A Privacy-Preserving State Estimation Scheme for Smart Grids

With the appearance of electric energy market deregulation, there exists a growing concern over the potential privacy leakage of commercial data among competing power companies where data sharing is essential in the applications such as smart grid state estimation. Most of the existing solutions are either perturbation-based or conventional cryptography-based where a trusted central 3rd party would often be required. This article proposes privacy-preserving state estimation protocols for DC and AC models. The proposed idea is to distribute the overall task of the system state estimation into sub-tasks which can be performed by local sub-grid operators with their private data. A masking method is designed inside a homomorphic encryption scheme which is then used to ensure both the input and output data privacy during the collaboration process among individual sub-task players. Security is achieved via the computationally indistinguishable post-quantum security guaranteed by a levelled homomorphic encryption scheme over real numbers and the differential privacy of the output estimated states provided by the Laplace mechanism perturbation integrated into the masking linear transformation. Simulation results are presented to demonstrate the validity of our proposed privacy-preserving system state estimation protocols.


INTRODUCTION
T HE prominent deployment of Advanced Metering Infrastructure (AMI), Phasor Measurement Units (PMUs) and other types of sensors and smart devices on power systems provides rich sources of energy data for various types of analytics, ranging from energy management to security operations on smart grids [1], [2]. One of the most critical operations in smart grids is system state estimation [3]. Smart grid system states can support many useful applications such as quick fault identification and outage restoration management, real time performance optimization, etc. [4]. Therefore, it is critical to obtain an accurate system state estimation for smart grid management.
Power industry deregulation is driving the need for state estimation of interconnected power systems [5]. In a deregulated power grid environment, independent transmission grid companies (TGCs) possess their internal measurements, line parameters, network topology, and states of the portion of the grid they manage. To estimate the system state of a power grid, certain information from all involved sub-grids must be shared [6]. However, competing power companies (TGCs) may be reluctant to contribute their private data due to the potential of compromising their interests [7] or the threats of cyber-physical attacks once the power grid data are accidentally or deliberately leaked to hackers (e.g, false data injection attacks [8], [9]). For example, the knowledge of the system states of neighboring power systems can be used to create competitive advantages on an electricity market by tuning a bidding strategy based on a good forecasting of location marginal price [5]. The more TGCs participate in a wider interconnected grid, the more complex and cumbersome regulatory and legal frameworks need to be established to govern the sharing of data between different operators. This also leads to the concern of competitive privacy between multiple power operators [10]. For convenience, the terms ''TGC' and ''sub-grid operator' will be used interchangeably. A grid model is represented as a set of interconnected buses attached with power generators and loads as in a standard power flow analysis.
State estimation in an interconnected power grid can be performed in an integrated (global) or distributed (local) manner. For an integrated estimator, the whole measurement set is collected and processed in a single state estimator. For a distributed approach [11], [12], each sub-grid performs local state estimation with local measurements taken within its area and then exchanges some information. The distributed approach is less accurate than the integrated one, but less information needs to be shared. Although the distributed estimator requires fewer data to be shared, the vulnerability of privacy leakage still exists. Thus, it is necessary to find solutions for privacy-preserving state estimation in interconnected transmission power systems that can achieve the integrated state estimation while protecting the privacy of individual sub-grids.
Under the constraint of controlling the trade-off between state estimation accuracy and the privacy of sub-grid operators, privacy-preserving state estimation in an interconnected transmission power grid requires non-trivial solutions. Encryption and perturbation are two primary tools for addressing privacy issues [13]. MPC [14] adopting a multikey homomorphic encryption scheme which supports computation over encrypted data might be a candidate solution. The drawback is that a multi-key homomorphic encryption scheme is demanding in not only computation but also communication costs. The reason is that all parties have to generate partial decryption and share them so that it is able to decrypt or evaluate a function in the ciphertext space [15]. Masking the true data before sharing is another solution, namely perturbation. But it comes at the expense of state estimation accuracy degradation [16] or a requirement of a trusted centre and a secure distribution noise protocol [17], [18].
This paper examines the solutions to deal with the competitive privacy of transmission power companies when collaboratively implementing state estimation in an interconnected transmission power grid. From this perspective, privacy-enhanced versions for DC and AC state estimation are designed with the main contributions as follows: A novel idea is proposed that the overall task of privacy-preserving system state estimation, for both DC and AC models, is conducted by privacy-preserving collaborative computation over distributed pre-processed data from sub-grid operators. Privacy-preserving DC and AC state estimation protocols in a multi-area transmission grid are designed to provide a theoretical assurance of achieving state estimation accuracy and competitive privacy in a semi-honest adversarial model. Analysis of privacy regarding different types of adversaries is given. Privacy is mainly achieved via (1)-semantic security of a homomorphic encryption scheme and (2)-local differential privacy of the output estimated states with the Laplace mechanism integrated into a linear masking transformation. Experiments assessments are given and analyzed with the adoption of parallel matrix computation on high-performance computing to demonstrate the accuracy, efficiency, and scalability. The rest of the paper is organized as follows, Section 2 and 3 are the Related Works and Preliminaries sections. The system model and threat model are presented in Section 4, which is followed by the description and analysis of the proposed protocols in Sections 5 and 6. Empirical evaluation is provided in Section 7. Finally, Section 8 concludes this paper.

