Survey: Most Home Users Satisfied With Voice-Controlled Assistants. Tech Adoption Barriers Exist
Yahoo Agrees To $50 Million Payment To Settle 2013 Breach

Security Researcher Warns 'Hack A Smart Meter And Kill The Grid'

Everyone has utility meters which measure their gas and/or electricity consumption. Many of those meters are smart meters, installed in homes in both the United States and Britain. How secure are smart meters? First, some background since few consumers know what's installed in their homes.

According to the U.S. Energy Information Administration (EIA), there were 78.9 million smart meters installed in the United States by 2017, and residential installations account for 88 percent of that total. So, about half of all electricity customers in the United States use smart utility meters.

All smart meters wirelessly transmit usage to the utility provider. That's why you never see utility technicians visiting homes to manually "read" utility meters. There are two types of smart meters. In 2013, the number of two-way (AMI) smart meters in the United States exceeded the number of one-way (AMR) smart meters. The EIA explained:

"Two-way or AMI (advanced metering infrastructure) meters allow utilities and customers to interact to support smart consumption applications...The deployment and use of AMI and AMR meters vary greatly by state. Only 5 states had an AMI penetration rate above 80 percent. High penetration rates are seen in northern New England, Western states, Georgia and Texas. California added the most AMI meters of any state in 2013... There were 6 states with AMR penetration rates above 80 percent with Rhode Island the leader at 95 percent. The highest penetration rates are in the Rocky Mountain, Upper Plains and Southern Atlantic states. New York added nearly 540,000 AMR meters in 2013. Pennsylvania lost 580,000 AMR meters, but gained almost 620,000 AMI meters..."

Chart with 2-way smart utility meter penetration by state in 2013 by EIA. Click to view larger version See the chart on the right for two-way installations by state. Readers of this blog are aware of the privacy issues. A few states allow users to opt out of smart meters. Since the wireless transmissions occur throughout each month, smart meters can be used to profile consumers with a high degree of accuracy (e.g., the number of persons living in the dwelling, when you're home and the duration, which electric appliances are used, the presence of security and alarm systems, special equipment such as in-home medical equipment, etc.).

Now, back to Britain. It seems that the security of smart utility meters is questionable. Smart Grid Awareness follows the security and privacy issues associated with smart utility meters. The site reported that a British security expert:

"... is more convinced than ever that evidence now exists that rogue chips may be embedded into electronic circuit boards during the manufacturing process, such as those contained within utility smart meters. Smart meters can be considered high value targets for hackers due to the existence of the “remote disconnect” feature included as an option for most smart meters deployed today."

So, smart meters are part of the "smart power grid." If smart utility meters can be hacked, then the power grid -- and residential utility services -- can be interrupted or disabled. The remote-disconnect feature allows the utility to remotely turn off a meter. Smart meters in the United States have this feature, too. Reportedly, utilities say that they've disabled the feature. However, if the supply chain has been compromised with hacked chips (as this Bloomberg report claimed with computers), then bad actors may indeed be able to turn on and use the remote-disconnect feature in smart utility meters.

You can read for yourself the report by security researcher Nick Hunn. Clearly, there is more news to come about this. I look forward to energy providers assuring consumers how they've protected their supply chains. What do you think?


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.