The Digital Watermarking Techniques Applied to Smart Grid Security

Power supply in the 21st century is facing more and more challenges, e.g., environment protection, energy shortage etc, such that the techniques related to power supply imminently need to be promoted. Complying with the development of green and lowcarbon economy, the concept of Smart Grid has been proposed. By and large, Smart Grid may be regarded as an important application of the techniques of wireless sensor networks and Internet of Things etc in power grid. Smart Grid should be a complicated integrated system with high security, which involves many aspects, e.g., the security of power generation equipments, the security of power transmission equipments, the security of data communications, and so on. Nonetheless, Smart Grid is an open and inclusive system, which makes it unsafe inevitably.

early warning information, and so on (Divan & Johal, 2006).By using the rich information, Smart Grid can efficiently control the power generation, transmission, distribution, scheduling, and sub-time pricing, as well as timely error check etc (Amin & Wollenberg, 2005).The hierarchical model of information flows in Smart Grid is shown in Fig. 1.

Fig. 1. The hierarchical model of information flows in Smart Grid
The communication networks related to Smart Grid consist of cable networks and wireless networks.The wireless networks mainly refer to wireless sensor networks that are usually used in some places where cable networks are not applicable to deploy or wireless sensor networks is more suitable.Smart Grid has a remarkable feature that its networks must be safer than other networks for general purposes.That is to say, Smart Grid must withstand the physical destructions and malicious network attacks without blackouts or a high cost of recovery (Perrig et al., 2004).Smart Grid security involves many aspects, where the data transmission security is one of the most important issues.Since the security mechanisms and techniques in cable networks are already quite rich and mature, we focus on trying to improve the security of the data in wireless sensor networks for Smart Grid.
Wireless sensor networks are a multi-hop self-organized network system, which contains a large number of miniaturized sensor nodes.These sensor nodes are distributed in a monitored area, and communicate in a multi-hop ad hoc way.They collaborate with each other to collect the sensitive information of monitored objects, and send them to a decision support center.The functions of wireless sensor networks consist of data collection, data transmission, and data analysis and processing.A sensor node, the smallest logical unit of wireless sensor networks, is a micro-system, which is integrated by sensor modules, data processing modules and communication modules.Sensor nodes build up wireless links to form a self-organized and distributed network architecture, depending on a certain network routing protocol that can fuse and aggregate the collected data and transmit them to the information processing centre (Chen et al., 2009).A network architecture of wireless sensor networks is shown in Fig. 2.
Smart Grid involves a large number of wireless sensor networks, so the data transmission security is an important issue in Smart Grid.However, due to wireless sensor networks with the large magnitude of energy-constrained sensor nodes and the high network dynamics caused by the node mobility or node failure, there still exist a lot of potential threats to the security of wireless sensor networks (Wang et al., 2006), e.g.: 1.The unauthorized interception of information.A sensor node transmits information to others by broadcasting, so any of communication devices within its RF radius may receive and intercept the information.2. Sensor nodes are vulnerable to be captured easily.We must take into account what measurements should be taken to fight against, while a sensor node is captured and used as a pseudo terminal to launch malicious attacks.3.In the practical environments, we must also consider which routing schemes should be adopted, in the case that some of sensor nodes do not work because of failures or attacks.4. Tampering with information is usually regarded as the most dangerous attack.The tampered information can be spread throughout networks like normal messages, which can attack or even control the whole networks.

Fig. 2. A network architecture of wireless sensor networks
These potential threats to wireless sensor networks cause unsafe data communications in Smart Grid.To obtain safe communication services from Smart Grid, we must solve the security issues about wireless sensor networks.However, because of the differences between wireless sensor networks and traditional networks, the security policies for wireless sensor networks should not be borrowed directly from the existing mature security solutions for traditional networks.The security policies should be more suitable for wireless sensor networks.Data encryption methods are widely used in traditional networks, where the information needed to be protected is generated to cipher-text information without readability or obvious correlation.Nevertheless, the resources of computation and storage at sensor nodes are scarce and limited.The traditional data encryption methods will seriously consume the expensive resources at sensor nodes, because they require more power and memory space to accomplish the data encryption procedure.Therefore, we need to use digital watermarking methods to implement the security policies in wireless sensor networks, because digital watermarking needs much less resources at sensor nodes than traditional data encryption (Xiao et al., 2008).

