Introducing smart meters is making the electricity grid increasingly electronic, which saves time and money for utilities since they don’t have to send a person to read the meter. But this increasing ‘digitalisation’ also adds a lot more opportunities for tampering with the meters in some way, resulting in security vulnerabilities. These vulnerabilities obviously need to be considered before introduction of the smart meters to make sure everyone is paying their way when it comes to electricity.
Chris Neil, Senior VP for Industrial and Medical Solutions Group at Maxim Integrated summarised the problem on the slide below.
At the very earliest stage, meter SoC ICs could be replaced with fakes, but there are various measures already in place in the supply chain to try to combat this problem.
At the factory, the meters are programmed with their software/firmware before being sent out into the field. There’s a small possibility that this software could be stolen to clone a meter, or that someone could introduce bad software into the manufacturing process. A secure bootloader and cryptographic code validation is necessary, which uses digital signatures to prove the code is valid.
After leaving the factory, the whole meter units could be replaced with fakes.
When in the field, the meters could be recalibrated by utility employees, presumably to reduce the rate of accumulation or to zero it altogether. Proper authentication for anyone installing or reading meters is required. Are they who they say they are? Utilities will also have to be extra vigilant in detecting ‘inside jobs’. Unscrupulous persons could also try to physically tamper with the meter unit, that is, they could take them apart to run wires in to try to change settings. For me, this is the most likely scenario. There are various tamper detection options available, such as tilt sensors to detect when the case is opened or anti-tamper meshes. The smart meter SoC should also use cryptographic techniques to protect itself from this sort of physical attack.
The data is also at risk when it leaves the meter – it’s usually transmitted wirelessly and there is a possibility that it could be intercepted. Obviously, it should never be transmitted unencrypted.
Maxim Integrated released a smart meter SoC called Zeus at the Metering, Billing/CRM Europe show over here earlier this month. Zeus, of course, contains a built-in cryptographic module to secure communication, a secure bootloader to prevent unauthorised firmware modification, and tamper detection measures to assure providers that any attempts to physically attack the meter will be detected, recorded, and reported.
So, will the introduction of smart meters overall increase security of the electricity grid, or will the increased opportunities for electronic attack overall reduce security? And without a person coming regularly to physically read the meters, will physical tampering be able to go unnoticed for longer?
Security is going to be an issue for all utilities that adopt smart metering, so I hope they have given it due consideration.