Regional Load Forecasting Scheme for Security Outsourcing Computation

Abstract

Smart grids generate an immense volume of load data. When analyzed using intelligent technologies, these data can significantly improve power load management, optimize energy distribution, and support green energy conservation and emissions reduction goals. However, in the process of data utilization, a pertinent issue arises regarding potential privacy leakage concerning both regional and individual user power load data. This paper addresses the scenario of outsourcing computational tasks for regional power load forecasting in smart grids, proposing a regional-level load forecasting solution based on secure outsourcing computation. Initially, the scheme designs a secure outsourcing training protocol to carry out model training tasks while ensuring data security. This protocol guarantees that sensitive information, including but not limited to individual power consumption data, remains comprehensively safeguarded throughout the entirety of the training process, effectively mitigating any potential risks of privacy infringements. Subsequently, a secure outsourcing online prediction protocol is devised, enabling efficient execution of prediction tasks while safeguarding data privacy. This protocol ensures that predictions can be made without compromising the privacy of individual or regional power load data. Ultimately, experimental analysis demonstrates that the proposed scheme meets the requirements of privacy, accuracy, and timeliness for outsourcing computational tasks of load forecasting in smart grids.

1. Introduction

The smart grid integrates advanced communication and control technologies into traditional power systems, enabling bidirectional communication and data sharing [1]. With robust fault detection and self-healing abilities, the smart grid can automatically detect faults in the power system and repair them. Through monitoring and data analysis, it can identify potential faults and take preventive measures. The smart grid exhibits enhanced capability in integrating renewable energy sources, including wind and solar power, while effectively balancing supply and demand through the utilization of demand response and energy storage technologies, thereby fostering the adoption of clean energy. Additionally, it empowers users to actively engage in the operation of the power system by leveraging smart meters and home automation systems. Users can adjust their electricity usage based on price signals, conserve energy, and promote environmental protection [2,3]. The smart grid employs cutting-edge measurement devices, sensors, and smart meters to amass vast quantities of diverse power load data. By harnessing advanced technologies, including artificial intelligence and big data modeling, to scrutinize these data, power grid companies can elevate their management of grid loads, streamline energy distribution processes, and augment energy utilization efficiency. Furthermore, the swift progression and deployment of artificial intelligence and big data analytics technologies furnish novel methodologies and pivotal technical backing for undertakings like load forecasting within the framework of the smart grid [4,5].

However, the smart grid gathers real-time power load data via smart meters and various monitoring devices, which potentially encompass sensitive information. If the transmission and utilization of these data are not managed appropriately, it may result in privacy infringements [6,7]. For instance, regional-level load data held by grid companies might reveal operational aspects such as the scale and fluctuations of power generation, which could be valuable business intelligence for competitors. At the household level, user-specific power load data reflect electricity consumption patterns. If not protected, they can easily disclose sensitive information about users’ privacy, such as lifestyle habits, the number of household members, and when they are at home. This poses a serious threat to the stability of the smart grid system and user security. To protect data privacy, some countries and regions have introduced relevant laws and regulations. The European Union also enacted the “General Data Protection Regulation (GDPR)” in 2018 [8], stipulating that data collection should strictly adhere to the principles of minimization and consent. However, the capabilities of the smart grid, such as power load forecasting, load management, and fault detection, rely on the analysis and modeling of massive amounts of data. Hence, conducting research into the development of a precise and efficient smart grid load forecasting system, whilst ensuring the safeguarding of data privacy, holds immense importance for the contemporary energy industry framework.

Smart grid companies possess regional power load data, which enables them to plan and manage equipment, adjust the output of power generation units based on real-time data, efficiently schedule energy supply, enhance grid efficiency, and reduce energy costs [9,10]. To enhance power load forecasting, smart grid companies may choose to outsource computing tasks to cloud service providers, given their robust computing capabilities and sophisticated algorithmic models [11]. Furthermore, existing research has proposed schemes for accurate forecasting in smart grids under secure outsourcing conditions. However, these schemes require two or more non-colluding cloud servers to ensure the secure execution of the protocol. Such a setup significantly reduces the practicality of these schemes in real-world applications. To address this concern, this paper proposes a regional-level load forecasting scheme tailored for outsourced computing. This scheme comprehensively considers data privacy and security during both the model training and online prediction processes.

The primary contributions of this paper can be summarized as follows:

• In the context of smart grids, this paper introduces an outsourced model secure-training protocol alongside a secure online prediction protocol. Both protocols seamlessly integrate a range of privacy preservation techniques while optimizing computational performance in a balanced manner. Specifically, during the backpropagation phase of the training protocol, the differential privacy algorithm is employed to safeguard gradients, thereby circumventing the need for time-intensive homomorphic ciphertext multiplication and enhancing overall efficiency.
• The secure outsourced computing scheme presented in this paper necessitates the participation of merely one cloud server in protocol interactions. It confines the computational process to just the data holder and a solitary outsourced computing entity, thereby mitigating the overhead arising from interactions among multiple, non-colluding servers. This optimization renders the scheme significantly more practical for real-world implementations.

