Hacking Smart Meters, Single Chips and Updating

This week was an interesting one for smart metering announcements.  Accent – a Franco-Italian semiconductor design house announced their smart meter on a chip, prompting Jesse Berst of Smart Grid News to enthuse that the “Smart Metering Business has just changed for ever“.  Sorry Jesse, but I don’t think so.  Elsewhere, in Providence, Rhode Island, New England hackers were convening at QuahogCon to discuss the security of standards.  The two announcements provided a good demonstration of the gulf between the promoters of smart metering and the reality of the state of the standards they intend to use.  In the same week, ZigBee closed its call for comments on the Technical requirements Document for its Smart Energy Profile, giving the impression that the standard is not far from completion.

The gulf between the enthusiasts and realists is wide.  It is worrying that much of the industry is rushing blindly towards deployment, with little understanding of the risks and what can be done to mitigate them. 

One of key mantras I keep on hearing repeated when security of the smart meter is raised is “why would anyone bother to hack it?”  Josh Wright, talking about ZigBee security at QuahogCon hit the nail on the head when he answered that.  “As an attacker, ZigBee lets me interact with the real world – that’s exciting.  I can interact with a dam, or natural gas distribution lines.  We’re looking at a wireless protocol that lets us interact with real things in the real world – it’s not just credit cards.”  The industry forgets the excitement that comes from “because I can” and “real things”  And it only needs a few people doing that to fuel scare stories that will kill the whole industry.

Read More