Smart Meter Privacy for Multiple Users in the Presence of an Alternative Energy Source

Smart meters (SMs) measure and report users' energy consumption to the utility provider (UP) in almost real-time, providing a much more detailed depiction of the consumer's energy consumption compared to their analog counterparts. This increased rate of information flow to the UP, together with its many potential benefits, raise important concerns regarding user privacy. This work investigates, from an information theoretic perspective, the privacy that can be achieved in a multi-user SM system in the presence of an alternative energy source (AES). To measure privacy, we use the mutual information rate between the users' real energy consumption profile and the SM readings that are available to the UP. The objective is to characterize the \textit{privacy-power function}, defined as the minimal information leakage rate that can be obtained with an average power limited AES. We characterize the privacy-power function in a single-letter form when the users' energy demands are assumed to be independent and identically distributed over time. Moreover, for binary and exponentially distributed energy demands, we provide an explicit characterization of the privacy-power function. For any discrete energy demands, we demonstrate that the privacy-power function can always be efficiently evaluated numerically. Finally, for continuous energy demands, we derive an explicit lower-bound on the privacy-power function, which is tight for exponentially distributed loads.


I. INTRODUCTION
With the adoption of smart meters (SMs) in energy distribution networks the utility providers (UPs) are able to monitor the grid more closely, and predict the changes in the demand more accurately.This, in turn, allows the UPs to increase the efficiency and the reliability of the grid by dynamically adjusting the energy generation and distribution, as well as the prices, thereby, also influencing the user demand.SMs also benefit the users by allowing them to monitor their own energy consumption profile in almost real time.Consumers can use this information to cut unnecessary consumption, or to reduce the cost by dynamically shifting consumption based on the prices dynamically set by the UPs.
SM deployment is spreading rapidly worldwide [1].In Europe, the adoption of SMs has been mandated by a directive of the European Parliament [2], which requires 80% SM adoption in all European households by 2020 and 100% by 2022.However, the massive deployment of SMs at homes have also raised serious concerns regarding user privacy [3].High resolution SM readings can allow anyone who has access to this data to infer valuable private information regarding user behaviour, including the type of electrical equipments used, the time, frequency and duration of usage [4], and even the TV channel that is being watched, as reported in [5].The privacy of smart meter data is more critical for businesses, such as data centers, factories, etc., whose energy consumption behaviour can reveal important information about their business to competitors.As pointed out in [6], depending on the monitoring granularity different consumption patterns can be identified.With a granularity of hours or minutes, one can identify the user's presence, with a granularity of minutes or seconds one can infer the activities of appliances such as TV or refrigerator, and with a granularity of seconds one could detect bursts of power and identify the activity of appliances such as microwaves, coffee machines or toasters.
Several methods have been proposed in the literature to provide privacy to SM users while keeping the benefits of SMs for control and monitoring of the grid.In [7] user anonymization is proposed by the participation of a trusted third party.Bohli et al. [8] propose sending the aggregated energy consumption of a group of users and in [9] users protect their privacy by adding random noise to their SM readings before being forwarded to the UP.Similarly, [10] proposes quantization of SM readings.
In all of the above work, privacy is obtained by distorting/transforming the SM readings before being forwarded to the UP.However, energy is provided to the user by the UP, and in principle, the UP can easily track user's energy consumption by installing its own smart measurement devices at points where the user connects to the grid.It seems that no level of privacy can be achieved under such a strong assumption; however, users can conceal the patterns corresponding to individual devices and usage patterns by manipulating their energy consumption.This can be achieved either by filtering the energy consumption over time by means of a storage device such as an electric car battery [11], [12], [13] and [14], or by considering the availability of an alternative energy source (AES) [14], [15].An AES can model a connection to a second energy grid, such as a microgrid, or a renewable energy source, such as a solar panel.
