Contributed by Joanne C. Kelleher
Smart Grid security covers a wide spectrum of technologies from fences and video cameras at the power generation facilities and substations to securing the data in the embedded systems and metering devices used to monitor and adjust a homeowner’s usage. These Smart Meter security issues have been in the news a lot recently.
Elinor Mills wrote a great article for CNET titled Money trumps security in smart-meter rollouts, experts say. In a rush to take advantage of U.S. stimulus money, utilities are quickly deploying thousands of smart meters to homes each day–smart meters that experts say could easily be hacked.
Fred Cohen, chief executive of Fred Cohen & Associates consultancy, painted a scary scenario where people could exploit security holes in smart meters to not only find out when a consumer is away from home to rob the house, but eventually also to shut off power to elevators and air conditioning units, disrupt city lights, and interfere with other critical systems when they are ultimately connected as part of home area networks that link all systems in a building.
Security researcher, and fellow RFID Security Alliance member, Karsten Nohl has inspected one of the smart meters that has been deployed. “We didn’t find any of the security measures you would expect in an embedded device with critical-infrastructure relevance,” he said. “Prominently missing are signed and encrypted firmware, secure (smart card) chips for key storage, unique cryptographic keys, and physical tamper protection.”
Read the entire article at http://news.cnet.com/8301-27080_3-20007672-245.html?tag=newsLeadStoriesArea.1.
Mills references a new paper from the Cambridge Computer Laboratory, On the security economics of electric metering, which argues that data and security risks are not being sufficiently addressed, while the energy-saving benefits to consumers from smart meters are still not proven. This paper gives background information on the development of the electric system and meters since Edison’s time, current smart grid initiatives and recommendations for the regulation of a future smart meter infrastructure.
The NY Times in Anxiety Builds Among Utilities Over the Communications Part of ‘Smart’ Grid covers the political issues created as the FCC seeks to use its handle on the nation’s wireless spectrum to speed up the smart grid’s rollout.
Rep. Ed Markey (D-Mass.), chairman of the House Select Committee on Energy Independence and Global Warming, introduced the “Electricity Consumers’ Right to Know Act” just the FCC Broadband Plan was released. It declares that consumers have a right to access information about their electricity usage and prices from their utilities in a “free, timely and convenient” manner that ensures privacy and data security.
The Smart Grid initiatives, which merge electric utilities – highly regulated at the state level, the Federal Communications Commission and telecommunications industry, the US Department of Energy, Google, and meter and appliance manufacturers like General Electric, Honeywell and Intel, have many issues to overcome and security is just one of them.
Hopefully, unlike with RFID and other products, Smart Grid and smart meter security issues will be addressed during the design stage and prior to rollout.