RELATED WORKS
The trade-off between privacy and state estimation accuracy was investigated in an information-theoretic framework [7], [10]. The study in [16] proposed a privacy-preserving state estimation method in a single feeder of a distribution network based on load measurements from smart meters. Consumers' meter readings are perturbed with Laplace or Gaussian noise to achieve differential privacy. While the perturbation method provides differential privacy, it affects the quality of state estimation. In addressing this problem, a privacy-preserving state estimation scheme was proposed based on the perturbation of meter readings at the distribution level of a power grid in protecting consumers' privacy while still allowing a distribution operator to implement accurate state estimation [17]. The noise elements perturbed meter readings are centrally calculated to exploit the kernel of an electric grid configuration matrix supporting noisecancelling in a state estimation process; thus, it does not affect the quality of state estimation as in [16]. The limitation is that the obfuscation necessitates a trusted lead smart meter to distribute each noise element to each designated meter. If this lead smart meter is compromised or acts as a semi-honest adversary, the scheme is insecure. The work in [18] improved [17] by splitting the process of generating and distributing the obfuscation vector among multiple gateways to reduce this vulnerability. However, this approach also does not provide a secure noise distribution protocol and still requires a trusted third party. Moreover, the issue of missing data (e.g., due to a communication loss) was not considered, whereas this problem could destroy the distortion error-free property, consequently affecting the correctness of state estimation. The system models of the state estimation schemes in [17], [18] are centralized with only one distribution system operator who carries out state estimation for a distribution grid; thus, only consumers' meter readings are required to be kept private. The configuration matrix (i.e, system parameters) and the estimated states are available for the distribution system operator in the scheme.
Considering a different privacy scenario in a transmission system, articles [10], [19], [20], [21] dealt with the threats of privacy leakage when state estimation is collaboratively processed between k sub-transmission systems. Existing approaches to decentralized state estimation partition the measurement vector such that each local area-based player attempts to perform local state estimation with measurements taken within its area. To estimate system-wide state variables, sub-systems need to share a portion of their data with others, but this raises the threat of breaching the private information of each sub-system. For a specific problem of distributed linear state estimation, [10] presented a trade-off between estimation fidelity and leakage of private state data as a result of sharing data in a two-agent network model. In [19], [20] a privacy-preserving distributed state estimation with phasor measurement units was investigated but the scheme still violates the privacy of sub-systems due to the exchange of information related to measurements on tielines linking neighbouring area. To securely contribute private information for a privacy-preserving hierarchical state estimation, [21] proposed a privacy-preserving distributed state estimation framework in which a cloud-based highlevel control centre coordinates low-level control centres to compute the estimated states. The scheme requires multikey homomorphic encryption to implement secure multiparty computation.
In this paper, we consider the privacy scenario in a multiarea transmission grid system. This is a competitive privacy problem [7] amongst the transmission system companies that have the conflict between the need of sharing data to estimate global system states with high accuracy (utility) and the need to withhold data (privacy) for competitive reasons. The proposed protocols focus on protecting the private data of a transmission grid company, not only its input data (meter measurement readings, power line parameters, network topology) but also its output estimated states, while simultaneously achieving the accuracy of the integrated state estimation. The solution is a hybrid of an obfuscation technique guaranteeing differential privacy and a single-key post-quantum secure homomorphic encryption scheme established in a two non-colluding server model. The two-non-colluding server model [22] is a core architecture commonly used by previous works on privacy-preserving machine learning (e.g., see [23], [24], [25], [26]) where no server is trusted to handle the clear data. In this core setting, after collecting private data in protected forms (often in encryption) from many data-owners, the two servers then securely compute the model in a 2party-secure-computation setting. The first server works on the encrypted data over the key of the second server while the second server works on the transformed data over the random elements of the first server. As long as the two servers do not collude, the security is guaranteed. This approach can help reduce the complexity of secure multi-party computation. A single-key homomorphic encryption scheme working on real numbers and achieving post-quantum security [27] is adopted. The proposed masking technique guarantees the differential privacy of the output estimated states.

Notations and Definitions
Column vectors are denoted by lower-case bold letters,

Matrices are denoted by upper-case bold letters, like A A A A A A A, where A A A A A A A T is the transpose of the matrix A A A A A A A, and A A A A A
A A À1 is its inverse. Either the zero-vector or the zeromatrix is represented by 0 0 0 0 0 0 0, which will be clear from the context. Given a set S, x $ S indicates that x is sampled uniformly at random from S. The sup-norm of a vector is defined by kx x x x x x xk 1 ¼ max i fjx i jg. The notions used in this paper are given in Table 1.

