Slashdot Mirror
Security Holes Found In "Smart" Meters
Hugh Pickens writes "In the US alone, more than 8 million smart meters, designed to help deliver electricity more efficiently and to measure power consumption in real time, have been deployed by electric utilities and nearly 60 million should be in place by 2020. Now the Associated Press reports that smart meters have security flaws that could let hackers tamper with the power grid, opening the door for attackers to jack up strangers' power bills, remotely turn someone else's power on and off, or even allow attackers to get into the utilities' computer networks to steal data or stage bigger attacks on the grid. Attacks could be pulled off by stealing meters — which can be situated outside of a home — and reprogramming them, or an attacker could sit near a home or business and wirelessly hack the meter from a laptop, according to Joshua Wright, a senior security analyst with InGuardians Inc, a vendor-independent consultant that performs penetration tests and security risk assessments."
"Wright says that his firm found 'egregious' errors, such as flaws in the meters and the technologies that utilities use to manage data (PDF) from meters. For example, smart meters encrypt their data but the digital 'keys' needed to unlock the encryption are stored on data-routing equipment known as access points that many meters relay data to so stealing the keys lets an attacker eavesdrop on all communication between meters and that access point (PDF). 'Even though these protocols were designed recently, they exhibit security failures we've known about for the past 10 years,' says Wright."
And this is a big surprise?
didn't the Chinese warn us? i mean i wasn't to long ago that i read an article here about some Chinese guy warning us about a flaw in our power grid....
epic sig..... ya i got nothing
...but there really should be a minimum security standard for infrastructure items like any city's power grid (or voting machines, or traffic systems, or water supplies, or any number of things you dont want folks monkeying with). Its really insane to hear about this considering how power stations and utilities are tightly regulated. It doesnt matter that the system is only open on the far end of the line because eventually someone will mess with it and show just why its a bad idea. Either make the system secure or dont make them so accessable.
Let me take this opportunity to dig up my attempt at an 'Ask Slashdot' from more than 3 years ago:
How to monitor your electricity meter
This question was never published and thus never answered. Anyone out there with experience in this field? That IR-interface currently sits on front of the meter doing nothing at all while it would create the possibility to eg. create an accurate power use graph, power quality data - I'm on the far end of a long air cable so that is sometimes an issue - and more interesting things. I guess I'm not the only one interested in these things?
--frank[at]unternet.org
um no. with the old meters you can't jack up someone's power bill without shattering the glass globe which surrounds it. and you can't use a laptop to shut off their power. you have to physically cut the cables which leaves marks.
So it isn't the same situation. breaking a physical lock leaves traces. using a laptop to hack the meter and kill power to each house. doesn't leave a lot of marks that can be traced.
i thought once I was found, but it was only a dream.
Since when a meter needs to have wireless capabilities?
In soviet russia the government regulates the companies.
So just use the electrons which are already around you then. Rub a balloon against your hair and harvest those electrons or something. Let me know when you manage to power your laptop from that. Or perhaps it's easier to just pay someone to deliver a steady electron stream to your house?
Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book
is why electricity costs money. It is just electrons, which are everywhere.
Electricity is free, it's the packaging and delivery that costs money. Just like water that comes out of the faucet, or comes in a plastic bottle, it's the getting it to you part that is expensive. Yes, yes, I know it's an inaccurate oversimplification ... just think of it as a metaphor.
Feel free to use all the free electricity (or water) that you can grab and take home. Heck, you can take mine too, if you can carry it.
Heh, if you think that police actually investigate crimes like this, you're very optimistic. They won't even come out if someone broke into your car or house and stole all your crap... you think they'd send out a full CSI team to investigate a cut on a cable? They just tell you to call PG&E and get it fixed.
And IIRC, there are ways of tampering with physical meters without breaking the glass.
If I were the power company, I'd be MUCH more worried about people hacking their smart meters to get free or reduced service.
Sure you can! I saw it in a movie once! AND, the geek was able to tap into the air traffic control, credit card bureaus, all the police cars, the President's phone and an alien space ship with their Mac!
