on its analogical input. Since the main purpose of this paper is
to evaluate the performance of encryption algorithms, the data
frames were generated at the Client application by considering
the following rule:
Fig. 6. Security model. N = Ts × 16000, (1)
All the models were implemented in C++, using the Stan- where N is the number of samples to be sent to the Server with
dard Template Library (STL), C common libraries, and POSIX each sample being a random number generated on the range
functions, which simplifies the interoperability across distinct [0,1,800], and Ts represents the sampling time. This approach
platforms. Therefore, the classes were developed on Qt Creator corresponds to a sampling rate of 16 kHz, which is used to
v3.5.1 as IDE and the final applications were cross compiled capture analog signals on the Beagle Bone Black board A/D
for Linux (ARM Architecture) and natively compiled for converter that operates between 0 and 1,800 mV. Therefore,
Windows. Thus, the same firmware can run on a PC or the transferred data is composed by integers, each one of 4
embedded in a prototyping device. bytes long, then, for a Ts = 10 s, there are N = 160,000
The Beagle Bone Black Rev. B was used as the Smart samples of 4 bytes resulting in a 640,000 byte data frame to
Meter for the initial experiments on the framework model due be transferred.
to its ”open-hardware” characteristics. In this sense, it is a The transport datagram is capable of transporting a 1.024-
prototyping board that can be easily customized for specific byte payload, which means that this particular example will

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 6

consume 625 frames. Considering this, simulations were exe- deviation of ± 3.53 KB/s. This represents a 5% loss in transfer
cuted based on variations of the Ts by starting at Ts = 10 s rate when security is enabled which is a very acceptable result
and doubling the value on each subsequent data transmission. when considering the benefits on data security.
This procedure ends when the Smart Meter hardware used on
the tests threw a memory allocation exception representing the
maximum multi-frame size that can be managed at once on
the device’s memory.
A. Data Traffic Tests
The scenario for experiments is depicted in Fig. 7. For the
performance evaluation, the data transfer time was measured
considering the time spent to process each data frame and
reconstruct all data, and the time spent to decrypt the frames
after data reconstruction (for Server) and the CPU time versus
wall-clock time taken to perform the full data transfer (for
Client). It is important to verify hardware limitations and Fig. 8. Transfer rate for SSL ON/OFF considering 0% and 15% of
requirements for real field applications since a smart meter packet losses.
should not be an expensive device with a huge amount of
In Fig. 9 presents the real-time measured for a complete
memory, but it must be still capable of performing data
data transfer versus the number of bytes used on payload.
processing. Therefore, there is a trade-off between hardware
The experiment was performed with SSL OFF and SSL ON in
capability and computational overhead.
order to compare the overhead caused by encryption algorithm
as well as error rate on the processing time.

Fig. 7. Data traffic tests with SSL ON and OFF.


The packet loss was also simulated in order to evaluate
system’s performance in scenarios closer to real field applica-
tions. This was implemented at the Server as an algorithm
that randomly refuses packages and requests the Client to
Fig. 9. Real-time versus payload with SSL ON/OFF.
retransmit them, thus simulating a frame transfer error that
may occur on field applications. The error rate was set in When the Beagle Bone Black is operating as a Client (Smart
2 values: 0% and 15% of error packages. These values can Meter), the transfer times based on real time (wall clock) did
be also configured by command line, thus optimizing the not suffered significant changes caused by the use of security
whole experiment duration, without the need of recompile any module. This can be explained by examining the amount of
module of the framework. generated encrypted data before the network transfer. The
Given the above context, Table II synthesizes the data overhead caused by AES-256 encryption algorithm on payload
collected from the experiments, including the payload size just added 1 extra data frame and this can be negligible
(number of frames) versus the Transfer Rate and Transfer considering only the transfer time itself. Thus, the results show
Times (Real Clock and CPU Clock) considering the minimum that there is no significant overhead caused by the use of
and maximum error rates of the experiments (0% and 15%, security module.
respectively). The experiments were performed with no data However, as expected, the transfer time increases for higher
encryption (SSL OFF) and using data encryption (SSL ON) in payloads and it was observed that the physical limit for data
order to compare the overhead caused by encryption algorithm transfer on the proposed framework architecture is 160,000
as well as error rate on overall transfer rate. frames, which corresponds to a single 163 MB file transfer
To analyze the Transfer Rates, Fig. 8 depicts the payload at once for SSL OFF. It was also observed that the physical
size (number of frames) versus the transfer rate from II. limit for data transfer on the proposed framework architecture
Considering the scenario with SSL OFF and error rate of is 40,000 frames for SSL ON, which corresponds to a single
0% and 15%, respectively, it can be observed on Table II an 40 MB file transfer at once.
average transfer rate of 213.71 KB/s with standard deviation It is important to highlight that both observed data transfer
of ±2.45 KB/s. On the other hand, considering the scenario capability are very acceptable considering real operation of
with SSL ON (error rate of 0% and 15%, respectively), Table a smart meter, where such burst of data transfer should be
II shows an average transfer rate of 202.47 KB/s with standard avoided.