State Estimation
State estimation for electric transmission grids was first formulated as a weighted least-squares problem in [3]. State estimation is a central and essential part of every power control system. The main function of state estimation is to perform computer analysis of grid states under the conditions characterized by a set of measurements. Specifically, the output of state estimation is the value of the system state vector at a specific time point of measurement reading. Most state estimation programs in practical use are formulated as overdetermined systems of equations (i.e., systems with more equations than unknowns) and solved as weighted leastsquares problems.
The relationship between the measurement data and the states can be represented as a vector function h h h h h h hðÁÞ relating measurements to states, which are linear functions in DC models or non-linear functions in AC models [28] y y y y y y y ¼ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ þ e e e e e e e; where x x x x x x x 2 R n is the true system state vector of an N-bus power system, y y y y y y y 2 R m is the measurement vector, e e e e e e e 2 R m is a measurement error vector assumed to be zero-mean Gaussian distributed. The corresponding variance matrix is denoted by S S S S S S S ¼ diagðs 2 1 ; s 2 2 ; . . . ; s 2 m Þ, where s 2 i is the variance of reading errors of the ith measuring device (i 2 f1; . . . ; mg). Every two measuring devices are mutually independent.
The process of obtaining the estimated state vectorx x x x x x x is called state estimation which is considered the problem of minimizing the function where the function h i ðx x x x x x xÞ are the expressions of the measurements (e.g., power flows) in terms of states x x x x x x x. : (3)

DC State Estimation
In a DC model, the state variables are the angles. The linear relationship between the measurement data, y y y y y y y, and the states, x x x x x x x, is given by y y y y y where x x x x x x x ¼ ½u 2 ; u 3 ; . . . ; u n T 2 R nÀ1 are bus voltage angles for a n-bus power grid.
The value ofx x x x x x x minimizing J satisfies the normal equation H H T Á S S S S S S S À1 Á y y y y y y y. Thus, by solving the linear system equations x x with regarding to a DC model is obtained [28]. Algorithm 1 (DCSE) presents DC state estimation.
If a device d measures a power flow from bus i to bus j over the line ij connecting bus i to bus j, then where b ij is the parameter of the line ij Algorithm 1. DCSE(y y y y y y y; R R R R R R R; G) [28] Result: State estimatex x x x x x x 1 Based on the DC network model of G, form hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ

AC State Estimation
In an AC model, state variables are phase angles and voltage magnitudes. The relationship between the measurements (e.g., active power flows, reactive power flows) and the states forms a set of non-linear equations. The state variables in AC models are voltages magnitudes V i and angles u i (i 2 f1; . . . ; Ng) of all buses in the power grid. The nonlinear relationship between the state variable, x x x x x x x, and the measurement, y y y y y y y, can be formulated as where . . . ; V n T 2 R 2nÀ1 and hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ is the nonlinear function between the measurement data and the state variables.
If a device d measures an active power flow from bus i to bus j over the line ij connecting bus i to bus j, then If a device d measures an reactive power flow from bus i to bus j over the line ij connecting bus i to bus j, then where u ij ¼ u i À u j and ðg ij ; b ij ; b s ij Þ are the parameters of the line ij. Consider these above measurements with ðV i ; V j ; u i ; u j Þ as the state variables, the corresponding elements of a

Differential Privacy
Differential privacy [29] is a strong privacy model that resists background attacks and provides a provable privacy guarantee. Even if an adversary knows the maximum background information such as all the other records in a data set except one record, differential privacy theoretically proves that there is a low probability of the adversary figuring out the unknown record. A randomized mechanism M gives "-differential privacy for every set of outputs S, and for any neighbouring datasets of D and D 0 , if M satisfies where Pr½Á denotes probability and " is the privacy budget. A smaller " corresponds to stronger privacy protection, and vice versa.
Laplace Mechanism [30]: Given a function f : D ! R over a data set D, the following mechanism M provides the "-differential privacy where Lapð0; bÞ is a random noise sampled from the Laplace distribution with mean m ¼ 0, scale b ¼ Df " , and Df is the sensitivity of the function f. Algorithm 2. ACSE(y y y y y y y; R R R R R R R; G) [28] Result: State estimatex x x x x x x 1 Based on the AC network model of G, form a vector function hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ and HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ ¼ @hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ Differential privacy can be applied in the local setting where there is no trusted data aggregator and each user publishes the private data after adding noise individually [31], [32]. This local setting is for local differential privacy, which is a distributed variant of differential privacy [33]. The neighbouring datasets in local differential privacy are defined as two different values of the input domain. Randomized mechanisms satisfying differential privacy can also be applied in a distributed manner to achieve local differential privacy [33], [34], [35], [36], [37]. In a local differential privacy model, each user locally perturbs her data and then publishes the perturbed data to the server. This model provides strong protection because only the users know their exact data value. Given a noised output from a user, the original data is protected because all the possible values have similar probabilities to report the given perturbed output.
Local Differential Privacy [31], [33]: A randomized mechanism M satisfies "-local differential privacy if and only if for any pairs of input values v and v 0 in the domain of M, and for any possible output s in the range R of M, it holds Pr½MðvÞ ¼ s expð"Þ Á Pr½Mðv 0 Þ ¼ s:

Homomorphic Encryption
Informally, homomorphic encryption is a type of encryption that allows a computation performed on ciphertexts to generate an encrypted result such that if it is decrypted, the computation result performed on the plain texts will be the same. Formally, a homomorphic public-key encryption scheme E with key space K, message space M, and ciphertext space C is composed of the following algorithms: E:KeyGenerationðÞ ! fsk; pk; ekg: given the security paramter , output a secret key sk, a public key pk, and an evaluation key ek. E:Encryptionðpk; mÞ ! c: given the public key pk and a message m 2 M, output a ciphertext c. Consider an N-bus multi-area grid as k non-overlapping areas managed by k independent transmission grid companies (TGCs). If a bus in one sub-grid connects to buses in other subgrids, it is a boundary bus; otherwise, it is an internal bus. States corresponding to boundary (internal) buses are called boundary (internal) states. Similarly, if a measurement in one sub-grid is relevant to state variables or line parameters of other sub-grids, it is a boundary measurement; otherwise, it is an internal measurement. Each TGC owns private data, including internal measurements, internal topology and line parameters, and a set of estimated states corresponding to its buses. There are two types of states (or buses) that belong to each TGC: internal and boundary states (buses). For measurements, each TGC controls its internal measurements. The boundary measurements (i.e., power flows along tie-lines) are processed by a system operator (SO). An SO manages the interconnection area, consisting of tielines ending at two boundary buses (Fig. 1). A state estimation service (SE) solves the state estimation problem to help determine the states of the whole grid. System-wide state estimates are delivered to the corresponding TGCs (i.e., TGC i receivesx x x x x x x i ). Assume that SO and each TGC i possesses a set of measuring devices D i ¼ fd i 1 ; d i 2 ; . . . ; d im i g which provides measurements y y y y y y y i ¼ ½y d i 1 ; y d i 2 ; . . . ; y d im i T and the corresponding variance matrix S S S S S S S i ¼ diagðs 2

Threat Model
A semi-honest adversarial model is considered against the scheme. Adversaries are assumed to be semi-honest in the sense that they follow the protocol but can obtain available transcripts to learn extra information that should remain private (i.e., passive security). A good estimate of system-wide states supporting security operations and power management is a common interest of all parties; thus, it is reasonable that they are incentivised to follow the protocol to achieve the best output. However, some parties might be motivated to conspire with each other against a target party for some business benefits. For example, SE or SO may attempt to learn information about private data contributed by a target honest TGC since this data can potentially be sold to other TGCs managed by competitive commercial power rivals. In the above-proposed system model, a semi-honest adversary can be any party except for the target honest TGC h . SE and SO are assumed not to collude but might conspire with other colluded semi-honest TGC c against the target honest TGC h . Moreover, it is assumed that private and authenticated peer-to-peer channels exist between parties so that the data transferred cannot be modified. This can be enforced in practice with the appropriate use of Digital Signatures and Certificate Authorities.

PROPOSED PRIVACY-PRESERVING STATE ESTIMATION SCHEME IN TRANSMISSION POWER GRIDS
The proposed privacy-preserving state estimation scheme can be seen as secure multi-party protocols run by k þ 2 parties (k TGCs, SE and SO). This section presents secure multiparty computation protocols for privacy-preserving state estimation (DC and AC models). First of all, non-privacypreserving multiparty DC and AC state estimation are introduced. Then, protocols of privacy-preserving DC state estimation (Fig. 2) and privacy-preserving AC state estimation ( Fig. 3) are designed based on the integration of privacy-preserving methods into the non-privacy-preserving versions.

Non-Privacy-Preserving Version of Multiparty State Estimation
In the non-privacy-preserving version of multiparty state estimation for DC (Algorithm 3 -MDCSE) and AC (Algorithm 4 -MACSE), the data input for state estimation process is partitioned and prepared by different parties according to the partition of a whole transmission grid into multiple subgrids. The partition is compatible with the system model provided above.
In AC models, we have Thus Then we have Similar results apply to DC models. Therefore, the correctness of Algorithms 3 and 4 is guaranteed as the same as Algorithms 1 and 2.

Privacy-Preserving State Estimation Schemes in Transmission Power Grids
A commonly proposed approach is applied to construct privacy-preserving versions of multiparty state estimation for both DC and AC models. Each party encrypts/perturbs data before contributing their data for state estimation. The data protection process in both schemes includes data preparation, encryption, and masking. For both DC and AC models, the Setup procedure establishes cryptographic keys of k þ 1 parties (k TGCs and SE) to be used during the execution. Each party generates keys of the homomorphic encryption scheme, including a secret value key sk for decryption, a public key pk for encryption, and an evaluation key ek for homomorphic evaluation from algorithm KeyGenðÞ, where is the security parameter of the homomorphic encryption scheme. pk and ek of TGCs are published to SE and SO. pk and ek of SE are published to TGCs and SO. The followings are the descriptions of privacy-preserving DC state estimation, as illustrated in Fig. 2, and privacy-preserving AC state estimation, as described in Fig. 3.