In our model, we assume that the users can satisfy part of their energy demand from the AES.While the UP can track the energy it provides to the users perfectly, it does not have access to the instantaneous values of the amount of energy the user receives from the AES.Hence, a certain level of privacy will be achieved depending on the amount of power available from the AES.For instance, if the power that the AES can provide is sufficient enough to satisfy, at any time, all the energy demand of the appliances, the privacy problem can be resolved in a straightforward manner, as no power is requested from the power grid.However, in general, the AES will be limited in terms of the average power it can support, and as we show in this paper, how the user utilizes the energy provided by the AES is critical from the privacy perspective.We measure the privacy through the mutual information rate between the user's real energy consumption and the energy provided by the UP (the SM readings).Mutual information has previously been proposed as a measure of privacy in several works [16]- [18], and in particular, for SM systems in [10], [12] and [14].
In our previous work [15], [19] we have characterized the minimum information leakage rate in the case of a single user with an average and peak power constrained AES.We have shown that there is a very close connection with this problem and the rate-distortion problem in lossy source compression [20] albeit with significant differences.Here we generalize our results to multiple users.In this scenario (see Fig. 1), multiple users, each with its own independent energy demand, share a single AES.The reason for users to share an AES can be economical.AESs, such as solar panels, and efficient energy storage units are expensive facilities, and may be shared by multiple parties to reduce cost.There could be also energy efficiency reasons: consider a scenario in which multiple smart meters belong to the same user; for example, different buildings of the same company.In such a case, the most energy efficient solution requires the centralized management of the AES for all the components of the system.
We assume that there is one separate SM for each user, and the privacy is measured by the total information leaked to the UP about the users' energy consumption.A single energy management unit (EMU) receives users' instantaneous energy demands and decides how much energy to provide to each user from the AES, while satisfying the average power constraint.We first introduce the privacy-power function which characterizes the minimal information leakage rate to the UP for a given AES average power constraint.We then provide a single-letter information theoretic characterization of the privacy-power function for the multi-user scenario when the input loads are independent and identically distributed (i.i.d.) random variables.While the EMU can employ energy management policies with memory, our result shows that a memoryless energy management policy that randomly requests energy from the AES is optimal, significantly simplifying the implementation.
We consider both discrete and continuous input loads.For discrete input load distributions, we first show that the optimal output alphabet can be limited to the input alphabet without loss of optimality, which allows us to write the privacypower function as the solution of a convex optimization problem with linear constraints.As a result, the privacypower function with discrete input loads can be evaluated numerically in polynomial time.We also provide a closedform expression for the privacy-power function when the input loads are independent and binary distributed.Using numerical optimization, we compare the optimal privacy-power function with two heuristic power allocation schemes.We consider a time-division heuristic scheme which, at each time instant, obtains the requested energy either from the grid or from the AES, but not from both simultaneously.We also consider an output load limiting heuristic scheme which limits the output load to a fixed maximum value in order to cover up any variation in the energy demand beyond this value.We numerically show that our optimal scheme provides significant privacy gains compared to these heuristic energy management policies.
While the numerical evaluation of the privacy-power function for general continuous input load distributions is elusive, we derive the Shannon lower bound (SLB) on the privacypower function, and show that this lower bound is tight when users have independent exponentially distributed input loads.For the latter case, we also show that the optimal allocation of the energy generated by the AES among the users can be obtained by the reverse waterfilling algorithm [20].The users with low average input load satisfy all their demand from the AES, while the users with higher average load receive the same amount of energy from the grid.
The rest of the paper is organized as follows.In Section II, we introduce the system model, and provide a single-letter information theoretic characterization of the privacy-power function when users have i.i.d.energy demands over time.Then we show that the privacy-power function for independent users can be solved by simply minimizing the sum of the individual privacy-power functions with a sum average power constraint.The derivation of the privacy-power function for discrete input loads and its particularization to binary input loads is addressed in Section III.Then in Section IV the privacy-power function for continuous input loads is studied and particularized to the exponential distribution.Numerical results are provided in Section V. Finally, conclusions are drawn in Section VI.

II. SYSTEM MODEL
We consider the discrete time SM model depicted in Fig. 1.We have N users connected to the energy grid.The energy requested by user i at time instant t is denoted by X i (t) ∈ X i , where X i is the support set of the energy demand of user i.We consider the availability of an AES in the system.The AES can provide energy to the users at a maximum average power of P .The AES reduces the energy requested from the grid; but the primary use of the AES here is to create privacy against the UP and other third parties.
