Identified: 30 threats and 5 ways to attack smart meters

Article: 02 October 2012

SINTEF (The Foundation for Scientific and Industrial Research), in cooperation with Telenor, recently assessed security threats related to smart meters - electrical meters that enable two-way communication between the household and the utility company.

Hand-over-ceremony of the smart grid security threats report , from left Jan Kristensen (Telenor), Maria Line (SINTEF), Inger Anne Tøndel (SINTEF), Håvard Belbo (local utility NTE), Jan Onarheim (Norwegian Smart Grid Centre).

SINTEF researchers identified 30 threats and five different ways to attacks smart meters, and will use this information to help prevent these types of attacks in the future. Security of this strategic infrastructure is critical, as smart grids (electrical grids that use information and communication technology to gather and act on information) will play an important role in the realization of the European Union’s 2020 targets for climate and energy. In Norway, smart meters will be installed in all households by end of 2016.

As the utility industry’s key partners, mobile network operators such as Telenor are looking to better understand security and privacy requirements for smart grids (including smart meter infrastructure and smart homes), and are working with the utility industry to find ways that mobile networks can address these requirements.

“Smart meters are a prerequisite for achieving EU’s 2020 climate and energy goals, and for customers, these meters are the most visible component of a Smart Grid infrastructure. The aim of our research with SINTEF is to contribute to a better understanding of threats to smart meters,” said Jan Kristensen, Director Climate Change, Telenor Group.

Privacy requirements

When smart meters are deployed, the utility companies will automatically collect information more frequently. For billing purposes, hourly readings are necessary, but for grid management purposes the local utility company can make use of per-minute or even per-second readings. This results in huge amounts of data for each household. This data must be kept confidential, as it can reveal information on the lifestyle and habits of the specific household.

“There is no doubt that usage data must be protected, and there must be clear rules and guidelines in place describing what this data should be used for and who should have access. This is already the case for other similar large-scale collections of personal information, such as money transactions, phone calls and broadband usage,” said Kristensen.

“The smart meter services provided must protect privacy and trusted by default; the principle of privacy-by-design should be followed at all times during development and in operation; so that the customers do not have to be concerned about their own privacy,” he added.

Demo Steinkjer

The research into smart grid security threats has been performed by SINTEF, with funding from Telenor. It is part of the overall project called Demo Steinkjer, which is organised by the local utility NTE and supported by the Norwegian Smart Grid Centre.

Demo Steinkjer invites partners to test innovative products and services associated with smart meters and smart grids. Steinkjer is a community of 20,000 people in the middle of Norway. This pilot project enables partners to test smart customer solutions, local and national energy markets, and intelligent storage solutions including electric vehicles among this small community.