The remainder of this paper is organized as follows. Section 2 introduces related works. Section 3 presents the system model. Section 4 shows the overall detailed flow of the proposed scheme. Section 5 gives the security analysis of the scheme. The performance analyses are adduced in Section 6. Finally, conclusions are drawn in Section 7.

2. Related Work

Research on power load forecasting at home and abroad was begun earlier. Generally, related research can be divided into two stages [12]. The initial phase primarily emphasizes power load forecasting, relying on conventional mathematical statistical analysis techniques for model construction. Subsequently, in the second phase, owing to advancements in big data and artificial intelligence technologies, methodologies such as deep learning and neural networks have been integrated into power load forecasting research, yielding favorable outcomes. Traditional forecasting methods mainly include time series analysis, Markov chains [13], and the  grey prediction method [14], which are based on mathematical statistics. Time series analysis is used to study data arranged in order of time, and these time point data can be at uniform intervals (such as daily, monthly) or uneven intervals (such as stock prices). Hagan et al. [15] constructed a time series model based on the autocorrelation function and partial autocorrelation function to analyze electric power data. Chakhchouk et al. [16] used the autoregressive moving average model and the autoregressive integrated moving average model with variables to predict and analyze short-term power load changes. However, the modeling process of the time series method is relatively simple and only applicable to stable data sequences as it cannot capture patterns in unstable data. A Markov chain is composed of a set of states and state transition probabilities. Each individual state signifies a potential condition of the system, while the state transition probabilities denote the likelihood of moving from the present state to the subsequent one. Stephen et al. [17] used clustering and Markov chains to label individual household load data and used the clustering averages at each time point for load forecasting for the previous day. Munkhammar et al. [18] employed the Markov-chain Mixture Distribution Model (MMDM) for ultra-short-term forecasting of residential electricity loads. Nevertheless, Markov chains exhibit limitations in capturing long-term dependencies, and the dimensionality of the state space may escalate rapidly with an increasing number of states. This poses significant challenges for modeling and computation within extensive state spaces. Conversely, the grey prediction method hinges on the dynamic analysis and processing of the original data sequence by constructing a data generation model. This approach converts the grey sequence into a whitened one, thereby uncovering the underlying patterns of system evolution and variation. Gao et al. [19] proposed a multivariable grey theory prediction model, considering the limitation of traditional grey theory models with few input variables. This new model corrects multivariable residual errors and improves prediction accuracy. Zhao et al. [20] introduced a nature-inspired metaheuristic algorithm to optimize the grey model and applied it to annual power load forecasting. However, the grey prediction method has some limitations, such as requiring data with a relatively stable trend and being unsuitable for data with large fluctuations or nonlinear changes.

With the swift advancement of smart grids, conventional methods of power load analysis have proven inadequate in fulfilling the data analysis requirements of emerging power system developments. In the era of big data and artificial intelligence, solutions based on deep neural networks have been widely used in power grid load forecasting and have achieved good results [21,22]. Researchers have applied artificial neural networks to short-term power load forecasting tasks. For instance, Ryun et al. [23] introduced an artificial neural network framework which enhances the dependability of industrial load predictions. Meanwhile, Singh et al. [24] delved into the crucial aspects of employing artificial neural networks for short-term load forecasting through both training and testing phases, thereby offering a more holistic view on the utilization of neural networks within the domain of power load forecasting. Recursive Neural Networks (RNNs) can process variable-length sequence inputs, making them very suitable for processing continuous data such as time series data, natural language text, and voice signals.

Shi et al. [25] considered the volatility and instability of household user load curves and proposed an innovative RNN model based on pooling operations, which improved prediction performance by 19.5% compared to traditional autoregressive moving average models. Considering that RNN models are prone to issues such as gradient vanishing/explosion, some researchers have adopted Long Short-Term Memory (LSTM) networks to improve the network, allowing it to maintain good performance when training deep structures. Ciechulski et al. [26] presented an advanced LSTM model that achieved remarkable accuracy in short-term load forecasting for power systems. This improvement was realized by refining the network’s architecture and carefully adjusting its parameter settings. As a result, this innovation empowers grid operators to make informed decisions in real-time scheduling and enhances the overall administration of power systems. Neelam et al. [27] used a bidirectional LSTM model to effectively predict daily peak loads, indicating that the bidirectional LSTM model surpassed all other models in peak load prediction on both holidays and weekdays.

