[Cryptography] Smart electricity meters can be dangerously insecure, warns expert

Arnold Reinhold agr at me.com
Mon Jan 2 23:01:39 EST 2017 

> On Jan 2, 2017, at 4:10 PM, Harlan Lieberman-Berg <hlieberman at setec.io> wrote:
> 
> Arnold Reinhold <agr at me.com> writes:
>> The problem is a broader one in my view, the lack of a body that sets
>> security standards with enough clout to say, no, really, you have to
>> do this.
> 
> I think it's even more fundamental: it's a simple tragedy of the
> commons.  The meter manufacturers have no particular desire to spend
> money (both in parts and, more significantly, in development and QA
> time).  The power company doesn't really care, since any problem can
> inevitably be blamed on someone else (THE EVIL HACKERS DID IT!  RUSSIA!
> CHINA! THE NSA!), and the customers have ~no say in the products that
> they choose.  (The power company is the one who selects the meter, at
> least in the situations I'm familiar with.)
> 
> This is a spot that security gets dumped into a lot.  I wonder if
> liability shifting could help fix the problem, or if that's just going
> to end up in the same situation we're in now.  ("Nothing bad has ever
> happened from doing X, so why change now?")  Regulatory solutions as you
> recommend can certainly solve them, if they're government ordered.  I
> fear even a voluntary standards body might not be enough, since the
> "customers" here (the power company) doesn't have particular incentive
> to do anything but choose the lowest cost option.
> 
> -- 
> Harlan Lieberman-Berg
> ~hlieberman

I’m afraid I don’t find that a satisfactory explanation. There is no unregulated commons here. The power company owns the meter and the upstream infrastructure and is responsible for reliable power delivery. If anything power companies are ideal customers for good security solutions. They are used to creating and following detailed specifications for everything they build, and they generally procure high quality equipment that is designed to work for decades. Much of their management has an engineering background. The utilities are typically regulated monopolies that get paid a reasonable return on invested capital, so if anything they have an incentive to buy premium products. The meter company will produce what their major (only?) customer demands and can earn extra profits from a more complex product. The crypto authentication code could be incorporated in the radio modem, which could be a purchased black box from the smart meter manufacturer’s perspective. I think there is a puzzle piece missing here.

Peter Gutmann wrote:

> Probably a few tens of cents.  Plus the cost of redesigning your hardware from
> scratch, rewriting your code to fit the new hardware, testing it in the lab
> and in the field, and getting the hardware and software certified to stringent
> industry standards.  And then replacing all the infrastructure in the field.
> Shouldn't take more than ten years of effort, fifteen tops.

It’s entirely possible the smart meter PKI spec is too new for compliant meters to be available yet, in which case there is no story here. It’s just too early. But we know from the links you supplied previously that companies with serious technical competence, like BT, are eager to supply this market. I’m sure SoC and radio modem vendors are interested too. Getting product to market shouldn’t take ten years.

Arnold Reinhold

More information about the cryptography mailing list