Digital watermarking
Digital watermarking is a special kind of information hiding techniques, which is used to detect piracies or illegal copies.The watermark is transmitted with the information embedded identity in a digital form.Digital watermarking technique is suitable for the data-centric wireless sensor networks.Reasonable watermarking algorithms can ensure the data security at a low cost of operation, and tolerate effectively the impacts from data processing.Using digital watermarking techniques to solve the security issues in the wireless sensor networks for Smart Grid is a practical and effective solution (Xiao et al., 2007).

Fig. 3. The operation procedures of watermarking
Digital watermarking algorithms consist of three basic procedures: watermark generation, watermark embedding, and watermark extraction or detection.The main idea of watermarking algorithms is that watermarks are generated by watermark generation algorithms, and then are embedded into the data collected by sensor nodes.The watermark information is stored in the memory at a node before the data in this node is transmitted.
The destination nodes operate the watermark detection in terms of the designated keys and parameters.Only the data with correct watermarks can be considered reliable, meanwhile, it must be eligible for storing and forwarding.Otherwise, it is considered counterfeit or damaged, and discarded directly (Feng & Potkonjak, 2003).The detailed operation procedures about watermarking are shown in Fig. 3.
In this chapter, based on alternating electric current and time window respectively, we propose two digital watermarking algorithms in wireless sensor networks for the data transmission security of Smart Grid.

Digital watermarking algorithm based on alternating electric current
4.1 Algorithmic process

Watermark generation
The electric current on electric transmission line is alternating, which means its current value and direction change periodically.In addition, the electric current is a monotonic function of time, a sine trigonometric function.That is to say, both current intensity and orientation are a unique value at any given time within a cycle.These features of alternating electric current are ideal for watermark generation (McDaniel & Mclaughlin, 2009).We use the alphabet I to represent the electric current.Physically, it is a vector that contains the information of both its value and direction.As electric current is periodic, the value may be equal although the current direction is different at different times.In order to generate diverse watermark information, we make some special changes to the reverse electric current before watermark generation (Cox et al., 2007).
Suppose the format of a sent packet is Packet = (Head, Send_Data), where Head is the packet's head including routing information, data type, and packet length etc. Send_Data is the data which the sensor node sends at a time.It is also the buffer content at the sensor node when its buffer is full.Send_Data contains a variety of collected data items, and the current at the moment of the data item acquisition.Send_Data = (Data Suppose that a packet consists of Head and m data items in a collection cycle.The watermark generation algorithm is described as follows: 1. Taking out each data item from Send_Data. 2. Using single hash function to compute its hash value, according to the key and electric current I at the moment of data collection.This step can be described as a program statement hsh[i] = Hash(Key, Data[i].I).

Watermark embedding
To minimize the varying range of data, only the watermark at the least significant bit of data item is embedded.Considering the fact that the energy at sensor nodes is limited, the watermark algorithm should be designed concisely, so we take the following two measures: 1. Selecting some items randomly from the data items (i.e., Data[1], Data[2], Data[3], …, Data[m]) to embed watermark, which can reduce the computational complexity.2. Deriving the least significant bit of data item Data[i], which will be embedded watermark; and selecting some fixed binary bits of the least significant bit, which are the watermark embedding positions.That can simplify the watermark extraction.
The embedding algorithm uses the same key as the generation algorithm.The scaling parameter u is selected in terms of the requirements to security, which is used to control the percentage of data items needed to be embedded watermark.We only insert watermark into the data items whose random numbers can divided by u.Macroscopically the value of u reflects the dense degree of data items embedded watermark in a packet.Larger the value of u is, and smaller the probability of related data items inserted watermark is.After determining which data item should be inserted into watermark, we can get the watermark information by using the algorithm in Fig. 5. Next we insert it into the fixed position of the data item's LSB (the least significant bit).The detailed steps of the watermark embedding algorithm are shown in Fig. 6.

Watermark detection algorithm
The structure of received packet is the same as that of sent data.In order to illustrate it clearly, we describe a received packet as Packet_R = (Head, Receive_Data), where Receive_Data is the content of received packet with watermark information.The watermark detection process is as follows: 1.The node reads each data item in a received packet.However, the security of a data item does not ensure the packet is safe.In order to measure the security of a packet, we introduce a threshold parameter P. It represents the correct watermark rate of all data items in a packet, which shows the authentic level of all data items in a packet.If the watermark detection rate of all data items in a packet is larger than P, we say that the credibility of this packet's contents is fully consistent with the requirements.The packet is correct and acceptable; conversely, it should be dropped by the corresponding node.The meta-code of the watermark detection algorithm is shown in Fig. 7.