The energy flow in the system is managed by the EMU.The EMU receives, at time t, the energy demands of all the users, i.e., the vector X(t) = [X 1 (t), ..., X N (t)].Part of the energy demand of the users can be supported by the AES, while the remainder is provided directly from the energy grid.We denote by Y i (t) ∈ Y i , the amount of energy user i gets from the grid at time t, or equivalently, the reading of SM i at time t.We define Y(t) = [Y 1 (1), ..., Y N (t)] as the aggregated SM readings available to the UP at time t.The energy demand of each user has to be satisfied fully at any time, that is, we do not allow outages or delaying/shifting the user demand.Moreover, we do not allow increasing privacy at the expense of wasting energy, i.e., we have 0 ≤ Y i (t) ≤ X i (t) for all t.
At the EMU, we consider energy management policies which, at each time instant t, decide on the amount of power that will be provided from the AES to each of the users based on the input loads up to time t, X t = [X(1), ..., X(t)], and the output loads up to the previous time instant, Y t−1 = [Y(1), ..., Y(t − 1)].We allow stochastic energy management policies, that is, the output load at time t, Y(t), can be a random function of X t and Y t−1 .We assume that, while the UP knows P , the average power generated by the AES, it does not have access to the instantaneous values of the energy users receive from the AES.Definition 1: Denote the vector of input and output load alphabets for all the users as respectively.A length-n energy management policy is composed of, possibly stochastic, power allocation functions for t = 1, ..., n, such that with We measure the privacy achieved by an n−length energy management policy with the information leakage rate.Assuming that the statistical behavior of the energy demand is known by the UP, its initial uncertainty about the real energy consumption can be measured by the entropy rate This uncertainty is reduced to 1 n H(X n |Y n ) once the UP observes the output load.Hence, the information leaked to the UP can be measured by the reduction in the uncertainty, or equivalently, by the mutual information rate between the input and the output loads, Notice that if we could provide all the energy required by the users from the AES, we could achieve perfect privacy, i.e., we would have I n = 0 for all n, by letting Y i (t) = 0 for all i and t.However, in general the AES will be limited in terms of the average power it can provide.We are thus interested in characterizing the achievable level of privacy as a function of the average power P that is provided by the AES, given by where the expectation is take over the joint probability distribution of the input and output loads.Definition 2: An information leakage rate -average power pair (I, P ) is said to be achievable if there exists a sequence of energy management policies of duration n with lim n→∞ I n ≤ I, and lim n→∞ P n ≤ P .
Definition 3: The privacy-power function, I(P ), is the infimum of the information leakage rates I such that (I, P ) is achievable.
The privacy-power function characterizes the level of privacy that can be achieved by an average power limited AES.The goal of the EMU is to achieve the minimum information leakage rate by optimally allocating the limited energy from the AES over the users and time.
This model of an AES is appropriate for energy sources with their own large energy storage unit, which can provide energy reliably at a certain rate for a sufficiently long duration of time.A peak power constraint on the AES, in addition to the average power constraint, is also considered in [19].On the other hand, in [14] we have explicitly considered the energy generation process at the AES, in which case the EMU is limited not only by the average power it can pull from the AES, but also the generated energy plus the energy available in the battery at each time instant.Such instantaneous constraints that vary over time depending on the energy management policy and the energy arrival process at the AES, render the analysis significantly harder as they prevent us from invoking information theoretic arguments that will be instrumental in obtaining the single-letter results in this work.
Our goal here is to give a mathematically tractable expression for the privacy-power function, and identify the optimal energy management policy that achieves it.In the rest of the paper, we consider i.i.d.input loads for simplicity, as this will allow us to obtain a single-letter expression for the privacypower function.Note that in most real-life applications there is a significant correlation among energy demands over time.The i.i.d.assumption allows us to characterize the optimal privacy-preserving solutions, which will be instrumental in identifying solutions for more realistic energy consumption models.Moreover, the i.i.d input load model might be valid in scenarios where the energy consumption either does not have memory at any time scale, or can be modelled as i.i.d.over the time scale of interest.This could be the case, for example, when there is a huge number of applications in use at any time, e.g., in a data center, where the input load can be modelled as i.i.d.over time for different traffic/ load states.