3. System Model

The smart grid system is a complex architectural framework composed of numerous entities working together. Its components include power generation infrastructure, such as hydroelectric and nuclear power plants, transmission systems, including high-voltage circuits and substations, wired and wireless communication networks, and smart meters that monitor electricity consumption. The key layers of the smart grid system include the infrastructure layer, the support platform layer, and the application system layer. To focus on the main points and simplify the analysis, this paper considers four types of entities: cloud service providers (CSPs), smart grid control centers (SGCCs), power distribution (PD), and neighborhood IoT grids (NIG1, NIG2, …, NIGn). Smart IoT devices and smart meters in each household are organized into a home IoT grid (HIG1, HIG2, …, HIGn). Several home IoT grids can form a neighborhood IoT grid. The architecture of the scheme model in this paper is shown in Figure 1.

To determine the specific functions of each entity, the following responsibilities are assigned to the entities in the system model:

• Cloud Server (CS): A reputable cloud service provider’s cloud server possesses impressive computing, storage, and communication capabilities. This server is equipped to acquire deep learning models through online training and capture real-time power load variations through instantaneous online prediction. Consequently, smart grids can utilize these predictive outcomes for efficient power management and scheduling.
• Smart Grid Control Center (SGCC): The smart grid control center is responsible for formulating power scheduling strategies and scheduling power resources in the smart grid. It aggregates load data from different regions. In our system, the SGCC outsources computational tasks to specialized cloud service providers, utilizes models built by cloud service providers, and employs their load prediction services for outsourced load forecasting.
• Power Distribution (PD): The power distribution network is the infrastructure responsible for power distribution. It primarily bears two responsibilities: collecting power data from regional power grids and aggregating them to the SGCC and transmitting control commands from the SGCC to the smart grid.
• Neighborhood IoT Grid (NIG1, NIG2, …, NIGn): Smart grid household users are divided into multiple neighborhood IoT grids. The smart grid supplies power to each neighborhood IoT grid while being responsible for regulating the entire power system. Each neighborhood IoT grid will generate a large amount of regional power data, which will be uploaded and stored in the smart grid system.

4. Our Scheme

Our scheme is divided into two components: a secure outsourced model training protocol for smart grids and a secure outsourced online prediction protocol for smart grids. The former protocol primarily involves collaboration between the smart grid control center and the cloud server to train an efficient model. Upon completion of the outsourced protocol, the smart grid control center proceeds to execute the prediction protocol, aiming to achieve real-time load forecasting and support real-time analysis and decision-making for the smart grid.

4.1. Smart Grid Security Outsourcing Model Training Protocol

The smart grid control center possesses regional electric power data, while the cloud server has ample computational resources and algorithm models. The smart grid control center aims to outsource its data to the cloud server for model training services without disclosing privacy. Based on this scenario, we propose a privacy-preserving data outsourcing model training protocol. This section elaborates on the interaction details between the cloud service provider (cloud server) and the smart grid control center (client) in the proposed scheme. It mainly describes the execution flow of the framework and the specific tasks of each entity through four stages: system initialization, data encryption, forward propagation, and backward propagation.

4.1.1. System Initialization

At the stage of system initialization, the smart grid control center establishes the security parameter $\lambda$ and determines the homomorphic encryption multiplication depth L. The encryption parameter $s\in X_s$ is selected and a public–private key pair is generated. Finally, the control center sends the public key $P{K}_T$ to the cloud server $CS$. The Equation (1) describes how to generate a public and private key pair.

$$\begin{array}{c}S{K}_T\leftarrow (1,s)\\ P{K}_T=\left(p{k}_0,p{k}_1\right)=(-as+e,a)\end{array}$$

(1)

wherein, $s,c\in {\chi }_s,a\in {\mathcal{R}}_{N,Q},e\in {\chi }_e$.

4.1.2. Data Encryption

The encryption algorithm is executed by the smart grid control center. In each round of model iteration, the smart grid control center selects a batch of data, $B=\{x_1,x_2,\dots ,x_b\}$, and performs data encryption.

$$\left[u\right]\leftarrow r·pk+\left(u+e_0,e_1\right)·mod·Q\left(r\in \chi ,e_0,e_1\in {\chi }_e\right)$$

(2)

Once the ciphertext has been acquired, it is transmitted to the cloud server, where it serves as the initial input layer for the process of model training.

4.1.3. Forward Propagation

Forward propagation can be divided into three steps: linear layer calculation, activation function calculation, and loss function calculation.

(1) Linear layer calculation: After the encrypted data are input into the neural network model, the calculation equation of the j-layer of the model is as follows:

$$\left[a_j\right]=W_j^{\top }\left[u_j\right]+b_j$$

(3)

where $\left[u_j\right]$ is the input value of the j-th layer. It is worth noting that during this process, the model parameters remain in plaintext form, which significantly decreases the operational duration. When computations are performed between a plaintext and a homomorphic ciphertext, the result is a ciphertext. Consequently, the output generated by each layer of the neural network is ciphertext.