But the Mac was running Linux via VMWare, so it was really Linux that saved us all ... and fixed my credit score.
I can see the benefit in making meters network-enabled just to prevent having to send someone to read the meter physically, but why would you want to be able to control them remotely? That doesn't seem like it's worth the risk. Make the thing read-only, with some standard way of collecting the data - using SNMP or something.
rooooar
Locally they brought time of day usage, so if I do my laundry at night, I pay less then half what I do if I run it in prime time. Arguably this is a benefit all around:
* Consumers win with the option of lower pricing
* The Power generators win because their loads are more balanced, and they need to build fewer power plants (locally we have 3 nukes that only run for 3 days of the year for peaks)
* The environment wins as an offshot of point #2
Min
On the whole, I find that I prefer Slashdot posts to twitter ones because I don't get limited to 140 chars before
I've read through both PDFs, and they really go into a lot of detail on the experimental methodology. The main thing they seem to be concerned about (and the only vulnerability they detail) are extracting the encryption keys from the meter firmware ("some" meters) and reverse-engineering the command protocol. While this could be a threat, being able to turn off/manipulate individual home meters isn't going to have any far-ranging effects beyond that. It also, obviously, requires a lot of reverse-engineering skill. I'd be more concerned with someone packaging this into a bluebox-style solution for manipulating your own meter, giving you free power? Earlier in the methodology report they talk about IR ports and similar being unsecured due to the perceived unlikelihood of attacking them, but they don't detail anything about that in the presentation PDF. That would be easier to exploit, though, so they might be keeping a lid on the more critical vulns?
Emotions! In your brain!
you might want to read up on smart meters and studies associated with them. they can help reduce your energy usage (together with near real time feedback provided by the meter) and change the usage distribution. i don't think i have to tell you why it's a good thing, for you and our whole energy/climate situation, to decrease your overall usage. flattening down the distribution away from the peaks we see today will help stabilizing and securing the grid (and reduce costs for the utility). obviously that doesn't excuse security problems in the system and they have to be addressed immediately.
energy theft has been a rather big problem in some countries and was an easy thing to accomplish. go ask italy why enel introduced smart meters back in 2001, even though they still don't profit of any userfeedback or newer billing plans. the main goal of introducing smart meters from the point of utilities is exactly to reduce energy theft, you think they're introducing flaws on purpose because they want to loose money?
build some fake solar cells and windmills on the roof
Building fake gadgets by hand one piece at a time, might be more expensive than buying a real one.
Most of the money in panels is in the assembly labor, the glass, the backer, waterproofing, the mounting brackets... If you're going to all that trouble, may as well stick some cells in there. Even making convincing fake cells to encapsulate into the panel is going to be tough.
On the other hand, an inverter is quite expensive and no one sees it...
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
Is why electricity costs money. It is just electrons, which are everywhere.
You're not paying for the electrons, you're paying for the non-conservative fields propelling them around.
Ezekiel 23:20
No benefit? These things allow the power company to balance the grid load and "pass the savings on to you", as they say.
When I was in college, some 20 years ago, our home had a water boiler with a "smart" meter connected to it. The meter wasn't very smart and certainly not computerised, but it did allow the power company to switch on our boiler when they had some excess power capacity to get rid of. It was strictly opt-in (the boiler could be switched to manual), but if we used it we always had warm water at about 1/3rd of what it would have cost us at regular energy rates.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
"spin it backwards 24/7".
So, uhmmm, why are you complaining?
Excuse me, but please get off my Pennisetum Clandestinum, eh!
So would that be 39.37 smart inches?
My city-run utility company inadvertently drove itself into a political clusterf**k with smart meters. A large bunch of the smart meters were installed in January, then we had an extremely cold February that caused very high bills for some people, and the bills were blamed on the smart meters.
"um no. with the old meters you can't jack up someone's power bill without shattering the glass globe which surrounds it."