In the next theorem, we show that if the input load vectors X(t) are i.i.d.over time with f X (x), we can characterize the function I(P ) in a single-letter format.Note that the instantaneous energy demands of the users can be correlated with each other.
Theorem 1: The privacy-power function I(P ) for an i.i.d.input load vector X = [X 1 , . . ., X N ] with distribution f X (x) is given by where Y = [Y 1 , . . ., Y N ] is the corresponding vector of SM readings.Some basic properties of the privacy-power function I(P ) are characterized in the following lemma.The proof follows from standard techniques based on time-sharing arguments [20].
Lemma 1: The privacy-power function I(P ), given above, is a non-increasing convex function of P .
Next we prove Theorem 1.
Proof: We first prove the achievability.Given a conditional probability distribution f Y|X (y|x) that satisfies (5), we generate each Y(t) independently using f Y|X (y(t)|x(t)).The mutual information leakage rate is then given by I(X; Y) whereas the average power constraint in ( 5) is trivially satisfied.
For the converse, assume that there is an n−length energy management policy that satisfies the instantaneous and average constraints in (5).Let H(X) denote the entropy of the random variable X.The information leakage rate of the resulting output load vector will satisfy the following chain of inequalities: where (6b) follows from the assumption that the input loads are i.i.d.over time, (6c) follows as conditioning reduces entropy; (6e) follows from the definition of the privacy-power function I(•); (6f) follows from the convexity of function I(•) stated in Lemma 1 and Jensen's inequality; and finally (6g) follows since the energy management policy has to satisfy the average power constraint and I(•) is a non-increasing function of its argument.Remark 1.1:The achievability part of the proof reveals that the optimal energy management policy is memoryless; that is, it can be achieved by simply looking at the instantaneous input load, and generating the output load randomly using the optimal conditional probability, which simplifies the operation of the EMU significantly.This results in a stochastic energy management policy rather than a deterministic one.
We note here that the same performance in Theorem 1 can also be achieved by a deterministic block-based energy management policy if the user knew all the future energy demands over a block of n time instants.
We also note the similarity between the privacy-power function in (5) and the classical rate-distortion function [20].The characterization of the privacy-power function for a multiuser SM system is equivalent to the rate-distortion function for a vector source with a difference distortion measure However, despite the similarity between the expressions of the rate-distortion and the privacy-power functions, their operational definitions are quite different.In the case of lossy source compression, there is an encoder and a decoder and the ratedistortion function characterizes the minimum number of bits per sample that the encoder should send to the decoder, such that the decoder can reconstruct the source sequence within the specified average distortion level.In lossy source compression, the encoder observes the whole block of n source samples, and maps them to an index from the compression codebook, which is agreed upon in advance.
There are major differences between the two problems.In the SM privacy problem, there is neither an agreed codebook nor a digital interface.Here Y n is the direct output of the "encoder", rather than the reconstruction of the decoder based on the transmitted index.The EMU does not operate over blocks of input load realizations; instead, the output load is decided instantaneously based on the previous input and output loads.Similarly, in the SM privacy problem, there is no encoder or decoder either, although the EMU can be considered as an encoder and Y n as the reconstruction of the input load X n .However, the "distortion" constraint between the input and output loads in the SM privacy problem stems from the constraint on the available power that the AES can generate, rather than the limited rate of encoding as in the rate -distortion problem.
Having clarified the distinctions between the privacy-power and rate-distortion functions, we also remark the differences between our formulation of the SM privacy problem and the privacy-utility framework studied in [10].In our privacy model the SM readings are not tempered, and thus, the SMs report the exact amount of energy received from the grid.On the other hand, in [10], the SM readings are considered as the samples of an information source, which are compressed before being forwarded to the UP in order to hide their real values; and hence, privacy is achieved at the expense of distorting the SM measurements.The distortion constraint in [10] is explicit and measures the utility of the compressed SM samples.