(2) Activation function calculation: The cloud server transmits [$a_j$] to the smart grid control center for activation function calculation. The control center first decrypts the data using the private key $S{K}_T$ and then calculates [$u_{j+1}$] = [$f\left(a_j\right)$]. Finally, the encryption result is sent back to the server for the next layer of computation.

(3) Loss function calculation: The scheme uses the mean square error loss function (MSE), which is calculated by Equation (4).

$$MSE={\displaystyle \frac{{\sum }_{i=1}^{\mathrm{N}}·{\left(y_i-\widehat{y_t}\right)}^2}{N}}$$

(4)

where $y_i$ and $\widehat{y_t}$ represent the true value and predicted value of article i data on the load dataset, respectively, and N represents the number of samples in the dataset.

Algorithm 1 outlines the interaction process between the cloud server and the smart grid control center during forward propagation.

Algorithm 1 Privacy-Preserving Forward Propagation Algorithm.

1: The SGCC encrypts the load data $\left[u\right]$ and sends it to the CS. 2: The CS receives the encrypted load data $\left[u\right]$. 3: The CS initializes the model parameters W and b using the encrypted data. 4: for  $k=1$  to  $K-1$  do 5:    The CS computes the coefficient $a_k$ for the k-th layer by Equation (3) 6:    The CS sends the coefficient $a_k$ to the SGCC. 7:    The SGCC receives the coefficient $a_k$ and updates the model parameters for the next layer. 8: end for 9: return The updated model parameters.

4.1.4. Backward Propagation

The backward propagation process comprises five distinct steps: gradient calculation, gradient clipping, gradient aggregation, the addition of gradient noise, and parameter updating.

(1) Gradient calculation: The cloud server first calculates the partial derivative of the model parameters with respect to the loss function, i.e., the gradient of the model, and backpropagates the results to the previous layer. The calculation equation of the backpropagation algorithm at each layer is shown in Equation (5). After the ciphertext gradient is obtained, it is sent back to the smart grid control center.

$$\begin{array}{c}\left[{\displaystyle \frac{\partial \mathcal{L}}{\partial W_i}}\right]=\left[u_j\right]\left(\left[{\displaystyle \frac{\partial \mathcal{L}}{\partial u_{j+1}}}\right]\odot f^{\prime }{\left(W_j^{\top }\left[u_j\right]+b_j\right)}^{\top }\right)\\ \left[{\displaystyle \frac{\partial \mathcal{L}}{\partial b_i}}\right]=\left[{\displaystyle \frac{\partial \mathcal{L}}{\partial u_{j+1}}}\right]\odot f^{\prime }\left(W_j^{\top }\left[u_j\right]+b_j\right)\\ \left[{\displaystyle \frac{\partial \mathcal{L}}{\partial u_j}}\right]=W_i\left(\left[{\displaystyle \frac{\partial \mathcal{L}}{\partial u_{j+1}}}\right]\odot f^{\prime }\left(W_j^{\top }\left[u_j\right]+b_j\right)\right)\end{array}$$

(5)

(2) Gradient clipping: This paper introduces an adaptive gradient clipping method. This method can adapt to the gradient cutting in the course of training. Its core cutting equation is ${\displaystyle \frac{1}{{\parallel g\parallel }_2+\gamma }}$, where g represents a single gradient, the ${\left|\right|\ast \left|\right|}_2$ representative takes its $l_2$ norm, and $\gamma$ generally fixes a value of 0.02. Based on this method, the smart grid control center decrypts the ciphertext gradient and performs gradient clipping. The equation equation is described as follows:

$${\displaystyle \frac{\widehat{\partial {\mathcal{L}}_{u_u}}}{\partial W^t}}={\displaystyle \frac{1}{\left|\frac{\partial {\mathcal{L}}_{u_i}}{\partial W^t}\right|+\gamma }},{\displaystyle \frac{\widehat{\partial {\mathcal{L}}_{u_i}}}{\partial b^t}}={\displaystyle \frac{1}{\left|\frac{\partial {\mathcal{L}}_{u_i}}{\partial b^t}\right|+\gamma }}$$

(6)

(3) Gradient aggregation: The calculation of gradient aggregation is described as follows:

$$\overline{g_{W^t}}\leftarrow {\displaystyle \frac{1}{\mathcal{B}}}\left(\sum _i^{\mathcal{B}}{\displaystyle \frac{\widehat{\partial {\mathcal{L}}_{u_i}}}{\partial W_t^t}}\right),\overline{g_{b^t}}\leftarrow {\displaystyle \frac{1}{\mathcal{B}}}\left(\sum _i^{\mathcal{B}}{\displaystyle \frac{\widehat{\partial {\mathcal{L}}_{u_i}}}{\partial b^t}}\right)$$

(7)

where B is the batch size. $\overline{g_{W^t}}$ and $\overline{g_{b^t}}$ are the aggregate gradients of model weights and offsets at round t iteration, respectively.