Sure you can, just put the plug of your dryer in your neighbors cellar when he's away and you'll drive up his power bill in no time.
If somebody starts screwing around with the lights to play Tetris on my apartment building, I'll install red lights just to fuck with his game.
I find this whole thread amusing since I commented that I didn't like the idea of smart meters, that I was worried about them being hackable in a slashdot post last week and everyone commented in response to me that I shouldn't be worried about this kind of thing. That they couldn't be hacked and if they were, there was nothing they could do except get my power information.
I wonder what those folks are saying today in this thread.
I'm confused, why is it physically possible for anyone to remotely turn power on and off? That doesn't have anything to do with "help deliver electricity more efficiently and to measure power consumption in real time". Surely the entire software and circuity surrounding those features should be able to fail completely with the core system (supply of electricity) completely unaffected and oblivious? I'm tempted to assume someone has other, less marketable objectives for the smart meters such as being able to cheaply disconnect people who aren't paying the bill, and therefore the root of the problem is those inherently risky objectives.
Which begs the question, why are they not gettin up off their ass's and building more power generation plants as opposed to whining and crying which eventually leads to these stupid hair brained ideas in the first place.
Save money by cycling your AC indeed. The MONEY *IS* the incentive, not the SAVING.
The problem we have is our leaders have sold us out, instead of pre-planning ahead, and taking actions to prevent destruction, they scam the system, their lives revolve around re-election finance, the ONLY time they take action is when it's forced because something breaks (because they had NO PLAN AT ALL) and we have another disaster which has to be fixed with another fucking OVER budget debt.
Then they get out there and say they didn't know. They KNOW, they are ENCOURAGING this crap.
Yes, yes, I know it's an inaccurate oversimplification ... just think of it as a metaphor.
Can you rephrase that in the form of a car analogy?
The traditional problems utilities have had to deal with are of physical intrusion, either by customers or by neighbors, looking to bypass the meter, modify the readings, or steal electricity. They solve this (or at least reduce it to a manageable level) mostly with intrusion detection -- basically, seals so they know the meter has been tampered with. In this model, the only loss is money and so preventing it at high cost doesn't make sense; detecting and stopping it reasonably quickly is more important.
With meters which do more than metering, that's just not good enough. Significant effort must be made to prevent malicious people from surreptitiously turning power off, otherwise assholes will do it just for lols. It's not like ripping a meter off the wall, which will have the same effect but carries high likelyhood of getting caught.
My Grandfather swore by cow-magnets on the meter enclosure, and he worked for Detroit Edison. If the old fashioned cow-magnets worked imagine what the new niobium-rear-earth magnets of today would do. Personally I think it;s an old-wives tail, but I've never checked it empirically.
Apocalypse Cancelled, Sorry, No Ticket Refunds
I think it might be a severe head injury rather than drugs in this case. Not as much fun.
why are they not gettin up off their ass's and building more power generation plants
Because power demand increase as a curve and power supply increases in steps. Let's say power supply is currently 10,000 units. Next year the demand is expected to go to 10,500 units. A new coal power plant supplies 5,000 units at $1.5 billion dollars (approximate cost of a new plant). A power utility can spend $1.5 BILLION and build a new plant that's going to run at a fraction of its capacity for the next many years, or they can spend a few million dollars and trim demand to fit within their current infrastructure. If you're the power company which do you choose?: the $1.5 billion dollars that will be underutilized for the next ten years, or the few million dollars that ensures your system is running at peak capacity. Money IS the incentive. And the best way to make that in the energy world is to ensure that your current system is maximized in terms of its use.