If the users' input loads are independent from each other, but not necessarily identically distributed, the multi-user privacypower function in (5) simplifies further.The following chain of inequalities lower bound the privacy-power function under this assumption: where we have defined and I Xi (•) denotes the privacy power function for a system with an input load distribution f Xi (x i ).We can achieve equality in (8b) with independent EMU policies for individual users, f Y|X (y|x) = N i f Yi|Xi (y i |x i ).Consequently, we can achieve equality in (8d) by using the single user optimal energy management policy for each of the input loads separately, while satisfying the total average power constraint, N i=1 P i ≤ P .Following the above arguments, the problem of characterizing the optimal privacy-power function for a multi-user SM system is reduced to the following optimization problem In the following sections, we use the information theoretic single-letter characterization of the privacy-power function in order to obtain either closed-form solutions or numerical algorithms that give us the optimal energy management policies in multi-user SM systems with certain input load distributions and an average power constraint on the AES.

III. DISCRETE INPUT LOADS
In the previous section we have characterized the privacypower function for i.i.d.input loads as an optimization problem in a single-letter format in (5).Now we will show that this problem can always be efficiently solved for any discrete input load distribution.In addition, for the particular case where all the users have binary input loads, we give a closed-form expression for the privacy-power function.
For discrete input and output alphabets, the characterization of the privacy-power function I(P) in ( 5) is a convex optimization problem since the mutual information is a convex function of the conditional probabilities, f Y|X (y|x), for y ∈ Y N , x ∈ X N , and the constraints are linear.Then, (5) can be solved numerically, e.g., by the efficient Blahut-Arimoto (BA) algorithm [20].However, while the input load alphabet, defined by the system based on the energy demand profiles of the users, can be discrete, the output load alphabet is not necessarily discrete, and the output load, in general ,can take any real value.The next theorem shows that for discrete input load alphabets, the output load alphabet can be constrained to the input alphabet without loss of optimally, i.e., Y = X , and consequently, for any given discrete input alphabet the privacypower function can always be computed efficiently.This result is only valid for i.i.d.input loads, but does not require users' input loads to be independent from each other.
Theorem 2: Without loss of optimality, for discrete input load alphabets, the output load alphabet Y N can be constrained to the input load alphabet, i.e., Y N = X N .
Proof: Let the discrete input load alphabets for each user be defined as a possibly infinite set where m i = +∞ if the input alphabet is countably infinite.Define X C i as the set of non-negative real numbers that are not in the input load alphabet for each user i.For any vector x = [x 1 , ...., x N ] ∈ X N define the set x N ] where × denotes the Cartesian product and x − i = max {x ∈ {0, X i } : x < x i }.Now assume that the optimal privacy-power function in ( 5) is achieved by the conditional probability distribution f Y|X (y|x), which might take positive values for some y i ∈ X C i .We define the following new conditional probability distribution: The new conditional probability function does not allow any output value in X C i for any i, i.e., the output alphabet is limited to the input alphabet.Instead, any output vector y = [y 1 , . . ., y N ], which has a non-zero probability according to f Y|X (y|x), is assigned to a new output vector [ŷ 1 , . . ., ŷN ] such that ŷi = min{x ∈ X i : x ≥ y i }. (10) Notice that the energy management policy, f Ŷ|X (ŷ|x), is still feasible since the output load, at any time instant, is still less than what is requested by the appliances, i.e., ŷi ≤ x i , ∀i.Moreover, with this new conditional distribution the power load demanded from the AES can only have a smaller average value compared to the original energy management policy, since the output load is not reduced for any input load value.Thus, it only remains to show that the new conditional distribution leaks at most the same amount of information to the UP.Notice that the new output load Ŷ is a deterministic function of Y define in (10).Hence, from the information processing inequality, we have that X − Y − Ŷ form a Markov chain, and consequently, I(X, Y) ≥ I(X, Ŷ), which completes the proof.

A. Binary Input Loads
The simplest discrete input load model we can consider is a binary input alphabet with independent Bernoulli input load distributions for all the users, i.e., X i ∼ Ber(p i ), where p i = p Xi (L i ) and X i = {L i , H i } for i = 1, ..., N .Observe that the average power required by the i−th user is given by P Xi = L i + ∆ i (1 − p i ), where ∆ i = H i − L i .This power consumption model corresponds to a scenario in which the users, at each time instant, require either a constant high power load level H i , or a constant low power load level L i , i.e., the standby power consumption level.When there is a power demand, the EMU fulfills this demand either obtaining the energy from the UP, or from the AES according to p Y|X .