(4) Gradient noise: The Gaussian mechanism of differential privacy is employed to mitigate noise within the gradient. The corresponding calculation equation is delineated as follows:

$$\widetilde{g_{W^t}}\leftarrow \overline{g_{W^t}}+N\left(0,{\displaystyle \frac{{\sigma }^2}{{\mathcal{B}}^2}}I\right),\widetilde{g_{b^t}}\leftarrow \overline{g_{b^t}}+N\left(0,{\displaystyle \frac{{\sigma }^2}{{\mathcal{B}}^2}}I\right)$$

(8)

where $N\left(0,{\displaystyle \frac{{\sigma }^2}{{\mathcal{B}}^2}}I\right)$ represents the addition of Gaussian noise.

(5) Parameter updating: The smart grid control center sends the noise aggregation gradient to the cloud server. The cloud server updates model parameters according to Equation (9):

$$W^{t+1}\leftarrow W^t-\eta \widetilde{g_W},\cdots b^{t+1}=b^t-\eta \widetilde{g_b}$$

(9)

Algorithm 2 outlines the interaction procedure that takes place between the cloud server and the smart grid control center during the backpropagation process.

4.2. Smart Grid Security Outsourcing Online Forecasting Protocol

In the context of electricity consumption within a smart grid, the user’s historical electricity consumption data are transmitted to the server, which then utilizes these data to predict future variations in the user’s power load. This information serves as valuable guidance for the rational allocation of power within the power system. When generating a forecast, the smart grid transmits real-time data to the cloud server, with the objective of promptly receiving the forecast results to aid in data analysis and decision-making within the smart grid. For this, we need an efficient and safe model prediction method. In this regard, Cheetah, a deep learning inference protocol for secure two-party interaction proposed by Ji Huang et al. [28], was designed. This section introduces a fast and secure online prediction protocol for smart grid outsourcing. The agreement is divided into the following three steps.

Algorithm 2 Privacy-Preserving Backpropagation Algorithm.

Require: Forward propagation output u, encrypted true values y, learning rate $\eta$ 1:  for  $t=1$  to  $T-1$  do 2:    Cloud server: 3:    Calculate loss function: $C(W^t,b^t)={\displaystyle \frac{1}{2}}{\sum }_{i=1}^m{[\left(u_i^t\right)-\left(y_i\right)]}^2$ 4:    The gradient is calculated and the results are sent to the control center 5:    Smart grid control center: 6:    Decryption gradient: ${\displaystyle \frac{\partial {\mathcal{L}}_{u_i}}{\partial W^t}},{\displaystyle \frac{\partial {\mathcal{L}}_{u_i}}{\partial b^t}}\leftarrow De{c}_{S{K}_T}\left(⌈{\displaystyle \frac{\partial {\mathcal{L}}_{U_i}}{\partial W^t}}⌉\right),De{c}_{S{K}_T}\left(⌈{\displaystyle \frac{\partial {\mathcal{L}}_{u_i}}{\partial b^t}}⌉\right)$ 7:    Apply adaptive gradient clipping (Equation (6)) 8:    Perform gradient aggregation (Equation (7)) 9:    Add noise to the aggregated gradient (Equation (8)) 10:   Cloud server: 11:   Update model parameters (Equation (9)) 12: end for

4.2.1. Encryption Processing

Perform this step in the smart grid control center. First, the local input load data x are decomposed into the share of the arithmetic secret share ${\langle x\rangle }^S$ and ${\langle x\rangle }^C$. Then, with the secret share ${\langle x\rangle }^C$, execute Equation (10):

$$\begin{array}{c}{\langle \widehat{x}\rangle }^C={\sigma }_1\left({\langle x\rangle }^C\right),{\langle \widehat{x}\rangle }^C\in {\mathcal{R}}_{N,q}\\ \left[{\langle \widehat{x}\rangle }^C\right]=Encrypt\left({\langle \widehat{x}\rangle }^C\right)\\ {\langle \widehat{x}\rangle }^S={\sigma }_1\left({\langle x\rangle }^S\right)\in {\mathcal{R}}_{N,q}\end{array}$$

(10)

In the end, ${\langle \widehat{x}\rangle }^S$ and ciphertext [${\langle x\rangle }^C$] will be transferred to the cloud server.

