Building Privacy Into Smart Buildings

UMass Amherst receives grant to enhance privacy in smart buildings and homes
smart meter

AMHERST, Mass. – As more smart grids and buildings are fitted with digital electric meters, Web-enabled appliances and lighting, programmable outlets and switches, and intelligent HVAC systems that rely on Internet-connected sensors, experts increasingly worry that smart sensors and other Internet-connected devices may leak sensitive private information, or hackers might take such data for malicious purposes.

Now a team of computer scientists and engineers at the University of Massachusetts Amherst has received a three-year, $486,524 grant from the National Science Foundation for a project to enhance privacy in smart buildings and homes, under the direction of David Irwin, electrical and computer engineering, and Prashant Shenoy of the College of Information and Computer Sciences.

Irwin explains that conducting some of the necessary tests in a real home would be too disruptive for the family, so much of this research will take place in a prototype programmable building now being built. The shed-like test home will have smart light switches, thermostats, lighting, solar panels, energy storage, a battery array and many other sensors so the researchers can run experiments using different techniques to encrypt data or otherwise protect privacy.

“It’s very easy to know whether someone’s home or not by following energy use data, so that might be considered sensitive information,” Irwin says. “On the other hand, energy companies can save you money by knowing that same information. They can charge you less for electricity in off-peak hours, for example. One thing we’ll be studying is how to preserve individual privacy while still allowing utilities to improve their operations.”

The research includes developing both consumer- and utility-driven mechanisms to preserve sensor-data privacy. There are various techniques available, the computer engineer notes, such as the utility encrypting data at the sensor itself, which might allow only certain analytic functions to run but prevent raw sensor data from individual homes being revealed.

As a consumer there are things one can do to make your home’s data more private, Irwin says, such as using a battery to store energy collected by solar panels or a timer to program energy use, which helps to mask identifiable features in your electricity data that reveal facts about you, and to shield information on which appliances you’re using and when you’re home. But batteries are expensive and not everyone can afford them or has room for them.

“What you choose to hide has different costs,” he points out. “Some of these strategies involve just a simple decoy, and there are others that are more complex. It’s a cost-privacy tradeoff, and we’ll be figuring out the best tradeoff point to get the most privacy for the least cost.”

This research will also develop an approach to controllable privacy, to enable users to control the amount of information smart devices leak to third parties. “When we’re finished, we should be able to help people understand what commercial privacy products can be helpful to the public,” says Irwin.

“People already know that when they’re using the Internet, mouse clicks can reveal a great deal to third parties and companies who want to sell you their products. But once they’re in your home and they know the things you’re doing in your own house, people may object more strongly, which is the reason for this type of study. Whether our new techniques make it into production will depend on how much people value their privacy,” he adds.