Energy delivery has evolved from closed infrastructures to high complex interconnected systems or smart grids. The interconnection of a broad range of smart devices that constantly assess the state of the grid, the availability of power, and the demand brings new opportunities to increase the efficiency of these ecosystems. However, it also requires from adequate solutions to face potential cyber threats, which usually take advantage of new vulnerabilities. This is, indeed, the main aim of the MAGOS project: to providing energy operators with affordable solutions for monitoring and detecting potential threats in smart grids.

The work will be supported by four main pillars. (1) Gathering and analyzing data from social networks, specialized blogs and sites (OSINT) and also from smart devices connected to the smart grid (such as smart meters). (2) Privacy of data and communications in Smart grids to protect and anonymize users personal data and consumption profiles (applying obfuscation techniques) to avoid user reidentification and leakage of private information. (3) Scalability of the proposed solutions to analyse large and different data sources. In MAGOS will take advantage of the combination of (i) a centered-approach, based on Big Data computing and (ii) a distributed-approach, based on Fog Computing. (4) Secure assessment in smart grids to offer the operators a service to perform vulnerability assessments from the analysis of the gathered data.

In this MAGOS global framework, the specific objectives of the UVIGO sub-project focus on two main aspects. On the one hand, and related to the first pillar, obtaining and analysing the data,:

  • Data Fusion and Interoperability issues. Designing fusion mechanisms to merge data from open sources, like digital social media (social networks, chats, blogs, forums, etc.) together with data from the smart devices connected to the Smart Grid from different perspectives: energy distribution, consumption, energy market, etc.
  • Irregularity detection from fusion data. The solution will detect: (i) irregularities on distributed communications in different forums that could be evidence of orchestration behaviours (suspicious communities), based on natural language processing (hate speech, information about smart grid vulnerabilities, etc.), geo-location analysis of the sources and the interaction processes in open media (process mining); and (ii) irregularities on consumption patterns, that could entail potential threats.

On the other hand, and related to the third pillar, we will face the scalability problem of the analysis from a distributed perspective:

  • Fog-oriented approach at the user level that aims to move the analysis to the devices that manage the data, to reduce the scalability problems.. Thus, irregularities detection would be done at edge and even intermediate nodes to supplements analytics at upper levels in the cloud.
  • Fog-oriented solution based on distributed agreement. Both edge and intermediate nodes should collaborate to perform the irregularities analysis, thus nearby devices will share and compare their results. A distributed consensus solution will be designed in order to allow the interconnected devices to make a decision (which would trigger deeper analysis at upper levels) by using a voting system with reputation metrics