Performance analysis
We employ Matlab7.0 as our experimental network environment.The coordinate area of simulation configuration is 40m * 100m, and a total of 50 sensor nodes are distributed uniformly.We draw out 300 packets to analyze, and initialize each node's energy to 2 joules.In order to facilitate and simplify the simulation, the electric current value is measured as follows.The watermarking algorithm makes use of its value directly if the current value is positive.When it is negative, we multiply the current value by a constant, then use the transformed values to generate watermark.
1. Detect_W (Receive_Data, Key, Num, P) { 2. Right_count = W_count = 0 /*Right_count is the total number of data items that can be correctly detected the watermark in a packet.W_count is the total number of data items that contains watermark in a packet*/ 3.For i = 1 to m 4. If (Receive_Data[i].Flag = 1) then 5. W_count = W_count + 1 6.Before evaluating the performance of this watermarking algorithm, it is necessary to verify that it is reasonable and viable for data security by experiments.Here we can reach the experimental goal by comparing the received watermarked message from a certain data packet to its original watermark message, as shown in Table 1 (three data packets are selected, i.e., Packet 1, Packet 2, and Packet 3).Next, we analyzed the algorithm's performance from three aspects: the security of algorithm, the network throughput, and the node energy consumption.

The security of algorithm
We evaluate this algorithm's security according to the statistics of its probability of handling the data correctly.For this purpose, we introduce the formula of algorithm detection rate.
Wherein P_Dective is the detection rate of packets, and Dective_Sum is the number of packets whose watermark are correctly detected.Receive_Sum is the total number of received packets.In this experiment, we add 7 attacking nodes, 3 camouflage nodes, and assign different values to the embedding parameter u at the same time.The results are shown in Fig. 8. Different values of parameter u have different impacts on the detection rate to some extent.Larger the value of parameter is, and less the detection rate is.The reason is that the larger value of u, the smaller probability of embedding watermark in data items, correspondingly, the less amount of watermark information the packet contains.But when u takes a smaller value, the detection rate is still quite large (nearly above 95%) regardless of the number of packets increasing.From the experimental results, we are able to anticipate that this algorithm can efficiently operate with a high security when the proper value of u is chosen.

Network throughput
An important advantage of digital watermarking is that it does not increase the burden of network transmission.In this algorithm, we replace the most important part of the carrier with the watermark through the least significant bit (LSB) method, which does not import an additional data for the original data.Therefore, digital watermarking technique can maintain the throughput of the original network well, as shown in Fig. 9.
In general, the throughput of the networks without watermark information is slightly larger than that of ones with embedded watermark.At the beginning, the number of the nodes packets is smaller, such that the network is unimpeded and faster.Thus, the network throughput increases rapidly.But as more and more nodes begin to transmit packets, the number of sent packets increases, which leads to a slight decline in the throughput of the networks with watermarks because of the watermark embedding and the data operation frequently.At last, with the end of data collection, forwarding, transportation, and processing etc, the network throughput becomes less and less.From the experimental results, the digital watermarking technique can effectively protect the packet transmission.Moreover, it does not increase the burden of network throughput.

The node energy consumption
Since the complexity of this watermarking algorithm is O(m), it does not increase the energy cost at sensor nodes, when processing the watermark information.In addition, the watermark is directly embedded into the data item, which does not take up additional storage space at the node.So the node energy is mainly consumed on data transmission process.Therefore, the digital watermarking technique can well meet the requirement that the energy at sensor nodes is limited in wireless sensor networks.In the experiment, the energy consumption at the nodes that communicate with lots of neighbours is higher.On the contrary, the energy consumption at the nodes with less traffic is lower.Overall, the differences of energy consumption are quite slight in spite of the node with watermark or not.