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 7

TABLE II
B EAGLE B ONE AS A C LIENT - C OLLECTED DATA
Transfer Rate KB/s Transfer Times Real (ms) Transfer Times CPU (ms)
Fail Rate 0% 15% 0% 15% 0% 15%
Frames SSL OFF SSL ON SSL OFF SSL ON SSL OFF SSL ON SSL OFF SSL ON SSL OFF SSL ON SSL OFF SSL ON
625 159.55 159.75 148.46 180.84 3917.2 3639.4 4209.8 3999.3 259.9 244.9 296.1 283.5
1250 200.20 179.99 182.35 176.57 6243.8 6448.9 6854.9 7198.9 500.4 496.0 583.9 582.2
2500 231.11 191.80 195.24 178.41 10817.2 11308.3 12804.5 13063.2 996.3 998.0 1175.6 1163.9
5000 242.20 206.11 206.13 178.75 20644.5 21797 24256.4 25200.9 1999.1 1990.6 2318.45 2342.08
10000 244.57 208.47 212.42 173.28 40888.4 42657 47076.9 49593.4 3981.29 3998.68 4671.9 4689.2
20000 230.71 150.82 214.50 175.10 86690 83299.3 932380 98700.9 7979.8 7950.0 9394.4 9365.3
40000 236.23 214.17 215.94 174.94 169323 175055 369259 196610 15913.0 15992.4 18764.9 18781.2
80000 249.49 216.29 216.65 N/A 320656 N/A 737812 N/A 31691 N/A 37186.9 N/A
160000 238.50 210.72 216.86 N/A 670863 N/A 742642 N/A 63625.6 N/A 74363.1 N/A

However, the overhead of memory by the use of the are showed on Table III which synthesizes the payload size
encryption algorithm was very significant, which may lead to (number of frames) versus the CPU time employed on run-
possible enhancements and optimizations on the framework ning the client application. The Overall CPU Time (OCT) is
itself, but also it is an indicator that the encryption is a very compared with Data Encryption Time (DET) considering the
computing demanding for large files. analyzed situations for minimum and maximum error rates of
It can be observed that for the worst scenario (15% of the experiments (0% and 15%, respectively).
error rate and 160,000 frames with SSL OFF) the real-time
for full data transfer was measured as 736.6 s. In this case,
no significant overhead was observed for processing data after
building all the frames.
Finally, combining the worst scenario (15% of error rate
and 40,000 frames) the real-time for full data transfer was
measured as 196.6 s. On the same situation (40,000 frames
and 15% of error rate) for SSL OFF, the transfer time was
185.2 s, or approximately 6% faster.

