Does IoT Data Need Special Regulation?

dkatana writes: As part of the UK's Smart Meter Implementation Programme, Spain's Telefonica is deploying a M2M solution, using its own proprietary network, to collect and transmit data from 53 million gas and electricity smart meters. The most troubling issue is that the UK government awarded the contract to a private telecom that uses a proprietary network rather than to an independent organization that uses freely available spectrum and open source solutions. Those Smart Meters are supposed to be in operation for more than three decades, and rely on a network that can cease to exist. On top of that, the network, running proprietary protocols, can be hacked, and "will be hacked". Only Telefonica will be able to fix it.

Re:open source?

[AmiMoJo]

TFA is confused and has almost no information. I work in this area, and even I don't know what it is on about.

There are a few different systems for reading smart meters. They are all proprietary to some degree. Some use mobile networks, some use Zigbee, some use other proprietary networks on sub-1GHz radio bands.

It's hard to see what someone could do to hack these devices. They are basically transmit only. They send meter readings, that's it. I suppose you could artificially inflate someone's bill or jam the ability of the electric company to take readings, but then they would just revert to the old system and read the numbers off a display on the unit. The units don't accept any commands at all - they are designed to be highly tamper proof because people have been trying to steal electricity from day one.

There is no open source software framework or network for this purpose. Wifi is far too short range and subject to massive amounts of congestion. TFA doesn't suggest anything.

Re:open source?

[Darinbob]

I work in this industry. Proprietary networks can still use freely available frequencies; most of them actually do. Other spectrum is extremely expensive and often impractical for this sort of stuff (unless they plan to blast out at high dB to collect data from further away). The article mentions wifi and cellular, and wifi is freely available spectrum, and cellular may be used in some cases where connectivity is a problem and the telephone companies have paid the big bucks to buy that spectrum (expensive to use cellular so it's a last ditch resort).

For open source, that's not practical. First off, the customer here is not the home owner. The customer is the utility. The utility does NOT want the home owner to be hacking on the meters. Given the number of anti-smart-meter kooks out there, these are active targets for hacking. Even if open source is used they images would inevitably have to be signed. Yes, only Telefonica (or other provider) will be able to fix these meters, but that's normal and expected and required under many regulations. Yes, someone can fiddle with them, open them up, cut some wires, etc, but you break the seal on the meters and the owners will notice soon enough.

If the network ceases to exist, then the meters still continue to work. Just read them by hand like we used to do. Assuming no one else buys out the meter company and takes over the network. Or the new utility removes the meters and replaces them with something else. How is the "thirty years" thing even remotely a problem, since in that time many networks may come and go. Firmware gets upgraded, or the utilities may decide that they want the new features and replace them before thirty years.

As for can and will be hacked, compare that to phone networks. They can and will be hacked, and the owner of the phone can do nothing since only the phone company will be able to fix that. No panic there I see. Only panic with smart meters. I think phones are too cool for conspiracy theories to take root.

Re:open source?

[lars_stefan_axelsson]

If you want to steal energy, the low tech solution is to clam on to the lines before it goes into the meter. Very popular with the hoe growers overhere, has been for many decades.

And the defence against this is equally old. The electricity company also monitors how much power is delivered at the other end, and if the discrepancy is too large, they start monitoring individual subscribers to see where the loss is.

With smart meters, this becomes so easy that you could automate it. With smart meters you can more or less continuously monitor usage by the subscribers and delivered power to the group of subscribers, cheaply and on-line. Simple statistical anomaly detection can relatively easily point out both when someone is "stealing" electricity and point the finger at the subscriber that's probably the culprit. Before there was a large lag and metering to catch the "thief" was expensive and involved manual labour. Today you have computerised reporting every hour.

So while "stealing" electricity may be as easy as ever, getting away with it just now became harder.