Privacy-Preserving DC State Estimation
For a DC state estimator (Fig. 2), because of the linearity property (see Eq. (4) eb eb eb eb eb Each TGC i sends their encrypted data ðEA EA EA EA EA EA EA i ; eb eb eb eb eb eb eb i Þ to SO. When obtaining all data from k parties, SO homomorphically evaluates the function given k ciphertexts EA EA EA EA EA EA EA i (resp. eb eb eb eb eb eb eb i ) SO generates an invertible matrix R R R R R R R $ ½À1; 1 nÂn , a random vector r r r r r r r from Laplace distribution with zero mean and vari- where MAX is the maximum value of a state variable.
R R R R R R R and r r r r r r r are used to homomorphically mask the value of A A A A A A A and b b b b b b b, given the ciphertexts EA EA EA EA EA EA EA; eb eb eb eb eb eb eb Then SO sends ðEA EA EA EA EA EA EA Ã ; eb eb eb eb eb eb eb Ã Þ to SE. After receiving ðEA EA EA EA EA EA EA Ã ; eb eb eb eb eb eb eb Ã Þ from SO, SE uses its secret key to decrypt

Privacy-Preserving AC State Estimation
For an AC state estimator (Fig. 3), HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ HðxÞ ¼ @hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ hðxÞ @x x x x x x x is a function of the states and changes its value based on the estimated states of the previous iteration. A flat voltage profile x x x x x x x flat

A A A A A
Similar to privacy-preserving DC state estimation, having encrypted data from all k TGCs, SO homomorphically evaluates the sum function and the transformation using the random noises ðR; r R; r R; r R; r R; r R; r R; rÞ it freshly generated at each iteration before sending the encrypted results to SE.

Privacy-Preserving DC State Estimation
Based on the correctness of the homomorphic evaluation of the underlying homomorphic encryption scheme, from Eqs. (39) and (40), we have From Eqs. (44) and (45) x x x x x x x i ¼ Dec i ðe e e e e e ex x x x x x x i Þ ¼x x x x x x x Ã i À r r r r r r r i (53) x x x x x x x ¼x x x x x x x Ã À r r r r r r r:

Multiply both sides of Eq. (54) with the matrix A A A A A A A, we have
A A Á r r r r r r rÞ fromEq:ð51Þ shows thatx x x x x x x is the state estimates of non-privacypreserving state estimation.

Privacy-Preserving AC State Estimation
Note that protocol p AC is a sequential composition of INIT procedure and T iterations of the function block within the Repeat-Until loop (Fig. 3), which is denoted as p t .
To demonstrate that p AC is correct, we prove that p t correctly estimates Dx x x x x x x and the convergence condition kDx x x x x x xk 1 < t is correctly checked at the tth iteration.
As can be seen from Figs. 2 and 3, y y y y y y y À h h h h h h h Ã and Dx x x x x x x in p t substitutes y y y y y y y andx x x x x x x in p DC respectively. The changes between p DC and p t is that (H H H H   Dx x x x x x x ðtÞ ¼ Dx x x x x x x ÃðtÞ À r r r r r r r:

Multiply both sides of Eq. (57) with the matrix A A A A A A A, we have
x ÃðtÞ À r r r r r r rÞ x ÃðtÞ À r r r r r r rÞ A A Á r r r r r r rÞ fromEq:ð51Þ The convergence condition is checked correctly. In fact, the loop terminates when The homomorphic encryption scheme adopted guarantees that cont ðtÞ ¼ P k i¼1 b ðtÞ i .

Privacy
To implement global state estimation, it necessitates sharing private data between TGCs and SO which violates TGCs' privacy. There are three different types of private data corresponding to each local TGC i , which are the meter measurements (y y y y y y y i ), internal line parameters (h h h h h h h i ðx x x x x x x i Þ), and the estimated states (x x x x x x x i ). Here (y y y y y x x i is the private output of state estimation. The following analyses the privacy protection that the schemes provide in a semi-honest adversarial model, with regarding to two types of adversaries: Semantic security protection of the private input and output against an adversary A 1 controlling SO and colluded parties TGCs; Local differential privacy protection of the private output and multiplicative masking protection of the private input against an adversary A 2 controlling SE and colluded parties TGCs.

