When Smart Meters go wrong

Most people don’t think much about firmware – the embedded software which runs the microcontrollers in all of the devices we have around us.  We’re aware of the frustration when they don’t do what they’re meant to, at which point we realise that “smart” may not have been the best adjective to use to promote the product, but even when they do go wrong, turning them off and on again, or taking the battery out generally clears the problem.  They almost always go wrong because the design process didn’t include enough testing, or not enough time was given over to thinking about the “edge cases” – those unexpected combinations of events which result in things not working the way they should.  Most of the time it’s just a short-term annoyance; if it’s worse than that we’ll probably send it back, or throw it out and buy a new one.

However, we do expect safety critical devices like cars and planes and national infrastructure to be a lot better designed than this.  Your boiler turning off because it thinks there’s a flow problem when there isn’t is annoying (time for a firmware upgrade please, Vailant), but it’s not life threatening.  In contrast, a self-driving car that runs over a cyclist is not something the public is generally happy about.  Nor is a plane falling out of the sky.  But where would you put a smart meter in the scale of things that might affect your life?  Last week we found out, and it’s not a happy answer.

Read More

How to Hack a Smart Meter and Kill the Grid

Last week was a watershed for the embedded security community, and by implication everyone else.  Bloomberg announced that rogue chips had been found on the motherboards of servers sold by Super Micro Computer to companies like Amazon and Apple.  Whoever had added these during the manufacturing process would have acquired the ability to control and access data from the servers when those companies installed them.  For the first time, it appeared there was evidence that the supply chain could be disrupted.  That meant hacking was happening during the manufacturing process, before the products had even left the production line.

Up until now, hacking has predominantly been viewed as getting malicious code into a device which is “clean”, by exploiting security flaws in its code.  That’s what’s happened with every PC virus; attacks like the WannaCry ransomware, and state sponsored attacks such as Stuxnet and the recently discovered attempt by Russian hackers to infiltrate the Organisation for the Prevention of Chemical Weapons in The Hague.  Although the concept of hacking a product before it has shipped has been discussed for years, the Bloomberg report signals that we’ve moved from academic debate to reality.

There is still debate about whether the report is correct.  Apple and Amazon deny much of the detail, but its publication has started people looking more closely at the supply line and concluding that whether or not it is true, the way we design, subcontract and manufacture complex electronic products today means that it is possible.  If it is true, this attack was probably commercial, where a company or a state wanted to discover what leading global companies were doing.  What is more worrying is the prospect of a future where malicious state actors target infrastructure with the aim of crippling a country.  Which brings me to smart meters.

Read More

Smart Meter Update

“Hello, this is the British Electricity Smart Meter hotline.  You are number two million, four hundred and sixty eight thousand, two hundred and twenty three in a queue.  We’re sorry your smart meter has disconnected you and that you have no electricity.  We are working to upgrade the firmware in all of our smart meters and hope to have your power restored sometime in the next six months.  Thank you for your call.”

It’s the scenario that no-one in the energy industry wants to talk about – the day that Britain’s smart meters go wrong or get hacked and millions of users lose power.  It will probably never happen, but some things have such appalling consequences that we shouldn’t design and deploy something that makes even that small probability possible.  But we have.  And nobody appears to have thought about making sure it’s possible to recover from it.

Read More

Squirrels, Grid Security and a Stuffed Rudd

Probably the most effective way for any terrorist group or belligerent power to cripple a Western nation and bring it to its knees is to destroy its electricity grid.  Without power, most of the infrastructure will crumble into chaos within a few weeks.  Manufacturing would come to a standstill, along with healthcare, transport, banking, mobile communications and retail.  That was seen in Iraq, where 70% of the generating capacity was destroyed during the Gulf war, in what has been described as a crime against humanity.  At that time, grid destruction relied on physical means – dropping bombs on power stations and sub-stations.  As we integrate more electronics and software into the grid, you no longer need expensive munitions to blow things up – terrorists can do it from a computer.

It’s two years since I last wrote about the cybersecurity issues within the GB smart meter rollout.  At that time the response from the industry was dismissive.  In the past six months, three things have happened which bring the risk back into focus.  We’ve seen the first major grid cyber attack in the Ukraine; secondly, smart home owners with Nest thermostats have discovered that firmware updates can stop them operating and the third is that reports have come in of smart meters in the UK which have stopped working.  None of that means our grid is going to be hacked tomorrow, but they all point out that what has been dismissed as impossible may not be quite so difficult as the industry and DECC would like to believe.  Despite that, heads are still firmly in the sand as the UK Government continues to press ahead with a smart metering programme that is not so much climate-friendly as terrorist-friendly.

Read More

Wireless Security for the Internet of Things

If you believe the futurologists, then the Internet of Things (IoT) is going to be the next big thing.  Depending on who you listen to, by 2020 there will be up to 50 billion connected devices, an order of magnitude greater than the number of mobile phones.  You can already see the start of that, whether it’s smart meters, connected information signs, or the increasing number of fitness devices, like Fitbit and Nike’s Fuel wristband.  To get a better idea of what else may be emerging to make up that number, a good place to start is Kickstarter – the website for crowd-sourced funding.  It shows that a significant number of potential start-ups are looking for money to produce a bewildering array of gateways and sensors.

It’s great that there is so much innovation going on in this area.  I’ve been trying to help it take off for almost two decades and at last I can convincingly say it’s happening.  But underneath the enthusiasm, I’m concerned that not enough attention is being given to security.

A few weeks ago, a speaker at a security conference in Australia talked about wireless attacks on pacemakers.  Possibly because of the combined press frenzy around Superstorm Sandy, Obama’s re-election and Jimmy Savile, that piece of information wasn’t picked up by the mass media.  At the same time, I’ve been playing with some of the latest consumer products that have come to market and found very little evidence of security.  In fact, recent coverage in the technical press suggests there is a worrying feeling of complacency.  I suspect that may be because wireless and end-to-end security is a new concept for many of the engineers designing IoT devices.  But it is important that it makes its way onto the agenda, otherwise it may seriously impact the potential for growth.

Read More

Bluetooth low energy will save forgetful US business travellers $300 million per year

At the Bluetooth low energy preview day in Tokyo, a spokesman for Nokia reported an interesting statistic.  Every year, 300,000 laptops are lost or left behind by passengers at U.S. airports.  Apparently that’s greater than the number of mobile phones left at airports, suggesting that most travellers consider their phone to be more important than their laptop, but that’s another story.  At first sight the figure seems staggering, but it’s only around one laptop per airport per day.  What is staggering is the resulting cost of replacement, which equates to a third of a billion dollars every year.

The reason for raising this statistic is to point out one of the new applications which will be made possible by Bluetooth low energy.  Bluetooth low energy (previously known as Wibree) is the new Bluetooth standard that is coming out this year and which enables devices to be produced which include a wireless link to transmit small amounts of data, and support a battery life that can extend into years.  One of the first applications that will ship is access control or proximity detection.  Which is why it can save the US economy $300,000,000 every year.

Read More