B. Framework overall performance analysis


In order to explore in more detail how the Beagle Bone
CPU is impacted by framework services the performance of Fig. 10. CPU time versus real-time for data transfer (SSL ON/OFF).
the framework can be evaluated and, on this sense, the CPU Considering the CPU time spent on client application, the
time measurements followed the same trend of Fig. 9 with a results on Table II show that Smart Meter CPU time allocated
lower magnitude as can be seen on Table II. for encrypting data was approximately 70% of the overall CPU
It is possible to compare the relative time consumption data whilst remaining 30% CPU time on client application
by CPU (Real-Time and CPU Time) versus the number of was spent on internal processing and data communication, as
frames for the previously described scenarios and this result presented by Table III. This result confirm the computational
is depicted by Fig. 10. onus caused by security module, which is an indicator that it
On this figure it is easy to notice that, from the complete may heavily affect the performance of the hardware. Thus, it is
transmission time perspective, there is no significant distinc- positive to highlight the modular aspect of the proposed frame-
tion between SSL ON or OFF (each one takes approximately work architecture, where the security layer can be exchanged
50% of the x-axis). or extended, without a relevant impact on the communication
It can be also observed that CPU time for processing the process, minimizing further development efforts.
data transfer was very small, which corresponds to a non- When compared to the related works from Table I which
demanding effort. However, due to multiprocessing features also has a performance analysis based on transfer rates it
of hardware, the real-time for transfer oscillates between 16 is possible to note numerical results of [18] has showed a
and 25 times the time spent for the CPU itself, which can consistent throughput of 500 kbps whilst [6] presented a 4.5
be noticed by comparing the values on Table II. Thus, this is Mbps.
an indicator that the hardware configuration can support much TABLE III
DATA P ROCESSING T IMES (CPU)
more processing over collected data, although this architecture OCT x DET on CPU (ms)
cannot be recommended if real-time response is an imperious Fail Rate 0% 15%
requirement. Frames OCT DET OCT DET
However, it is important to highlight that this small impact 625 835.246 640.70 891.91 639.55
1250 1708.92 1226.92 1758.27 1196.74
on overall transfer time caused by the security module, is 2500 3576.89 2328.75 3588.11 2381.19
due to the minimum footprint generated by the security 5000 6823.53 4761.17 7018.76 4603.90
proxy classes. Thus, the communication module is minimally 10000 13440.5 9314.76 14330.60 9510.14
20000 27226.6 19019.20 28044.50 18411.60
affected by the utilization of the security module. However, 40000 53364 36808.90 57354.30 38025.30
it is necessary to evaluate the impact on data processing 80000 N/A N/A N/A N/A
tasks caused by the security module. These measurements 160000 N/A N/A N/A N/A