Privacy Protection Against an Adversary A 1
In a semi-honest adversarial model, the adversary A 1 has to follow exactly the protocol; thus, the leakage of private information of an honest party is only attributed to the view of A 1 in the execution of the protocol. Therefore, the proof of privacy is based on the construction of a simulator who resides in a secure-by-definition "ideal world" and generates a view for A 1 given A 1 's input and output. The requirement is that the generated view is computationally indistinguishable from the real view of A 1 in the "real world" (i.e., real execution of the protocol) [38]. This implies that A 1 learns from the real protocol execution nothing more than from the ideal protocol execution which provides security and privacy. In other words, a protocol protects privacy in a semi-honest adversarial model if whatever can be computed by a party participating in the protocol can be computed based on its input and output only. Definition 1. The protocol p realises state estimation functionality with privacy protection against a probabilistic-polynomial time adversary A 1 who controls SO and colluded TGCs in a semi-honest adversarial model if there exists a probabilistic -polynomial-time algorithm S generating simulated views for the adversary A 1 such that where is the security parameter, I A 1 ; O A 1 are the input and output of the adversary A 1 , I is the input of all parties. Sð; I A 1 ; O A 1 Þ is the simulated view, view p A 1 ð; IÞ is the adversary A 1 's real view in an execution of protocol p which includes the adversary's input, internal random tapes, and incoming messages.
In the proposed privacy-preserving protocols for DC and AC state estimation, what the adversary A 1 can have to deduce some information about an honest party are its input, output, and incoming encrypted messages. Informally, the above formal definition implies that what the adversary A 1 learns about the private data of an honest party TGC h from the protocol execution is no more than what she/he can derive from her/his input and output. Obtaining incoming encrypted messages of the target honest TGC's private data in a real execution of the protocol does not add up more information for the adversary A 1 . In the followings, we will prove that both p DC and p AC satisfy Definition 1 in terms of providing semantic security protection of the private input and output against an adversary A 1 controlling SO and colluded parties TGCs.
a. Privacy-preserving DC state estimation We prove that p DC realises DC state estimation functionality with privacy protection against a probabilistic-polynomial time adversary A 1 who controls SO and colluded TGCs in a semi-honest adversarial model with regard to Definition 1. That is, there exists a probabilistic polynomialtime algorithm S DC 1 such that the generated views by S DC 1 are computationally indistinguishable from the real views of the adversary A 1 in a real execution of protocol p DC fS DC 1 ð; where is the security parameter, I C is the input of A 1 's corrupted parties, O C is the output of A 1 's corrupted parties. The view of A 1 who controls colluded TGCs and SO during an excecution of p DC consists of the inputs, the internal random tapes of corrupted parties, and all the messages corrupted parties received [39], which is where E i is the set of all ciphertexts using TGC i 's public key, E SE is the set of all ciphertexts using SE's public key sent to A 1 's corrupted parties E SE ¼ ðfEA EA EA EA EA EA EA i ; eb eb eb eb eb eb eb i g i2f0ÁÁÁkg Þ (60) S DC 1 is given the security parameter , input I C ¼ fH H H H H H H c ; y y y y y y y c g c2C and output O C ¼ fx x x x x x x c g c2CnfSOg of A 1 's colluded parties, and works to generate the view for A 1 as follows: S DC 1 honestly follows the protocol to generate the sets of keys ðsk; 0 pk; 0 ek 0 Þ;  ðH H H H H H H 0 ; y y y y y y y 0 ; R R R R R R R; 0 r r r r r r r 0 Þ; ðpk 0 It remains to show that the distribution of the real view and the distribution of the generated view is indistinguishable. Note that, because the estimated statesx x x x x x x h (the plaintexts) of the honest party TGC h is a part of the whole estimated statesx ; y y y y y y y c Þ and outputx x x x x x x c . This is the deterministic leakage from the output of the state estimation functionality given a fixed input. This leakage is independent of the random messages (i.e., the ciphertexts) generated in the proposed protocol. Importantly, the definition of semantic security also considers an arbitrary auxiliary information function of the plaintext that may be leaked to the adversary. In state estimation, the leaked information Lðx x x x x x x h jðx x x x x x x c ; H H H H H H H c ; y y y y y y y c ÞÞ of the plaintextx x x x x x x h is auxiliary information of the plaintextx x x x x x x h . Hence, the indistinguishability of the view distributions can be justified by the indistinguishability of semantic security of the underlying homomorphic scheme with auxiliary information. By the semantic security of the underlying homomorphic encryption scheme with auxiliary information, the sets of the ciphertexts in the real execution and in the simulation are computationally indistinguishable. Besides, the sets of keys and random elements are identically distributed in the real execution and in the simulation (due to a semi-honest adversarial model). Therefore, the views are computationally indistinguishable.
b. Privacy-preserving AC state estimation We use the modular sequential composition theorem for a semi-honest adversarial model [39], [40] to prove that p AC privately computes AC state estimation functionality in the present of adversary A 1 . Note that, Sub-protocol INIT generates the keys ðsk i ; pk i ; ek i Þ used in all subsequent sub-protocols p t .
First, we prove that p t realises one iteration of ACSE with privacy protection against a probabilistic-polynomial time adversary A 1 who controls SO and colluded TGCs in a semi-honest adversarial model. That is, there exist probabilistic polynomial-time algorithms S t 1 such that the generated views by S t 1 are computationally indistinguishable from the real views of the adversary A 1 in a real execution of protocol p t where E ðtÞ i is the set of incoming ciphertexts using TGC i 's public key, E ðtÞ SE is the set of incoming ciphertexts using SE's public key sent to A 1 's corrupted parties at the tth iteration S t 1 is given the security parameter , input I ðtÞ C , and output O ðtÞ C of the colluded parties and works to generate the view for A 1 as follows: S t 1 honestly follows the protocol to sample R R R R R R R ðtÞ ; r r r r r r r ðtÞ . Due to the fact that S t 1 does not have the input and output of the honest TGC h , it sets the 'garbage' data of the n Â n identity matrix, the zero-vector of n components, and the zero value for the honest parties' data instead. S t 1 honestly follows the protocol to generate the encryption set E 0 SE , which is where From Eqs. (70) and (76) and the semantic security of the underlying homomorphic encryption scheme, the sets of the ciphertexts in the real execution and in the simulation are computationally indistinguishable. Besides, the sets of keys and random elements are identically distributed in the real execution and in the simulation (due to a semi-honest adversarial model). Therefore, the views are computationally indistinguishable, and (67) is proved. Next, to prove that p AC realises AC state estimation with privacy protection against a semi-honest adversary A 1 who controls SO and colluded TGCs, we construct a probabilistic polynomial-time algorithm S AC 1 such that the generated views by S AC where is the security parameter, I C is the input of corrupted parties of A 1 , O C is the output of corrupted parties of A 1 .
S AC 1 is given ; I C ; O C and works to generate the view for A 1 as follows: S AC 1 honestly follows the protocol to generate sets of keys ðsk i ; pk i ; ek i Þ. . Therefore, p AC provides "-local differential privacy protection forx x x x x x x ðtÞ with the Laplace mechanism.
By adopting the multiplicative masking for A A A A A A A using an invertible matrix R R R R R R R, from the public information that the state estimation functionality is solvable or not, an adversary can deduce the singularity of A A A A A A A. If the state estimation problem is solvable, A A A A A A A Ã is invertible, and then are not available to TGC c due to the unknown randomness ðR R R R R R R; r r r r r r rÞ. Thus, having the relation Moreover, from the result of the statistical properties of multiplicative noise masking for confidentiality protection [41], the efficacy of