From Theorem 2, the optimal output distribution Y i is also binary for all i.Hence, the power allocated from the AES to each user is a binary random variable over the set {0, ∆ i }.Note that, since we require Y i ≤ X i , we can only provide energy from the AES to user i if X i (t) = H i and Y i (t) = L i , and consequently, p XiYi (L i , H i ) = 0 and p XiYi (L i , L i ) = p Xi (L i ) = p i .The energy obtained from the AES is then directly related to p XiYi (H i , L i ) by P i = ∆ i p XiYi (H i , L i ), and we can express the mutual information I (X i ; Y i ) for the bivariate binary distribution as a function of P i as follows: Observe that I Bi (P i ) is a monotonically decreasing function of P i , and I Bi (∆ i (1 − p i )) = 0. Consequently, the privacypower function for the binary model for a single user is given by where (x) + = max(x, 0).By particularizing (9) with I Xi (P i ) = I Bi (P i ) for all i, and solving the resultant problem, we find the optimal power allocation P * i as where p ∆i (λ) = 1 − e −λ∆i , and λ is chosen such that N i=1 P * i = P .Note that p ∆i satisfies 0 ≤ p ∆i ≤ 1.Then, the privacy-power function for the multiple users with independent binary input load distributions is given by where H B (p) denotes the entropy of a Ber(p) distribution.
Each user can achieve full privacy I Bi (P * i ) = 0 by obtaining an average power of P Xi − L i = ∆ i (1 − p i ) from the AES, the remaining power L i is obtained from the grid without incurring any lost of privacy.However, if the average power obtained from the AES is below P Xi − L i then the energy obtained from the grid comes at the expense of a loss in privacy.Note that P * i and I B (P ) depend on the input load parameters P Xi , L i , ∆ i , and p i in a non-straightforward manner.We postpone the detailed analysis of this privacypower function to Section V.

IV. CONTINUOUS INPUT LOADS
For continuous input loads, the optimal output alphabet is also continuous.Consequently, efficient algorithms, such as the BA algorithm, do not yield the optimal solution to (5).In this case, we provide a lower bound on the privacypower function by using the Shannon lower bound.We then show that this lower bound is achievable when the users have independent exponentially distributed input loads.
Using the SLB [20], for any input load distribution, we have where h(X) denotes the differential entropy of the continuous random variable X. Observe that, where we have used Exp(λ) to denote an exponential random variable with mean λ.In the above chain of inequalities, (16c) follows as conditioning reduces entropy, and (16d) follows since exponential distribution maximizes the entropy among all nonnegative distributions with a given mean value [20].
Next, we present the necessary and sufficient conditions for any piecewise continuous input load distribution f X (x) to achieve the SLB, together with the conditional probability distribution f Y |X (y|x) achieving it.We denote by u(x), the unit step function which assigns 0 for x < 0, and 1 for x ≥ 0. The Dirac delta function is denoted by δ(x).We use f ′ (x) to denote the first order derivative of f (x) and f (x + i ) = lim ) and x → x + i and x → x − i mean that x → x i from the left and right, respectively.Finally, we define . Theorem 3: Suppose that the input load distribution f X (x) is continuous on R + except for a countable number of jump discontinuities or non-differentiable points X D = {x 1 , ..., x D }.Then, the SLB ( 15) is achieved for all P satisfying g Y (y) ≥ 0, ∀y ∈ R + , where is a mixture of a continuous and a discrete function specified as follows: For all P , at which the SLB is achieved, the output distribution is given by f Y (y) = g Y (y) and the optimal conditional output load distribution reads . Proof: To show this results, we need to find the conditional distribution f Y |X (y|x) that satisfies the SLB with equality [20].We require the random variables V = X − Y and Y to be independent, and V to be distributed according to an exponential distribution V ∼ Exp(P ) with mean P .We first obtain the output distribution f Y (y) from its Laplace transform Lf Then, it follows that f Y (y) is given by (17).The conditional distribution f Y |X (y|x) is obtained using the fact that f X|Y (x|y) = f V (x − y).Finally, it can be shown that ∞ 0 f Y (y)dy = 1; and thus, the achievability is guaranteed by requiring f Y (y) ≥ 0, ∀y ∈ R + .Remark 3.1: If the achievability condition in Theorem 3 is satisfied for a given P max , it is satisfied at any P ≤ P max .Then it follows that, there is a unique critical average power level, P 0 , such that I X (P ) = h(X) − ln (P ) for all P ≤ P 0 and I X (P ) > h(X) − ln (P ) for all P > P 0 .
