14 July 2009 | 11,457 views

Smart Grid Security Risks – Not So Smart Electricity Meters

Check Your Web Security with Acunetix

You might recall we’ve discussed the security of Industrial Control Systems before, the latest ‘evolution’ is the so called Smart Grid.

Which in all honestly, doesn’t seem to be very smart at all. In basic terms they are trying to turn the power-grid into a two way communication medium so consumers homes can report back to the grid what they are using and they can be disconnected via software rather than requiring physical intervention.

The scary part is there’s no encryption and many things are done without authentication, meaning with a little reverse engineering you can probably shut down the power to anyone on the not-so-smart grid.

New electricity meters being rolled out to millions of homes and businesses are riddled with security bugs that could bring down the power grid, according to a security researcher who plans to demonstrate several attacks at a security conference next month.

The so-called smart meters for the first time provide two-way communications between electricity users and the power plants that serve them. Prodded by billions of dollars from President Obama’s economic stimulus package, utilities in Seattle, Houston, Miami, and elsewhere are racing to install them as part of a plan to make the power grid more efficient. Their counterparts throughout Europe are also spending heavily on the new technology.

There’s just one problem: The newfangled meters needed to make the smart grid work are built on buggy software that’s easily hacked, said Mike Davis, a senior security consultant for IOActive. The vast majority of them use no encryption and ask for no authentication before carrying out sensitive functions such as running software updates and severing customers from the power grid. The vulnerabilities, he said, are ripe for abuse.

An embedded hardware system that will accept new firmware without authentication and nothing is encrypted? That is a hackers playground!

I hope they consider re-architecting the whole system ASAP on a secure platform and rolling that out as a software update. This is no small matter, this is the power grid we are talking about here – lives and business can be seriously effected by someone malicious who wanted to screw up the system.

Imagine if you work out the system and get in there first installing your own firmware which won’t accept any more updates from the main Grid system.

“For an embedded platform, they’re kind of scary,” he said. “It’s really not designed from the ground up for security. Just imagine if somebody is outside your house and has the unique identifier that’s printed on your meter.”

Companies that make gear for smart grids include GE Energy, The ABB Group, Sensus Metering, Itron and Landis+Gyr

One deficiency common among many of the meters is the use of insecure programming functions, such as memcpy() and strcpy(), which are two of the most common sources of exploitable software bugs. In many cases, the devices use general purpose hardware and software that aren’t designed for highly targeted or mission critical systems.

And all paid for by the new president and his generous stimulus packages. It seems like the whole thing has been taped together with band-aids.

There’s no excuse at all for using insecure programming functions in this day and age, I mean it’s 2009 for goodness sake.

How long has C programming been around now? And the concept of security and secure programming, especially for critical infrastructure systems like this.

Source: The Register (Thanks Alan)



Recent in Hardware Hacking:
- Hackers Recreate NSA Snooping Kit Using Off-the-shelf Parts
- SHODAN – Expose Online Devices (Wind Turbines, Power Plants & More!)
- 14-Year Olds Hack ATM With Default Password

Related Posts:
- DllHijackAuditor – Free Audit Tool For DLL Hijack Vulnerability
- What Next? The Poker Rootkit of Course!
- Security Researchers Afraid to Reveal Vulnerabilities

Most Read in Hardware Hacking:
- Elevator/Lift Hacking !!!!! - 76,540 views
- Military Communications Hacking – Script Kiddy Style - 49,387 views
- Hackers Crack London Tube Oyster Card - 41,809 views

Low-cost VPS Hosting

4 Responses to “Smart Grid Security Risks – Not So Smart Electricity Meters”

  1. JibbaJabber 14 July 2009 at 7:21 pm Permalink

    Of course, to screw with the dumb grid, all you need is a pair of boltcutters and flip a switch. :)

  2. Dan Philpott 15 July 2009 at 2:23 am Permalink

    The Smart Grid specs are still being worked out so inferring from security problems with smart devices used now that the Smart Grid will have poor security is not entirely accurate. From what I can see there is encryption but where and how it is used depends on what part of the Smart Grid you are talking about.

    If you are motivated the information on the Smart Grid specs development is publicly available. To see the conversations made about Security during the first Smart Grid workshop (Interim Roadmap Workshop 1) you can have a look Track C: Security here:

    http://collaborate.nist.gov/twiki-sggrid/bin/view/_SmartGridInterimRoadmap/WorkshopITrackC

    The Report to NIST on the Smart Grid Interoperability Standards Roadmap is in it’s comment phase so if you have constructive criticisms and comments you may want to comment. It is available here:

    http://www.nist.gov/smartgrid/InterimSmartGridRoadmapNISTRestructure.pdf

  3. Alan 15 July 2009 at 7:27 am Permalink

    @JibbaJabber. This is of course true, except with a dumb grid you have to be physically near your target location and not half way around the country :P No physical danger either and I wouldn’t be surprised if there is very little logging or it’d be easy to wipe one’s tracks.

  4. Alan 15 July 2009 at 10:29 am Permalink

    @Dan. It’s good to see there is a decent plan behind what is essentially a pretty good idea. Thanks for the heads up and detailed information.

    The original article from the register was posted on the 12th of June so it’s a little outdated and prior to the release of the Road map link you posted, nonetheless it points out the fact that the vendor products which were tested are shocking to say the least.

    Hopefully those products don’t see the light of day as they need a bus load of improvements.