privacy protection of A A A A A A A h h h h h
h h is estimated formally according to the variance of the noise distribution to generate the randomness R R R R R R R. The disclosure risk assessment is put in the scenario where an adversary knows the perturbed cell total ( and tries to infer about the value of a specific cell A A A A A A A½k; j (not mention the value of A A A A A A A h ½k; j). As from [41], the sufficient privacy for practical applications to be required would be that approximate 95% error bounds for each value A A A A A A A½k; j are at least p% away from its actual value. One possibility is to set s R R R R R R R ¼ p=200 [41]. Therefore, we can choose suitable noise distribution to achieve sufficient privacy protection with multiplica- , then p % 115.

Computation Cost
We estimate computation overhead in terms of the number of homomorphic computation operations in the protocols, including homomorphic encryption (#Enc), homomorphic decryption (#Dec), and homomorphic evaluation (#Eval). The computation cost of p DC is summarised in Table 3. In p DC (Fig. 2), each TGC i executes 2 encryption operations and 1 decryption operation. SO executes 5 homomorphic evaluation operations. For SE, the number of encryption and decryption operations is k and 2, respectively.
The computation cost of p AC is summarised in Table 4. In p AC (Fig. 3), for each p t , each TGC i executes 3 encryption operations to get EA EA EA EA EA EA EA i ; eb eb eb eb eb eb eb i ; eb i , and 6 encryption operations to get c c c c c c c b corresponding to each of its boundary bus b, thus counts to T Á ð3 þ 6 Á jB i jÞ encryption operations. The number of decryption operations that each TGC i computes is T . SO executes 8 homomorphic evaluation operations. For SE, the number of encryption and decryption operations is T Á ðk þ 2Þ and T Á 5, respectively. Table 5 provides the overall communication complexity of p DC and p AC in terms of the number of the plaintexts and the ciphertexts sent at each step of the protocol. Denote L p ; L c ; L k as the size of a plaintext, a ciphertext, and a pair key ðpk; ekÞ respectively.