To find a lowerbound on the privacy-power function in the case of multiple users with continuous input load distributions, we replace I Xi (P i ) with (h(X i ) − ln (P i )) + in (9), and find the corresponding optimal power allocation P * i as where λ is chosen such that N i=1 P * i = P .Then the privacypower function for multiple users can be lower-bounded by

A. Exponential Input Loads
For an exponential input load distribution with mean λ i , i.e., X i ∼ Exp (λ i ), the SLB in ( 15) is achievable by using the conditional distribution [19] where f Yi is a mixture of a continuous and a discrete distribution specified by Then the privacy-power function for a single user with an exponential input load with mean λ i can be explicitly characterized as follows: By particularizing (9) with I Xi (P i ) = I Ei (P i ) for all i, and solving the resultant problem, we find the optimal AES power allocation among users, P * i , as the well-known reverse waterfilling solution where λ is chosen such that N i=1 P * i = P .The reverse waterfilling power allocation is illustrated in Fig. 2 for three users with independent exponentially distributed energy demands with means λ 1 , λ 2 , and λ 3 , respectively.The optimal reverse water level is given by λ, where the heights of the shaded areas in the figure correspond to the average AES powers allocated to the different users.We observe that the optimal energy management policy satisfies all the energy demands of the users whose average input load is below λ, directly from the AES.Hence, no information is leaked to the UP about the energy consumption of these users; user 1 and user 3 in the figure.The rest of the users receive exactly the same amount of power λ from the AES, and the remainder of their energy demand is satisfied from the grid.Finally, the privacy-power function for multiple users with exponential input loads can be expressed as V. NUMERICAL RESULTS In this section we numerically analyze the privacy-power function in a SM system with various input load distributions and number of users, by explicitly evaluating the information theoretic optimal leakage rate expressions.

A. Single User Scenario
In order to illustrate the behaviour of the privacy-power function for a simple binary input load system, we first consider a single user with an input load alphabet X = Y = {0, 1}, and p X (0) = p.We plot the I(P ) function for the binary input load in Fig. 3 for different p values.As expected, I i (P ) bits P Fig. 6.Individual privacy achieved by three users I X i (P ), i = {1, 2, 3}, each with a different input load alphabet and input load distribution, as a function of the average AES power P .
the required average power from the AES is maximum when the user wants perfect privacy, and it is zero when no privacy is required.We also observe that the privacy-power function is decreasing in P and convex.Another interesting observation from the figure is the fact that the I(P ) curves for two different input load distributions, i.e., different p values, might intersect.This means that, to achieve the same level of privacy a lighter input load might require lower or higher average power than a heavier input load.Also note that the two different input load distributions, say p = 0.1 and p = 0.9, have the same level of privacy when there is no AES in the system; however, the input load with lower average energy demand, i.e., the one with p = 0.9, achieves perfect privacy with a much lower P value.Next, we use the discrete uniform distribution to compare the privacy protection achieved by the information theoretical optimal policy derived here, with different heuristic policies.In this case, the input load has a uniform distribution U (x) with input load alphabet X = {0, c, 2c, ..., (N − 1)c}, where c = Based on Theorem 2, the output load alphabet can be limited to X without loss of optimality.We set N = 21 and in Fig. 4 we plot the privacy-power function for the optimal strategy obtained by the BA algorithm together with the privacy-power functions of the following two heuristic strategies: Time Division: In this policy, at each time instant, the EMU gets all the energy needed by the user, either from the AES or from the grid, but not from both simultaneously.Then, to satisfy the average power constraint at the AES, the EMU obtains energy from the AES with probability P E[X] .The information leaked to the UP, is thus given by Limit Maximum Output Load: In this policy, we use the AES to limit the maximum energy received from the grid.At each time instant, we get all the energy from the grid X(t) = Y (t) if X(t) < kc, whereas if X(t) ≥ kc we get Y (t) = kc from the grid and the remaining energy is taken from the AES.In this case, for each k = 0, ..., N − 1, the average power requested from the AES is given by and the information leaked to the UP is In Fig. 4, we can observe that given an average power limited AES, the privacy achieved by both of these heuristics is significantly lower than that of the optimal EMU policy.