4.2.2. Server-Side Computing

This particular step is executed on the cloud server. Initially, the cloud server processes Equation (11) to obtain the ciphertext, denoted as $CT$.

$$\begin{array}{c}\widehat{W}={\sigma }_2\left(W\right)\in {\mathcal{R}}_{N,q}\\ CT=\left(\left[{\langle \widehat{x}\rangle }^C\right]+{\langle \widehat{x}\rangle }^S\right)·\widehat{W}\end{array}$$

(11)

Then, from RLWE homomorphism ciphertext, extract LWE cipher: $c{t}_i=Extract(CT,i\ast n+n-1)(i\in 0,\dots ,m)$. Generate random vector mask $r\in Z_q^m$ and ciphertext $c{t}_i$ first component addition and obtain $c{t}_i^{\prime }$. After that, the cloud server calculates Equation (12) to obtain the output secret share of the server.

$${\langle o\rangle }^S=b-\lceil q·r/Q\rfloor modQ$$

(12)

where b is the offset of the fully connected layer. Finally, $c{t}_i^{\prime }$ and the server output secret share ${\langle o\rangle }^S$ end back at the smart grid control center.

4.2.3. Decryption Processing

Perform this step in the smart grid control center. First, after receiving $c{t}_i^{\prime }$, the ${\langle o\rangle }^C\left[\mathrm{i}\right]$ is calculated as the secret share of the control center.

$${\langle o\rangle }^C\left[\mathrm{i}\right]=Decrypt\left(S{K}_F,c{t}_i^{\prime }\right)(i\in \{0,\dots ,m\})$$

(13)

Subsequently, the secret share is gathered, the activation function is computed, and the output result for the l-th fully connected layer is obtained. This output then serves as the input for the $l+1$-th layer.

$$x_{l+1}=f\left({\langle o\rangle }^C+{\langle o\rangle }^S\right)$$

(14)

Repeat the above calculation process to obtain the calculation results for each layer until the final output layer.

5. Security Analysis

This section begins by illustrating that the cloud server cannot infer grid load data information from the protocol, indicating that the protocol is resilient to single-point attacks originating from the cloud server. The reasons are as follows:

The smart grid control center transmits data in an encrypted format to the cloud server, effectively preventing the latter from gaining direct access to load data information. The robustness of homomorphic encryption algorithms has been well established, ensuring that during the forward propagation process, the cloud server is unable to extract meaningful information from the ciphertext.

Each individual gradient computed on the cloud server side is in the form of ciphertext, preventing the exposure of single gradients to the cloud server.

In the backpropagation phase, the smart grid control center employs an adaptive gradient clipping differential privacy algorithm. It first clips the gradients, then aggregates them, and finally adds noise to the aggregated gradients using a sampled Gaussian mechanism. The noise-perturbed aggregated gradients are ultimately transmitted to the cloud server. The cloud server is unable to remove the noise-induced perturbations or derive individual original gradient data from the aggregated gradients. According to differential privacy theory, the protocol protects gradient information.

Based on the aforementioned analysis, the secure training protocol utilizes homomorphic encryption algorithms, coupled with a differential privacy noise-adding mechanism, to safeguard the data privacy of batch-aggregated gradients. This prevents an untrusted cloud server from inferring the original data information. This approach aligns with the security definitions employed in methods that utilize differential privacy to protect the deep learning training process.

6. Experiments

6.1. Experiment Settings

The experimental setup comprises three pivotal components: the selection of the dataset, the configuration of the experimental environment, and the establishment of the neural network structure.

6.1.1. DataSet

This section uses two publicly available grid datasets (PJM, GEFCom2012) to verify the effectiveness of the scheme.

PJM: This public dataset was obtained from the website (https://www.pjm.com/markets-and-operations/etools/data-miner-2/dataavailability.aspx) (accessed on 15 September 2024). The website provides hourly electricity consumption information for multiple regions in the United States. The experiment used data from the AECO region for the time period from 1 December 2022 to 31 December 2022. The data from 1 December to 30 December were used as training data, and the data from December 31 were used as test data.

GEFCom2012: This dataset is derived from the 2012 Global Energy Forecast Competition and includes hourly load data for 20 locations in the United States. The data of the 20th region from 1 July to 24 August 2007 were used as training data and the data of 25 August 2007 as test data.

6.1.2. Experimental Environment

During the training phase, the experiment used a CPU configured with 56-core Intel(R) Xeon(R) Gold 6258R and a server with 187 GB of memory. In the prediction phase, the experiment used the configuration of an AMD Ryzen 5 5600U Laptop with 16 GB CPU and memory. All experiments were conducted in the Ubuntu 20.04 OS run uniformly.

6.1.3. Neural Network Structure

In the experiment, an ANN was used, which included an input layer, two hidden layers, and an output layer. The input layer had 24 neurons, the first hidden layer had 64 neurons, the second hidden layer had 10 neurons, and the output layer was one-dimensional. The activation function between each layer used the sigmoid activation function.