Communication Cost
In p DC , each TGC i sends its ðpk i ; ek i Þ to SE and SO, 2 ciphertexts to SO; SO sends 2 ciphertexts to SE and k ciphertexts to k TGCs; SE sends its ðpk i ; ek i Þ to SO and TGCs and k ciphertexts to SO. Thus the number of key messages is: 2 Á k þ k þ 1 ¼ 3 Á k þ 1, the number of cipher messages is: In

EMPIRICAL EVALUATION
In this section, the proposed privacy-preserving state estimation schemes are simulated on the IEEE 14-bus system [42]. The efficiency and scalability are then analysed on bigger systems (for example, IEEE-118 bus [43] and IEEE-300 bus [44]) with the adoption of parallel matrix computation on high-performance computing infrastructure.
The IEEE 14-bus test case represents a simple approximation of the American Electric Power system as of February 1962 [42]. It has 14 buses, 5 generators, and 11 loads (Fig. 4). The IEEE 14-bus system is divided into 3 sub-systems TGCs with the statistics of the partition of the boundary (#bo) and internal (#in) buses and lines as in Table 6, in which three sub-systems are managed by TGC 1 ; TGC 2 ; TGC 3 and the interconnection area is handled by SO.
DC and AC load-flow calculations are performed using the open-source power system simulator Pandapower [45] to update voltage magnitudes and phase angles throughout the system. The results of the load-flow calculation represent the true states. Measurements are generated from the true states by adding device errors which are assumed Gaussian random noise with zero-mean and standard deviation of 0.01. The convergence threshold " for AC state estimation is set to 10 À5 . The performance metric is Root Mean Square Error (RMSE) where x i is the true state from load-flow calculation andx i is the ith estimated state. The homomorphic encryption scheme CKKS [27] is adopted as the underlying homomorphic encryption. An

Communication cost
p DC L k Á ð3 Á k þ 1Þ þ L c Á ð4 Á k þ 2Þ p AC L k Á ð3 Á k þ 1Þ þ T Á L c Á ð5 Á k þ 3 þ 6 Á jBjÞÞ encryption operation EncðxÞ includes encoding x first and then encrypting. A decryption operation DecðyÞ includes decrypting y first and then decoding. This scheme supports arithmetic operations over ciphertexts and arithmetic operations over ciphertexts and plaintexts. The scheme's security is based on the RLWE assumption over the cyclotomic ring R ¼ Z½X=ðX þ 1Þ. The setting is based on [46], with ¼ 2 13 . We also utilise library HEMat, [46] which demonstrates reasonable performance for practical use (e.g., homomorphic evaluation of CNN, making a prediction based on encrypted data and model) to encrypt a matrix homomorphically and perform arithmetic evaluation on encrypted matrices. We carry out the proposed privacy-preserving DC and AC state estimation and compare the results with the corresponding non-privacy-preserving version. As can be seen from Tables 7 and 8, the RMSE errors of the proposed scheme are similar to the non-privacy-preserving versions. The approximation is due to the approximation property of the underlying homomorphic encryption CKKS working on real numbers. The proposed privacy-preserving state estimation does not degrade the overall state estimation accuracy significantly. For time complexity, the privacy-preserving versions take longer to finish than the non-privacy-preserving versions due to the homomorphic operations applied in the scheme.
Next, the efficiency and scalability of the system are analyzed on bigger systems (for example, IEEE-118 bus and IEEE-300 bus) with the adoption of parallel matrix computation on high-performance computing infrastructure.
With ¼ 2 13 , a matrix of size 64 Â 64 can be encrypted in one ciphertext, which is sufficient for a data matrix of size 27 Â 27 in the IEEE-14 bus system. For bigger systems like IEEE-118 bus and IEEE-300 bus, 235 Â 235-matrices of IEEE-118 bus system and 599 Â 599-matrices of IEEE-300 bus system are too large to be encoded into one ciphertext. The approach is to partition these large data matrices into k 2 sub-matrices, where k ¼ bn=64c þ 1, and then encrypt them individually (n ¼ 2 Á N À 1, N is the number of buses). Arithmetic operations (addition, multiplication) over large matrices can be expressed as block-wise operations over the   sub-matrices of 64 Â 64 size as the same as IEEE-14 bus system. With parallel matrix computation algorithms [47], high-performance computing can be adopted to accelerate the computation speed. For instance, DNS algorithm of matrix multiplication performs matrix multiplication in time OðlogkÞ Á T 64 by using Oðk 3 =logkÞ processes where k 2 is the number of blocks and T 64 is the time for homomorphic matrix multiplication of 64 Â 64-matrices.
For the IEEE-118 bus system, by utilizing the computing system with k 3 =logk ¼ 32 CPUs (k ¼ 4) with DNS algorithms for matrix multiplication [36], the computation time can be estimated as logk ¼ 2 times as that of the IEEE-14 bus system due to the fact that homomorphic matrix multiplication consumes the most computation cost. Similarly, for the IEEE-300 bus system (k ¼ 10), the corresponding computation time can be estimated as logk ¼ 3:322 times as that of the IEEE-14 bus system.

CONCLUSION
This paper designs privacy-preserving state estimation schemes for DC and AC models to solve the problem of competitive privacy in a deregulated environment of interconnected transmission grids. Private protocols based on a hybrid approach of a linear transformation for masking and a quantum-secure homomorphic encryption scheme established in the two-non-colluding-server model are designed and analysed to be secure. The proposed protocols guarantee the state estimation accuracy and the competitive privacy of each sub-grid. The results from this research motivate us to design other privacy-preserving security operations in smart grids, such as privacy-preserving false data injection detection schemes which utilize the private estimate outputs of the proposed system.