Great, first it was IOActive frothing non-stop about smart meters, now we have Inguardians turning the froth up to 11. This whole smart grid security issue never addresses the probability of an attacker actually being able to carry out a serious attack in real life. The PDF talks about theoretical attacks. It describes possible weaknesses. It does not assign any probability or likelihood to those attacks. As such, this is faulty and misleading security work. Its the kind of FUD "security gurus" resort to when they want to scare people into buying their services. Notice that the PDF makes sure to advise users to buy services like pentesting and code review - which of course an Inguardians sales representative can sell you. Any decent security analysis MUST include consideration of probability. Risk (the most basic measure of security) is comprised of both impact and probability. Sure, breaking into a smart meter could be a catastrophic thing, thus a very high "impact" rating. However, if the probability of doing that in the wild is enormously low. Something like 0.000000001%. Then the risk of this actually happening is therefore very low. Until one of these “researchers” shows the real risks involved here, and not a bunch of theoretical and conceptual data, I remain unconvinced that there are serious problems with smart meters.
I was an engineering consultant for 40 years. I'm well familiar with the politics and ethics of engineering studies. Something is fishy here.
The AP says that Wright's firm was hired by three utilities. The web material suggests that it was actually ucaiug.org (an association of both vendors and utilities) Presumably, they financed the security study to expose vulnerabilities so that they could fix them. They did it openly and allowed the report to be published. That's laudable and responsible behavior. It is the opposite of denial and secrecy.
Normally, Wright and his team write the report and the vendors and utilities fix the problems. However, Wright is going pubic in a big way. He, with cooperation from the media, is mongering fear and suggesting that the vendors and utilities don't care about security. He's acting in a way that brings maximum bad publicity to his financial sponsors. That is extraordinary behavior for a consultant. If it was I that hired him, I would feel betrayed.
I really can't tell if he's doing it for shameless and unethical purposes of self promotion, or whether there was a breakdown in relations between the consultant and the clients. Somewhere there is an enormous untold back story.
Sure ...
... just think of it as taking up a metaphorical parking spot for my analogy.
What I just described as the engine of a Yugo is, in reality, probably closer to the complexity of a Ferrari's engine
Cars are free, it's just the making and selling of them that costs you money.
"linux is just DOS with a UNIX like syntax" -- Galactic Dominator (944134)
Heck, you can take mine too, if you can carry it.
Dear WrongSizeGlass,
Can we move one of our data-centres next to your house?
Sincerely,
Eric Schmidt
Mind the frickin' laser...
Anyone found any similar useful hacks with them newfangled radio water meters?
My city put 'em in last year and this dude comes out to the house to install it and I'm like, "...so this let you drive past the house and pick up the meter reading without coming to the side of the house, right?" And the dude is like, "No. This radios your water usage directly to the central office every twelve hours."
Every twelve hours.
I know slashdot makes you paranoid, but this bothers me. I simply cannot imagine how it could be useful to monitoring this frequently when they still bill my usage monthly. Plus, any dude with access to the database can hack together an SQL query to find out which houses have a total water usage under a gallon over the past three days and know who's not home.
The trouble with "smart meters" and the "smart grid" is that it's too easy to put in excess functionality that can cause trouble. The ability to do remote firmware upgrades is an example. The ability of meters to communicate with each other is another.
The "smart grid" has way too much centralized control in it. All that's really needed is remote meter reading, plus some broadcast signals to indicate how scarce power is at the moment. The customer should have read-only access to their meter from their side of the meter. High-current appliances should be able to query the meter to find out if it's OK to draw heavy power right now. The power company should have no data path to appliances.
Incidentally, some "smart meters" support pre-paid service, where customers have to pay in advance and are turned off automatically when their pre-payment runs out. There's also wattage-limited service, where the power turns off if a maximum load is exceeded. This can be used for collection purposes; if you get behind on your electric bill, your consumption is limited. There's a whole new range of ways for screwing poor people going in. It's like "check cashing" stores.
This place is from the 70s, so I assume it is a not a smart type?
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
we had a similar problem in Italy. basically the new electricity meters were infrared-accessibile. password protected, of course. no need to hack anything trough, just use '0000', '1234' or '3635' ("enel as written with a cellphone, it's the company name). ta-da! full access. so what did we do? nothing. but we're in italy after all...
"I was gratified to be able to answer promptly, and I did. I said I didn't know." -- Mark Twain
Those were only effective on meters that use a spinning disc. All the new ones are digital and either the magnetism won't do shit or mess them up completely.