Algorithmic process
According to the characteristics of time zone storage format of packets in wireless sensor networks and the digital watermarking, we proposed another new digital watermarking algorithm based on time window.At first, we defined the format of packets with encapsulated format, and divide the packet into eleven parts.The contents of each part are described in Table 3 We use one byte to store the sending time of the packet, and set it to the float type.If we operate the lowest bit of this byte with 0 or 1, its value will be certainly changed.However, this change is quite slight, only between -0.3% and 0.3%.The higher accuracy we use, the smaller impact it will be.The offset value is always at the range of the sensor's tolerance deviation.Time information is recorded in the 6 th fixed field of the packet format, so it is the lowest bit of the value.In this case, the sensor for different usages will not be affected even if the lowest bit of the time information is changed.
And then, we introduce the watermark embedding and detection algorithms based on time storage format.At first, we deal with the data area (i.e., the 9th field) of a packet by the MD5 algorithm, and get a unique mapping.After that, let the value which is generated by this mapping XOR the watermark.At last, embed the result into the hidden bit.The mapping is one-way and irreversible, such that the watermark adding to this mapping can ensure the better reliability of the transmission (Katzenbeisser & Petitcolas, 2000).

The watermark embedding
The watermark embedding procedure consists of the following four steps (see also Table 4 in detail): 1. Firstly, we select the 4 th field of a packet as the original information M, and then operate the original information M with the key K and the watermark generation algorithm G.
Then we get the watermark W.
Input: Information packet, and the key K Output: The document embedded information, packet'  4. The process of the embedding watermark based on time window 2. Secondly, calculate the hashing value of the data items of the packet with the MD5 algorithm, and then get a hashing value hsh which is mapping with the data items of the packet.3. Third, let hsh XOR W, and embed the results into the lowest bit of the time information (i.e., the 6 th field of the packet).4. Finally, use CRC algorithm to check from the 3 rd to the 9 th field in the packet, and put the results into the 10 th field in it.

The watermark extraction and detection
After transmitting through the relay nodes, packets will reach the base station.We will extract and detect the watermark.
As shown in Table 5, we use CRC algorithm to check from the 3 rd to the 9 th field data in the packets, and compare the results with the content in its 10 th field.If they are not same, the packet should be discarded.Otherwise, we get the embedded data from the lowest bit in the time information, and then extract the watermark W' with the watermark extraction algorithm.At last, we compare W' with '' W .If they are equal, the packet is accepted; if not, it will be discarded.

Performance analysis
We investigate the efficiency of the algorithm and its network performance by simulation experiments.The experimental configuration in Matlab7.0 is described as follows.The coordinates area is 40m * 100m, and a total of 50 sensor nodes are distributed.There are 300  5.The process of watermark extraction and detection based on time window packets are drawn out for analysis, and the size of each packet is set to 128 bit.In addition, each node's energy is initialized to 2 joules.We take the embedded value as the source node's ID, and regard the collecting time of data as its sending time approximately.When the parameter configuration is ready, we start to embed watermark and to transmit data.During the transmission, the energy consumption, the processing speed, the time consumption, and all received data at the base station are recorded in different document files.
Similarly, by comparing the received watermark from a received data packet to its original watermark, as shown in Table 6, it can be seen that this watermark algorithm is also reasonable and viable for data security, because it is able to identify those malicious packets.At the end, we probe its performance from four aspects: the security of algorithm, the network throughput, the network delay, and the node energy consumption.

The security of algorithm
The main objective of this algorithm is to find the counterfeit or damaged data and discarded them directly when there are malicious node attacks during network transmissions.Fig. 10 is the comparison of packet loss between the transmissions with embedded watermark and ones without watermarking in a simulation network environment.In this algorithm, the packet loss in the base station consists of two parts: one is the packet loss in the network communication, and the other is the received packets that are malicious and discarded directly.Seen from Fig. 10, the number of packet loss with embedding watermark is more than that without digital watermarking.We should also note Original watermark Received watermark Table 6.The original watermarks and received watermarks in 15 data packets that the number of packet loss without watermarking algorithm only is the number of the lost packets during the network communication.However, the number of packet loss in wireless sensor networks with watermarking algorithm not only contains the lost packets during the network communication, but only includes the packet loss during the data processing at the base station.In short, from the experiments we can conclude that this watermarking algorithm for wireless sensor networks can implement the function of identifying and discarding the malicious packets.