B. Multi-user Scenario
Next we consider a multi-user scenario with N = 3 users.We assume equal binary load levels H i = 1 and L i = 0, but different average energy demands with p 1 = 0.9, p 2 = 0.5, and p 3 = 0.1; thus we have P X1 = 0.1, P X2 = 0.5, P X3 = 0.9.Fig. 5 illustrates the privacy for each user I Bi (P * i ) as a function of the average power P available at the AES.Notice that, although users 1 and 3, in the absence of an AES, leak the same amount of information to the UP, since H B (0.1) = H B (0.9), user 1 achieves perfect privacy much more rapidly since it has a lower average energy demand.Also note that, user 3 achieves perfect privacy for a much higher value of P , even compared to user 2, which leaks the highest amount of information when there is no AES, as it has the highest entropy.
Remember that, as opposed to the exponential input load scenario, in the binary case, the privacy-power function I Bi (P * i ) for each user does not depend solely on the average power demand of the user, but on both of the parameters ∆ i and p i .To illustrate this dependence, we consider a scenario again with N = 3 users, but with equal average power demands P Xi = ∆ i (1 − p i ), while L i = 0 for all i.We choose different parameters ∆ i and p i for each user.Fig. 6 again shows the privacy of each user as a function of the average power P .Observe that the optimal power allocation quickly reduces the information leaked by user 2, and achieves perfect privacy for this user much before the other two, although this is the user leaking the most amount of information in the absence of an AES.The input power loads for users 1 and 3 have equal entropy, but with different behaviours; user 1 demands large amounts of energy but very rarely, while user 3 demands low amounts of energy very frequently.The optimal EMU policy seen by these users also differs significantly.While for user 1 the privacy-power function is a concave monotonically decreasing function, for user 3 the privacy-power function is monotonically decreasing but piecewise convex.Next, we study the effect of the number of users on the privacy-power function.In Fig. 7, we depict the optimal information leakage rate with respect to the available average AES power for binary input loads with different number of users N = {1, 2, 3}.We can observe that with more than one user, we have different regimes of operation corresponding to the number of users that receive energy from the grid.Similarly, in Fig. 8 we consider the scenario with exponential input loads.In both models, regardless of the number of users in the system the total average power consumed by the users is fixed to P X .In the figures we set P X = 1.As expected, if the average power provided by the AES is equal to the total average power demanded by the users, perfect privacy can be achieved.Instead, as the average power of the AES goes to zero, all the information is revealed to the UP, and thus, the information leakage rate is equal to the sum of the entropies of all the input loads.In between these two extremes the privacy-power function exhibits a monotone decreasing convex behaviour, and the information leakage rate increases with the number of users in the system.

VI. CONCLUSIONS
We have introduced and studied the privacy-power function, I(P ), which characterizes the achievable information theoretic

Fig. 3 .Fig. 4 .
Fig. 3. Privacy-power function for a binary input-output system with different p values.

Fig. 5 .
Fig.5.Individual privacy achieved by three users I X i (P ), i = {1, 2, 3}, all with the same input load alphabet δ i = 1 i = {1, 2, 3}, but with different input load distributions as a function of the average AES power P .

Fig. 7 .
Fig.7.I(P ) with respect to the average AES power P for binary input loads with different number of users.

Fig. 8 .
Fig.8.I(P ) with respect to the average AES power P for exponential input loads with different number of users.
Fig.1.Smart meter model studied in this paper.The EMU receives the energy demand from multiple users, U 1 , . . ., U N , and decides how much of the energy demand of each user should be provided from the AES.The remainder of the energy demands are satisfied from the grid, which are measured and reported by the SMs to the UP.The privacy is measured through the information leakage rate, which measures how much information the UP receives about the input load [X(1), . . ., X(n)] by observing the SM readings [Y(1), . . ., Y(n)].