6.2. Training Protocol Performance Analysis

In the training performance evaluation, the learning rate is set to 0.1, the batch size is set to 32, the optimization algorithm is the stepdown method, and the loss function is the mean square error loss function.

6.2.1. Comparison with the Existing Scheme

To illustrate the performance of the training protocol, this section compares it with the pure-HE [29] and SecureNN [30] methods.

Table 1. The qualitative comparison.

	Pure-HE	SecureNN
Server Count	1	3
Anti-Collusion	✓	✓
Activation Function	Table-Lookup	Table-Lookup
Technologies Used	HE	SS, HE, DP

shows qualitative comparisons between the three scenarios. The second row of the table indicates the method’s resistance to collusion attacks. The third row of the table shows the types of activation functions supported by the method. TableLookup [29] explains that pure-HE calculates the output result of different input corresponding to the activation function in advance and stores it in the table. The calculation of the activation function is realized by executing the homomorphic table lookup method. As can be seen from the comparison results, SecureNN requires three servers, while the training protocol requires only a single cloud server, which can effectively resist collusion attacks. In addition, the training protocol supports all types of activation functions, which makes the scheme more versatile.

Table 2. The training execution time on one epoch (s).

Model	Dataset	Training Time (s)
Pure-HE	PJM	7328.34
SecureNN	PJM	612.32
Secure Outsourcing Training Scheme	PJM	1811.02
Pure-HE	GEFCom2012	36,091.72
SecureNN	GEFCom2012	2613.98
Secure Outsourcing Training Scheme	GEFCom2012	9668.91

exhibits the training time consumption across various schemes. The data presented reveals that, when utilizing the PJM dataset, the training time for the secure outsourcing protocol introduced in this paper amounts to 1811.02 s, whereas the pure-HE scheme requires 7328.34 s. This demonstrates that the proposed protocol achieves a reduction in time consumption of approximately 75.29% in comparison to the pure-HE scheme. In the pure-HE approach, ciphertext–ciphertext homomorphic operations impose a substantial computational burden. However, following optimization, the proposed training protocol employs plaintext–ciphertext homomorphic operations, thereby circumventing the computational overhead associated with ciphertext–ciphertext homomorphic operations. Table 2 also shows the training time of SecureNN, an efficient secure three-party computation protocol based on machine learning building blocks. The results in Table 2 indicate that the training time of SecureNN on the PJM dataset is 612.32 s, and on the GEFCom2012 dataset, it is 2613.98 s. Overall, SecureNN is 3–4 times faster than the training protocol. However, the qualitative comparison in Table 1 demonstrates that SecureNN requires three servers to run the protocol and is susceptible to collusion attacks, while the training protocol uses a single outsourcing server architecture, mitigating this risk. Furthermore, SecureNN only implements the ReLU activation function, while the training protocol proposed can flexibly support any type of activation function. Therefore, the secure training protocol proposed in this paper offers greater flexibility and is suitable for the training scenarios of the secure outsourcing model for smart grids presented in this paper.

6.2.2. Privacy Analysis

This section delves into the privacy aspects of the training protocol. To begin with, we conducted a comparative analysis between the training protocol introduced in this paper and the benchmark scheme for differentially private deep learning [31], aiming to assess the efficacy of our designed adaptive gradient clipping method. The benchmark scheme adopts a fixed-threshold gradient clipping method. In this subsection, we set the fixed threshold $C=3$ and $\delta ={10}^{-5}$, and then track the impact of changes in the privacy budget $ϵ$ on the training loss. Figure 2 illustrates the correlation between model loss and privacy budget during the training phase for various schemes. When utilizing the PJM dataset, as the privacy budget is augmented to $ϵ=10$, the model loss value for the adaptive gradient clipping method is recorded at 0.086, whereas the fixed-threshold clipping method yields a model loss of 0.182. This signifies that, in comparison to the benchmark scheme, the performance of the training protocol is enhanced by 52.74%. As evident from the figure, for a given privacy budget $ϵ$, the training protocol consistently exhibits lower loss values than the benchmark scheme.

Furthermore, to better analyze the relationship between the level of privacy protection and model performance, this subsection adopts the privacy–utility measurement method proposed by Soykan et al. [32]. This method introduces the concept of mean absolute percentage error (MAPE) and defines a privacy–utility function based on it. MAPE is a widely employed metric for assessing the efficacy of load forecasting algorithms. As a relative error measure, it effectively prevents the mutual cancellation of positive and negative errors. Its computational formula is exhibited in Equation (15). Building upon MAPE, a privacy–utility function has been devised, with its method of calculation outlined in Equation (16).

$$MAPE={\displaystyle \frac{1}{n}}\sum _{t=1}^n\left|{\displaystyle \frac{A_t-F_t}{A_t}}\right|\ast 100$$

(15)

where $A_t$ is the true value, $F_t$ is the predicted value, and n is the size of the dataset used for evaluation.

$$\mathrm{Utility}={\displaystyle \frac{100-\mathrm{MAPE}}{100-\mathrm{MAPE}\left(\mathrm{noDP}\right)}}\ast 100$$

(16)

Table 3. The analysis of privacy–utility.