Network throughput
It is shown in Fig. 11 that the comparison of network throughput between the wireless sensor networks with embedded watermark and that without watermarking in a simulation network environment.The packets which the whole network can send are changed as the simulation time increases.And the network throughput without watermarking is slightly higher than that containing watermarking, with the maximum throughput difference 20.
The reason is that the nodes that transmit and forward packets are less at the beginning, and the network is smooth, fast, and less delay such that the data throughput increases slowly.
However, as more nodes join into the transmission of packets, the whole network can send more and more packets.Due to embedding the watermark frequently, the throughput with watermarking algorithm will be slightly slower than that without watermarking.Finally, due to the end of data collection, the number of nodes joining transmission and forwarding gradually become less such that the whole network send less and less packets.And the network becomes smooth with less delay and unaffected data throughput.

Network delay
Generally speaking, the network delay is the interval between the sending time and the receiving time of packets in end-to-end network communication, which consists of the propagation delay, the transmission delay, the queuing delay, and the routing execution delay etc. Fig. 12 is the comparison of network delay between the wireless sensor networks with embedded watermark and that without watermarking.As the simulation time increases, the number of packets which the whole network can send is increasing.At this time, the network delay with watermarking is slightly more than that without watermarking.This reason is that the nodes that transmit and forward packets are less at the beginning, and the network is smooth and fast with less delay.The more nodes join into the transmission, the more packets the base station receives.Due to embedding the watermark frequently in wireless sensor networks with digital watermarking, the network throughput decreases, on the contrary, the network delay increases.Finally, since the transmission comes to a close, the network recovers with less delay.

The node energy consumption
It is shown in Fig. 13 that the comparison of node energy consumption between wireless sensor networks with embedded watermark and that without watermarking in a simulation network environment.The nodes sending data can select their neighbour nodes according to the routing and calculated hop-count to transmit and forward packets.This figure shows that the nodes that frequently use the same path will consume more energy.When a sensor node is failure, the node will automatically select the other neighbor nodes to transmit.However, it will prolong the survival of the entire network.From the figure, we can find that the node energy consumption in wireless sensor networks with watermarking algorithm does not differ much from that without watermarking.Therefore, the digital watermarking based on time window can well meet the requirement that the energy consumption at sensor nodes is limited in wireless sensor networks.

Conclusion
This chapter begins with a general introduction to Smart Grid, wireless sensor networks, and their security issues.Next it is followed up by the basic principle of digital watermarking applied to Smart Grid.The chapter focus on two digital watermarking schemes based on alternating electric current and time window, respectively.Both of them consist of watermark generation, watermark embedding, and watermark extraction or detection algorithms.Afterward, we evaluate the two watermarking schemes from their security, network throughput and energy consumption etc by lots of simulation experiments.The results show that it is reasonable and beneficial to apply digital watermarking to handle the data security in Smart Grid.The watermarking schemes we propose fully take into account the characteristics of both Smart Grid and wireless sensor networks.With the development of wireless sensor networks and digital watermarking techniques, we believe that digital watermarking would play a more and more important role in Smart Grid.
The data communication security in Smart Grid is a comprehensive and complicated research topic.Although some research fruits are obtained in this chapter, there still remain some problems needed to solve.The digital watermarking schemes proposed in this chapter could bring some distortions for data when considering the interference from communication noise.In addition, the robustness of watermark is not explored yet so far.How to design a robust watermarking scheme without distortion is our future work.

3.
Fig. 5.The meta-code of the watermark generation algorithm

Fig. 6 .
Fig. 6.The meta-code of the watermark embedding algorithm 2. Retrieving the state of each data item's flag bit.If the flag is 1, the function Get_LSB (Data[i]) obtains the data item's watermark W', and compare W' to W = Generate_W (Receive_Data[i], Key, Num).If they are same, it means the data item Data[i] is safe.

Fig. 7 .
Fig. 7.The meta-code of the watermark detection algorithm

Fig. 8 .
Fig. 8.The comparison of the securities Fig. 9.The comparison of the network throughputs

Fig. 12 .
Fig. 12.The comparison of network delay

Fig. 13 .
Fig. 13.The comparison of node energy consumption

Table 1 .
The comparison received watermarks to original watermarks in 3 data packets

Table 2
Table 2 is the energy consumption statistics of some nodes.
. The energy consumption at a part of nodes (unit: micro joule) www.intechopen.com

Table 3 .
The definition of packet format