People replying to my sig annoy me. That's why I change it all the time.
You are close as 20% of power plants are only used 10 days a year, however I can assure you that nukes aren't being used as you describe. Nuclear power plants are base load generating plants and will always run along with hydro plants. Most peaking plants are natural gas fired as they can be turned off and on easily. Nuclear plants take better than a day just to get up to full power as do coal plants.
we have a new vector, victor!
6th Street Radio @ddombrowsky
The solution is quite obviously a hash lookup, but you would be surprised how few "programmers" come up with that.
Which begs the question, why are they not gettin up off their ass's and building more power generation plants as opposed to whining and crying which eventually leads to these stupid hair brained ideas in the first place.
Because of the NIMBY/BANANA Nazis have teamed up with those concerned about climate change to filibuster any attempts at building new power plants?
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
This is not necessarily true. A lot of homes will not have remote disconnect, but it's absolutely available on meters today. Especially smart meters.
A lot of these smart meters utilize 802.15.4 (2.4Ghz) radios running a Zigbee stack. 802.15.4 is DSSS like 802.11. The same vulnerabilities exist in both topologies. There are two pieces to this system. The utility area network and the home area network. They are generally required to be separate bands. For instance, A Zigbee HAN and a cellular backhaul. The architecture of the 'system' would limit a hacker to individual homes. Replay attacks I understand are particularly successful but they don't allow you to propagate back to the utility to shut down entire neighborhoods. It's just as dangerous as having a wifi router in your home.
If one could jack up the power bill, one could also ratchet it down too.
Sorry, late to the party.
I work for an electric cooperative. We have automated meter reading. Each night, each meter sends in the reading for the day. We're thinking about going hourly. We're actually part of a pilot project for demand response. As someone brought up in a previous post, these meters works wonders for outage management. We can now "ping" meters. A member calls in an outage, we ping the feeder he's off of and within minutes we pinpoint the piece of equipment that has failed.
I'm actually excited about a lot of this new technology because I can see where it's going and it's not all that big brotherish. I think the largest benefit to everyone involved is the increased ability to monitor consumption. As it is now, you use a bunch of power and only find out what you're getting billed for at the end of the month. Some people get surprised. Wouldn't it be neat to have an in-home display (maybe your thermostat) that shows your current (heh) usage by the hour? You can now identify which times of day you're using the most juice, things like that. And no surprises when you get the bill.
Demand response is going to be huge. As we run out of places to build dams of power plants we need to do better with what we have. The silliest thing is some unreal proportion of generation sits there idle until 5 pm when everyone gets home and turns the heat up and their TV on. That demand spike requires us to generate huge amounts of energy for just an hour or two and then the generators sit there are spin at idle until the next peak. So if you can make that peak not so sharp or not so high, everyone wins when it comes to the bottom lines. The utility is otherwise forced to buy peak power at a premium and forced to pass that cost on.
So now we're piloting a project where people's electric heat and water heater are hooked up via the "smart" grid and during a peak event, for 45 minutes, we set back their thermostat 3 degrees and shut their water heater off. So, for that barely noticeable impact on a person's life, everyone gets savings. It's also a ton better than rolling blackouts or brownouts.
I honestly think the project as it is is a pretty hard sell but I envision hourly pricing data sent down the wire to a consumer's smart appliances. You want to do a load of laundry and when you push the start button on your drier is says "Currently $0.16/kwh. If you wait 2 hrs, power will be $0.12. Start now or wait?" Leave it in the hands of the consumers. Give them the correct up to date knowledge to make good choices.
But you can't get from here to there without the baby steps. You need to start collecting a ton of data on people's usage. You need to know where and when your peaks are. You need to be able to predict them. You need to be able to interact with the consumer. Gone are the days of your dumb meter, and thank God for that. I realize some of the growing pains aren't that great but I think it will pay off in the long run.
What doesn't kill you only delays the inevitable