Privacy Level ($\mathit{ϵ},\mathit{\delta }$)	MAPE (%)	Utility (%)
No Noise	2.03	100
$(10.03,{10}^{-5})$	2.46	99.52
$(9.03,{10}^{-5})$	2.85	99.08
$(7.96,{10}^{-5})$	3.15	98.91
$(6.79,{10}^{-5})$	3.49	98.57
$(5.46,{10}^{-5})$	3.83	98.19
$(3.84,{10}^{-5})$	6.50	95.34
$(2.15,{10}^{-5})$	15.91	86.39

shows the correspondence between the privacy level $(ϵ,\delta )$ and MAPE, as well as the correspondence between the privacy level $(ϵ,\delta )$ and utility, for the model trained using the PJM dataset. This subsection uses the results when no noise is added (i.e., $ϵ=\infty )$ as the baseline for calculation, at which point MAPE is 2.03% and utility is 100%. As can be seen from the table, as $ϵ$ decreases (indicating an increase in the level of privacy protection), the privacy–utility continuously decreases, while MAPE continuously increases. This indicates that when stronger privacy protection is provided, there is a certain degree of decrease in model utility.

6.3. Predictive Protocol Performance Analysis

This subsection selects data from two datasets, PJM and GEFCom2012, specifically 24 h (24 data points) of data, as the prediction experimental data. Initially, the plaintext data from these two datasets are used to train a plaintext model, which serves as the baseline model. Subsequently, both the baseline model and the prediction model presented in this paper are employed to forecast the load for the 24 h period. On the two datasets, the prediction mean squared errors of the baseline model are 0.097 and 0.124, respectively, while the prediction mean squared errors of the model are 0.113 and 0.141, respectively, indicating a small difference between the results of the two models. Figure 3 presents a comparison between the plaintext model and the actual load data, whereas Figure 4 exhibits the comparison results between the secure outsourced prediction protocol and the actual data. Both comparative figures underscore the successful fitting of both peak and valley loads, highlighting the ability of the secure prediction protocol introduced in this paper to accurately track the daily trend of power load changes. In conclusion, the prediction model demonstrates performance comparable to that of the plaintext baseline model, thereby attesting to the efficacy of the secure prediction protocol.

Table 4. The forecasting time consumption (s).

Dataset	Pure-HE (s)	ABY3 (s)	Proposed Secure Prediction Protocol (s)
PIM	158.634	14.183	42.842
GEFCom2012	147.627	13.091	40.915

presents a comparison of the time required for different schemes to predict 24 h (24 data points). The figure compares the secure outsourced prediction protocol with the pure-HE and ABY3 [33] schemes. pure-HE remains consistent with what was mentioned previously. ABY3 is a hybrid secure protocol framework for machine learning, based on an honest-majority three-party secure computation protocol. When conducting experiments using this protocol, it is assumed that there are three non-colluding cloud servers. Compared to the pure-HE method, the secure prediction protocol in this paper achieves a 3.5-fold increase in prediction speed. However, compared to the ABY3 protocol, the prediction protocol performs poorly with longer prediction times. This is mainly because ABY3 is a protocol based on three non-colluding servers, allowing for the design of a more lightweight prediction protocol with multiple participants. On the other hand, the secure prediction protocol only introduces a single cloud service provider, inherently resulting in slower speed. However, in contrast to ABY3, the secure prediction protocol is more tailored for outsourced computation scenarios within smart grids. This is because it is considerably simpler to engage a single outsourced cloud service provider, which helps mitigate the risk of collusion that may arise when multiple cloud servers are involved.

7. Conclusions

In this paper, a regional-level load forecasting solution that leverages secure outsourcing computation is proposed, tailored for safeguarding the privacy of such tasks when outsourced by smart grid enterprises. This cutting-edge approach integrates homomorphic encryption, differential privacy, secret sharing, and state-of-the-art deep learning techniques to construct a resilient framework that encompasses secure model training and online prediction protocols through outsourcing. By adopting this method, smart grid companies that hold regional power data can confidently delegate their load forecasting tasks to cloud service providers. Moreover, this system, efficiently executed on a single cloud server, seamlessly aligns with the potential integration requirements of forthcoming commercial smart grid systems. Finally, through experimental analysis, the performance of the solution is evaluated from multiple perspectives, demonstrating its excellent privacy, accuracy, and timeliness.