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 8

It is important to highlight that the first one has used [2] Y. Yan, Y. Qian, H. Sharif, and D. Tipper, “A survey on smart grid com-
small frames and the second performed experiments using munication infrastructures: Motivations, requirements and challenges,”
IEEE Communications Surveys and Tutorials, vol. 15, no. 1, pp. 5–20,
heavy traffic generator. However, the proposed framework 2013.
have shown a transfer rate of 200 KB/s it is expected a [3] E. Ancillotti, R. Bruno, and M. Conti, “Reliable Data Delivery With
reduction on this performance when all wireless interferences the IETF Routing Protocol for Low-Power and Lossy Networks,” IEEE
Transactions on Industrial Informatics, vol. 10, no. 3, pp. 1864–1877,
come to play. Also, the congestion control situation was 2014.
not evaluated and remains as an open issue to be furthered [4] Z. Fan, P. Kulkarni, S. Gormus, C. Efthymiou, G. Kalogridis,
evaluated against proposed architecture. M. Sooriyabandara, Z. Zhu, S. Lambotharan, and W. H. Chin, “Smart
grid communications: Overview of research challenges, solutions, and
And the software model presented on previous sections may standardization activities,” IEEE Communications Surveys and Tutorials,
allow any researcher or developer to implement and execute vol. 15, no. 1, pp. 21–38, 2013.
basically the same operations, which stands as an advantage [5] H. Y. Tung, K. F. Tsang, K. T. Chui, H. C. Tung, H. R. Chi, G. P.
Hancke, and K. F. Man, “The generic design of a high-traffic advanced
over the other models, where the communication layer should metering infrastructure using zigbee,” IEEE Transactions on Industrial
be modeled and implemented from the scratch prior to any Informatics, vol. 10, no. 1, pp. 836–844, 2014.
algorithm development. [6] P. Yi, A. Iwayemi, and C. Zhou, “Developing zigbee deployment
guideline under wifi interference for smart grid applications,” IEEE
Transactions on Smart Grid, vol. 2, no. 1, pp. 110–120, March 2011.
[7] N. Gatsis and G. B. Giannakis, “Residential load control: Distributed
VII. C ONCLUSION scheduling and convergence with lost ami messages,” IEEE Transactions
This paper evaluates the feasibility and performance of on Smart Grid, vol. 3, no. 2, pp. 770–786, 2012.
implementing a security layer extension for a multi-frame [8] H. Li and W. Zhang, “QoS Routing in Smart Grid,” Electrical Engi-
neering, vol. 58105, pp. 1–6, 2010.
Client/Server framework, which can provide data exchange [9] E. E. Directive, “Directive 2012/27/eu of the european parliament and of
for residential smart meters. The obtained results demonstrate the council of 25 october 2012 on energy efficiency, amending directives
that the system performance suffers around 6% of reduction 2009/125/ec and 2010/30/eu and repealing directives 2004/8/ec and
2006/32,” Official Journal, L, vol. 315, pp. 1–56, 2012.
on transfer rate when the security algorithm is running on [10] G. J. FitzPatrick and D. A. Wollman, “Nist interoperability framework
application data. In addition, the encryption algorithm takes and action plans,” in Power and Energy Society General Meeting, 2010
around 70% of CPU time only for encrypting data after the IEEE. IEEE, 2010, pp. 1–4.
[11] T. Noergaard, Embedded systems architecture: a comprehensive guide
multi-frame has been built. The higher impact was noticed over for engineers and programmers. Newnes, 2012.
memory constraints, since the transfer capability was reduced [12] J. Catsoulis, Designing Embedded Hardware: Create New Computers
by a factor of 4 from the maximum file size, which can be and Devices. ” O’Reilly Media, Inc.”, 2005.
[13] J. Ganssle, The art of designing embedded systems. Newnes, 2008.
transferred in a single transaction. [14] M. López-Vallejo and J. C. López, “On the hardware-software parti-
The wireless choice was defined since wireless technologies tioning problem: System modeling and partitioning techniques,” ACM
Transactions on Design Automation of Electronic Systems (TODAES),
like WLAN and ZigBee have low cost rapid deployment. vol. 8, no. 3, pp. 269–297, 2003.
However, since a common drawback is the interference with [15] K. De Craemer and G. Deconinck, “Analysis of state-of-the-art smart
other devices and due to distance between endpoints, a wired metering communication standards,” in Proceedings of the 5th young
researchers symposium, 2010.
communication technology, such as Power Line Communica- [16] Y. Yan, R. Hu, S. Das, H. Sharif, and Y. Qian, “An efficient security
tions (PLC) should be considered. In this sense, a DUAL-PHY protocol for advanced metering infrastructure in smart grid,” IEEE
Smart Meter (using a wireless and a wired interface) might Network, vol. 27, no. 4, pp. 64–71, 2013.
[17] A. Anzalchi and A. Sarwat, “A survey on security assessment of
be a better approach to mitigate the challenges imposed by metering infrastructure in smart grid systems,” in SoutheastCon 2015.
distance and/or signal interferences. IEEE, 2015, pp. 1–4.
Following this idea, an extension of the architecture can [18] T. Khalifa, K. Naik, M. Alsabaan, A. Nayak, and N. Goel, “Transport
protocol for smart grid infrastructure,” in Ubiquitous and Future Net-
be analyzed by evaluating the DUAL-PHY model and in- works (ICUFN), 2010 Second International Conference on. IEEE, 2010,
corporating support for the Function Block paradigm, widely pp. 320–325.
used on automation systems, as well as model adapters for [19] M. P. Shopov, “Iot gateway for smart metering in electrical power
systems - software architecture,” in 2017 40th International Conven-
international smart grid standards such as IEC 61850 or even tion on Information and Communication Technology, Electronics and
a local standard. Microelectronics (MIPRO), May 2017, pp. 974–978.
Since there is an intrinsic concern among smart metering [20] E. C. Douglas and D. L. Stevens, “Internetworking with tcp/ip,” Prin-
ciples, protocols and architecture, Prentice Hall International Editions,
communication in smart grid, another relevant scenario which vol. 1, pp. 183–185, 1991.
can be explored includes the connection between several me- [21] I. N. Group, “User datagram protocol,” IETF Network Group, 1980.
ters in communication with a server, to evaluate latencies and [22] G. Manassero, E. L. Pellini, E. C. Senger, and R. M. Nakagomi,
“Iec61850–based systems—functional testing and interoperability is-
throughput values for the framework dealing with a number of sues,” IEEE Transactions on Industrial Informatics, vol. 9, no. 3, pp.
simultaneous connections, where the Beagle Bone Black will 1436–1444, 2013.
behave as a server or concentrator node. [23] C. R. Ozansoy, Modelling and object oriented implementation of IEC
61850: the new international standard on sustration communications
Finally, it should be pointed out that the use of a structured and automation. Lambert Academic Publishing, 2010.
framework model enabled the stratification of the tasks carried [24] S. Barker, S. Kalra, D. Irwin, and P. Shenoy, “Empirical characterization,
out by the smart meter, manufacturers, and developers. modeling, and analysis of smart meter data,” IEEE Journal on Selected
Areas in Communications, vol. 32, no. 7, pp. 1312–1327, 2014.
R EFERENCES [25] V. Bassilious, C. Ozveren, and A. Birch, “Using smart metering
for load aggregation: towards an integrated smart grid/active network
[1] R. Ma, H. H. Chen, Y. R. Huang, and W. Meng, “Smart grid commu- management framework,” in Proceedings of 2011 46th International
nication: Its challenges and opportunities,” IEEE Transactions on Smart Universities’ Power Engineering Conference (UPEC). VDE, 2011,
Grid, vol. 4, no. 1, pp. 36–46, 2013. pp. 1–6.

