Final Report Summary - PDS4NRJ (Secure Personal Data Services for Efficient Home Energy Management) PDS4NRJ - http://pds4nrj.eu/This Marie Curie Action, called PDS4NRJ, is based on the insights that (a) secure personal data management can be radically improved with the advent of secure hardware embedded on personal devices at the edges of the Internet, and that (b) a secure personal data management infrastructure should be applied in the context of smart homes. Our overall objective is to define a new form of decentralized infrastructure for sharing smart meter data with access and usage control guarantees. The project is led by Philippe Bonnet, as a researcher in the SMIS team at INRIA Rocquencourt.Throughout the project, Philippe and the SMIS team developed the foundation of a data platform that can enforce usage control. The main technical challenge are (i) storage security to guarantee that sensitive data at rest is not leaked to unauthorised third parties, and (ii) run-time security to contain the side effects of the functions that access sensitive data. The proposed solution is integrated into the kernel of the Linux operating system, and based on a trusted execution environment, separated by hardware from the operating system and applications. This separation guarantees the durability, confidentiality and integrity of a configurable subset of the filesystem data and meta-data. PDS4NRJ should contribute to developing a data platform that enforces how energy services actually access and use smart meter data according to users’ privacy expectations. The EU digital agenda expects digital technologies to play a key enabling role in the transformation of society in general, and in the transformation towards a low carbon economy in particular. To this end, Member States are required to ensure the implementation of smart metering under EU energy market legislation in the Third Energy Package. As a complement, the Energy Efficiency Directive (2012/27/EU) promotes the development of energy services based on smart meter data. Smart meter data is classified as personal data. Thus, any processing of smart meter data should comply with the upcoming general data protection regulation. So far, efforts to secure consumer acceptance for the rollout of smart metering systems have focused on preparing utilities to face potential consumer concerns . PDS4NRJ complements these on-going efforts by enforcing the principles of personal data management within a decentralized data platform supporting smart home energy services. The expected impacts are twofold and thus fully aligned with the impacts sought under the general Work Programme. First, a platform such as PDS4NRJ should let service providers demonstrate their trustworthiness and should thus improve their competitiveness. Second, a platform such as PDS4NRJ should enforce how personal data is actually accessed and used, which should contribute to improving citizen’s participation in the digital society.