New Zealand news‎ > ‎

Smart meter security problems in USA

posted Sep 14, 2010, 9:39 PM by ema-1 ema-1

June 2010

"The security weaknesses could potentially allow miscreants to snoop on customers and steal data, cut off power to buildings, and even cause widespread outages, according to a number of experts who have studied the meters and looked into smart-grid systems"

"Nohl has carefully inspected one of the smart meters that has been deployed and was disappointed with what he saw. "We didn't find any of the security measures you would expect in an embedded device with critical-infrastructure relevance," he said. "Prominently missing are signed and encrypted firmware, secure (smart card) chips for key storage, unique cryptographic keys, and physical tamper protection"

"[smart meters] may be used as attack vectors into the spheres of power distribution and generation, as well as into customer databases at the utilities," Nohl said. "They deserve nothing less than the best hardware protection available."

"Sources for this story would not name which smart meters they found problems in or which utilities are deploying them. In general, the meter projects tend to have similar issues because of how quickly they are being deployed, they suggested"

"We found in certain cases you can actually replace data on the fly, so if the meter says 25 kilowatts was used you can move it to 2.5 kilowatts," said Pollet. "It's possible to sniff and read the data (remotely), replace the data with erroneous data, and we've been able to cause the meters themselves to fail by sending it different types of traffic that cause it to reboot or crash."

"We're throwing out millions of these systems and deploying them in a broad scale knowing that these problems exist," Cohen said"

This article also links to a University of Cambridge paper:

  • Introduction
  • The early years
  • Early digital meters
  • Electricity markets and market failures
  • Smart Grids, Smart Meters
  • Privacy – centralised or decentralised management
  • User interfaces and behavioural aspects
  • Price variability, electric cars and domestic UPS
  • Conflict of interests
  • Policy options and technical solutions