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TIE.2018.2808927, IEEE
Transactions on Industrial Electronics
IEEE TRANSACTIONS ON INDUSTRIAL ELECTRONICS 9

[26] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital


signatures and public-key cryptosystems,” Communications of the ACM,
vol. 21, no. 2, pp. 120–126, 1978.
[27] D. C. Schmidt, “Using design patterns to develop reusable object-
oriented communication software,” Communications of the ACM,
vol. 38, no. 10, pp. 65–74, 1995.
[28] E. Gamma, R. Helm, R. Johnson, and J. Vlissides, Design patterns:
elements of reusable object-oriented software. Addison-Wesley, 1994.
[29] M. Hitz and B. Montazeri, “Measuring coupling and cohesion in object-
oriented systems,” 1995.
[30] G. Gui and P. D. Scott, “Coupling and cohesion measures for evaluation
of component reusability,” in Proceedings of the 2006 international
workshop on Mining software repositories. ACM, 2006, pp. 18–21.
[31] F. A. S. Borges, R. A. S. Fernandes, I. N. Silva, and C. B. S. Silva,
“Feature extraction and power quality disturbances classification using
smart meters signals,” IEEE Transactions on Industrial Informatics,
vol. 12, no. 2, pp. 824–833, April 2016.

Rodrigo de T. Caropreso was born in São Paulo,


Brazil, in 1976. He graduated in Electrical Engi-
neering from Polytechnic School of University of
São Paulo, in 1998. He received the M.Sc. degree in
Electrical Engineering from the University of São
Paulo, Brazil, in 2003. Currently, he is a Ph.D.
student at University of São Paulo, Brazil. His
research interests are within the field of smart grids,
embedded systems and intelligent systems.

Ricardo A. S. Fernandes (M’10) was born in


Barretos, Brazil, in 1984. He graduated in electrical
engineering from the Educational Foundation of
Barretos, in 2006. He received the M.Sc. and Ph.D.
degrees in electrical engineering from the University
of São Paulo, Brazil, in 2009 and 2011, respectively.
Currently, he is an Assistant Professor at the Federal
University of São Carlos. His research interests are
within the field of smart grids, power quality and
intelligent systems.

Diana P. M. Osorio (M’16) was born in Quito,


Ecuador. She received the B.Sc. degree in Elec-
trical and Telecommunications Engineering from
University-ESPE, Ecuador, in 2008, and the M.Sc.
and D.Sc. degrees in Electrical Engineering from the
University of Campinas, Brazil, in 2011 and 2015,
respectively. Currently, she is an Assistant Professor
at the Federal University of São Carlos, São Carlos,
SP, Brazil. Her research interests include wireless
communications and technologies for 5G networks.

Ivan N. Silva (M’98) was born in São José do


Rio Preto, Brazil, in 1967. He received both M.Sc.
and Ph.D. degree in electrical engineering from
the University of Campinas (UNICAMP), Brazil,
in 1995 and 1997, respectively. Currently he is an
Associate Professor at the University of São Paulo.
His research interests are within the fields of power
system automation, intelligent systems and optimiza-
tion. He is also Editor-in-chief of the Journal of
Control & Automation (Brazil).

0278-0046 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

You might also like