Slashdot Mirror

← Back to Stories (view on slashdot.org)

Does IoT Data Need Special Regulation?

Posted by samzenpus on from the new-rules dept.

dkatana writes: As part of the UK's Smart Meter Implementation Programme, Spain's Telefonica is deploying a M2M solution, using its own proprietary network, to collect and transmit data from 53 million gas and electricity smart meters. The most troubling issue is that the UK government awarded the contract to a private telecom that uses a proprietary network rather than to an independent organization that uses freely available spectrum and open source solutions. Those Smart Meters are supposed to be in operation for more than three decades, and rely on a network that can cease to exist. On top of that, the network, running proprietary protocols, can be hacked, and "will be hacked". Only Telefonica will be able to fix it.

5 of 99 comments (clear)

  1. open source? by phantomfive · · Score: 4, Insightful

    I don't think you can rely on any platform to be around for 30 years, even if it's open source.
    Some platforms have lasted that long, but trying to guess which platforms will last and which won't is not the reason to choose open source.

    --
    "First they came for the slanderers and i said nothing."
    1. Re:open source? by phantomfive · · Score: 4, Funny

      It's far more likely that TCP/IPv6 will be around in 30 years

      Come to think of it, you can probably make sure a technology lasts by wishing it wouldn't stick around. Based on that, they should use IPv4 with Flash+Javascript written in COBOL on Windows ME. It'll last forever.

      --
      "First they came for the slanderers and i said nothing."
    2. Re:open source? by KGIII · · Score: 5, Interesting

      I like the way you think. I really do. Which made me think of an answer to this non-question.

      The answer is no, we don't need special regulation. What we need are intelligent and informed persons. Eventually, and this doesn't discount closed source, we could have open and interoperability-built standards that are published, vetted, and agreed on - or at least published and open. The idea being that, yeah, smart people would select to use such instead of insisting on reliance on closed and mysterious. This doesn't mean that the code, itself, can't be proprietary but the communications methods that it uses should be - they should be open, available, and free to use, even for commercial means. In this case, using this example, I'd suggest relying on the standards IPv6 and TCP/IP (or UDP, if applicable - does UDP support error correction?).

      If there's any benefit to this new, proprietary, communication format then, by all means, share it with the world so that it can be reviewed, improved on, standardized, and benefit others. It's not like it will do anything more than help the company's bottom line to do so. If anything, it will increase their visibility and market share. Perhaps, I guess, they could license it for commercial use but, honestly, I don't think that will help. If anything, and this is important to me - at least, it's a municipal project (from the looks of things) and thus it should be open.

      The summary mentions that it will be hacked, and it will be, so having other companies that can layer on security (if needed) or perform repairs prevents lock in and price gouging. There's a vested interest, from the people, to insist that these types of things remain open and rely on commonly accepted (i.e. standardized even if unratified and informally) and readily available information. Should this company go out of business then the tax payer will have to keep them afloat just to insure they can read electrical usage meters? Surely you jest... When a security flaw is discovered, and it will be, who is going to repair it and how much is it going to cost? Truly, I can think of no benefit to this being proprietary but, perhaps, I'm missing something.

      Ah well... I should be sleeping, though I've called the desk and have paid for another night so I'll not have to be out of the hotel by 10:00 in the morning. What an ungodly hour to insist that I check out. I'll be in Buffalo for another night and that means I get to spend a little bit of time online. Yay...

      --
      "So long and thanks for all the fish."
    3. Re:open source? by AmiMoJo · · Score: 4, Informative

      TFA is confused and has almost no information. I work in this area, and even I don't know what it is on about.

      There are a few different systems for reading smart meters. They are all proprietary to some degree. Some use mobile networks, some use Zigbee, some use other proprietary networks on sub-1GHz radio bands.

      It's hard to see what someone could do to hack these devices. They are basically transmit only. They send meter readings, that's it. I suppose you could artificially inflate someone's bill or jam the ability of the electric company to take readings, but then they would just revert to the old system and read the numbers off a display on the unit. The units don't accept any commands at all - they are designed to be highly tamper proof because people have been trying to steal electricity from day one.

      There is no open source software framework or network for this purpose. Wifi is far too short range and subject to massive amounts of congestion. TFA doesn't suggest anything.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:open source? by Darinbob · · Score: 4, Informative

      I work in this industry. Proprietary networks can still use freely available frequencies; most of them actually do. Other spectrum is extremely expensive and often impractical for this sort of stuff (unless they plan to blast out at high dB to collect data from further away). The article mentions wifi and cellular, and wifi is freely available spectrum, and cellular may be used in some cases where connectivity is a problem and the telephone companies have paid the big bucks to buy that spectrum (expensive to use cellular so it's a last ditch resort).

      For open source, that's not practical. First off, the customer here is not the home owner. The customer is the utility. The utility does NOT want the home owner to be hacking on the meters. Given the number of anti-smart-meter kooks out there, these are active targets for hacking. Even if open source is used they images would inevitably have to be signed. Yes, only Telefonica (or other provider) will be able to fix these meters, but that's normal and expected and required under many regulations. Yes, someone can fiddle with them, open them up, cut some wires, etc, but you break the seal on the meters and the owners will notice soon enough.

      If the network ceases to exist, then the meters still continue to work. Just read them by hand like we used to do. Assuming no one else buys out the meter company and takes over the network. Or the new utility removes the meters and replaces them with something else. How is the "thirty years" thing even remotely a problem, since in that time many networks may come and go. Firmware gets upgraded, or the utilities may decide that they want the new features and replace them before thirty years.

      As for can and will be hacked, compare that to phone networks. They can and will be hacked, and the owner of the phone can do nothing since only the phone company will be able to fix that. No panic there I see. Only panic with smart meters. I think phones are too cool for conspiracy theories to take root.