AWS Public Sector Blog

UC Davis CWEE accelerates water conservation research with secure, compliant data storage on AWS

To solve some of the most pressing water and energy challenges, scientists and engineers need access to robust, reliable data that is often sensitive and protected. Data providers, researchers, and host institutions need to adhere to strict requirements for protecting and securing this data. The Center for Water-Energy Efficiency (CWEE) at the University of California, Davis (UC Davis) used Amazon Web Services (AWS) to create a centralized, secure data repository that streamlines data sharing.

Researchers at CWEE quantify how much energy is used in various elements of the water sector, including potable water, irrigation, and wastewater. This research helps water utilities, energy utilities, and policy makers decide how to invest in and promote water use efficiency, energy efficiency, and electric load shifting in the water sector. This research is critical particularly in California, where drought and other climate change outcomes, like heat waves and forest fires, have been an issue for decades and are growing more severe.

CWEE’s research heavily depends on large amounts of data that must be used in compliance with data privacy requirements. To date, data acquisition has been a largely manual process with strict security agreements and standards that can make it challenging to obtain.

To overcome these challenges, Dr. Frank Loge, director of CWEE and a professor in the UC Davis Civil and Environmental Engineering department, worked with UC Davis’s information technology departments to develop a new secure, shared system using a range of AWS services. The new system protects sensitive research data, makes clear who is responsible for protecting it, and verifies compliance. The system has garnered new interest and funding opportunities and has the potential to help spur new innovations in the water sector, driven by broad access to data.

Overcoming a cumbersome data process

For its research, CWEE uses sensitive data that must be secured. Initially, this data was stored on four encrypted hard drives that were kept locked in a cabinet. Students and staff would check out a hard drive, use it, then return it at the end of the day. “This process was compliant with the requirements for accessing the data, but it was cumbersome,” said Loge.

CWEE also had to negotiate data transfer agreements that delineated how the data from various sources would be handled, used, and disposed of. This process generally took 6-12 months per contract. In addition, CWEE would often have to go through a complex third-party security review to use data. To explore more streamlined solutions, Loge collaborated with the UC Davis College of Engineering and the UC Davis Information and Educational Technology department.

When developing its secure system, UC Davis needed to meet compliance with NIST SP 800-171. This is a widely accepted set of security requirements from the National Institute of Standards and Technology (NIST) for protecting unclassified data of a sensitive nature. The team developed a system internally that could be shared with all researchers at UC Davis and extended to other University of California campuses, nonprofits, and research groups. “The campus recognized that it had to have this system in place to meet growing security requirements from all levels to conduct its research,” explains Loge.

Streamlining security and research on AWS

The UC Davis data system is compliant with NIST SP 800-171. It stores all data in Amazon Simple Storage Service (Amazon S3), an object storage service built to retrieve any amount of data from anywhere. Data is not downloaded on any computer; instead, students and staff can access it through virtual machines that have software applications for various types of analysis.

“With this solution, the chances of a data breach are close to zero,” said Loge. “This has given me and UC Davis peace of mind.” The solution has also enabled data transfer agreements to be completed much more quickly—in a few weeks or faster.

“Our data system has greatly expanded the volume of research that we do because more entities feel comfortable with the solution we have in place and are more willing to give us data,” said Loge. “It creates more opportunities for us to write proposals, get research grants, and conduct much-needed research to help inform change.”

Amazon S3 can scale to any amount of data, accommodating CWEE’s growth. Previously, CWEE stored—on its encrypted hard drives—data for 50,000 customers of one water agency. It now stores water and energy data for about 80 percent of California’s population—nearly 30 million people. “We’re one of only a few entities in California that has the ability to get customer-level water, electricity, and natural gas data,” said Loge.

“Rather than trying to re-create this solution on different University of California campuses, it makes sense to build it once and let people come in and join the effort,” said Loge.

Building a data repository to spur research

CWEE is using its research and AWS to develop WaterWatch, an enhanced hydraulic model for water systems. Its features allow water agencies to forecast operations based on proposed modifications to the water system. Future additions to the system include leak management, energy intensity analysis, and automated reporting to state and federal agencies.

Loge hopes that the secure computing environment on AWS will serve as a proof of concept for a data vault that can be shared broadly. “People have seen that this environment works, and they trust it,” said Loge. “And now they’re asking for it to be built out so that it can be used with other types of data, organizations, and researchers.”

Loge said, “The more people you have accessing and using information, the more creativity and insights you can get.”

To learn more about how AWS supports researchers, visit the AWS Education: Research Seminars including Ten Minute Tutorials for Research.

Subscribe to the AWS Public Sector Blog newsletter to get the latest in AWS tools, solutions, and innovations from the public sector delivered to your inbox or contact us.