Slashdot Mirror
Smart Grid Computers Susceptible To Worm Attack
narramissic writes "Researchers with security consultancy IOActive have created a worm that could quickly spread among Smart Grid devices, small computers connected to the power grid that give customers and power companies better control over the electricity they use. '[The worm] spread from one meter to another and then it changed the text in the LCD screen to say "pwned,"' said Travis Goodspeed, an independent security consultant who worked with the IOActive team. In the hands of a malicious hacker, this code could be used to cut power to Smart Grid devices that use a feature called 'remote disconnect,' which allows power companies to cut a customer's power via the network. The robustness of US power networks has been a hot-button issue after a technical glitch in 2003 caused a cascading power failure in the eastern United States and Canada that affected 55 million people."
The attack in question is a side-channel attack that is limited to using a microcontroller with an external 802.15.4 radio that includes an encryption engine. The actual AES-128 algorithm wasn't broken. Instead the vulnerability is that the AES keys are sniffed on the exposed bus when you load the keys into the radio's registers. Contrary to popular belief, you can't take over the nation's smart grid from this attack, and it would be difficult to even take over your neighbor's meter unless you broke into his house. I have more info on my site where I respond to the hack from Travis Goodspeed. The blog post is at http://freaklabs.org/index.php/Blog/Misc/Clearing-the-Air-About-Hacking-Into-The-Smart-Grid.html
Akiba
FreakLabs Open Source Zigbee Project
http://www.freaklabs.org/
Decentralized power generation is a major part of the Smart Grid initiative. See, e.g., the Galvin Electricity Initiative.
Since power generated in a grid cannot be effectively stored, it must be used when generated. This forces today's utilities into a large control problem, in which consumers' needs (in the form of measurements of line voltage and frequency, sampled throughout the network) are fed back to centralized control points and used to control the output of a relatively small number of generating plants (and current sent along individual transmission lines). Control of this system is moderately well understood, if one accepts that certain heuristics have to be used -- along with occasional human judgement. Considering its complexity, this is one of the great engineering achievements of the 20th Century.
Decentralized power generation, however, is a completely different type of control problem. With millions of potential generators, the existing control algorithms fail completely; further, as part of the decentralized control algorithm the utility needs to communicate with each power meter (a.k.a. potential generator) in essentially real time, to control any power it may generate.
Having a meter that bills the customer only for the net of power used and generated is termed "net metering." This exists today, but cannot achieve wide-spread use without better communication with the meters. Utilities like net metering, because they get additional generating capacity without paying for new power plants.
The Smart Grid, with its communication to individual power meters, effectively enables net metering: Homeowners can generate their own power, use what they need locally, then sell any surplus to the utility for use by others. The meter can inform the utility how much power it is supplying at any time, a number used by the utility to maintain network stability. If the utility has no use for the power at that moment, it can refuse the offer, again by communicating with the meter.
Problem is old time hackers did things for money, too. Pricing details here:
This well known anecdote is what made me think of the market for an electricity meter hacking device. $150 in 1971 dollars would be about $800 today.