[Cryptography] Smart electricity meters can be dangerously insecure, warns expert

Arnold Reinhold agr at me.com
Mon Jan 16 08:06:54 EST 2017 

> On Jan 14, 2017, at 4:05 PM, Ian G <iang at iang.org> wrote:
> 
> 
> 
> On 04/01/2017 16:41, Arnold Reinhold wrote:
>> Late last century I had a gig at Foxboro Corporation, a well-respected manufacturer of industrial instrumentation and control systems. The stuff I was working on was electronic and computer based, but they had been in business since 1908 and had developed many intricate, mechanical and pneumatic sensors and control systems, which they still supported. After the Iran-Iraq war, Foxboro got a flood or orders for the older, non-electronic devices from refineries and chemical plants in the Middle East because they had proved more resilient in war time than the newer electronic systems. We need to heed that lesson in the context of cyberwar.
> 
> Were the failures due to electrical failures?  Or was there a specific cyber attack element that was taking out the gear?
> 

As far as I know there was no cybersecurity in industrial controls back then, hence the effectiveness of Stuxnet. And it wasn’t just electrical failures, it was overall robustness in situations where refineries and the like came under conventional attack (bombs, shelling). The mechanical stuff was more likely to keet working and could be more easily repaired after an attack. 


>> More to the point, however:
>> 
>>> So ... I think the power guys are just out of their depths here.  It'll take a while for them to develop the necessary expertise to integrate modern processors properly.
>>>                                                
>> One skill essential to any good engineer is knowing when you are out of your depth and finding engineering resources with the necessary skills. So in this regard the power guys are likely in better shape than the vast majority of commercial, government and non-profit enterprises, who have few if any traditional engineers on the payroll, and probably none in management. (I’m not counting the IT department, which every enterprise has.) The problem I see is where does our power engineer go to to get reliable advice on a security design? There is so much snake-oil security out there. Vendors have their products to sell, right or wrong, government security agencies want to protect their offensive capabilities, standards bodies are not specialized in computer security and treat it as one more chapter in stove-piped specs. Who would you recommend?
> 
> I recommend the good engineer acquire the necessary skills and do it herself.
> 
> Because of the issues you (and Peter and Jerry) list, the success rate of outsourcing to experts isn't high, so can a good engineer learn enough to leap a rather low bar?  Typically, yes.  Is it state of the art?  No.  Is state of the art available?  No.
> 
> Is the alternate a secure system, or a standards system that delivers too late and too little, or nothing?
> 
> What's the compromise?  Typically, it takes a couple of good engineers to put together a cheap & cheerful security protocol for a narrow use case.  Or it takes an industry to make a standard that's over generalised and introduces security impedance mismatches so it typically can't also ever meet state of the art.  Clear economics point to "do it yourself.”
> 

I’ve seen too many bad security products designed by people who thought they knew enough, but didn’t, to accept telling engineers to "do it yourself” as the answer to the question I posed. Your right that industry standards tend to be too late and too bloated, (and possibly sabotaged by state actors). I think we need some sort of professional organization to develop lighter weight standards  that can become components in engineered systems. NaCl is a start. But why not develop a few simple use cases, e.g. simple machine to machine message passing, and designing solutions around them? 

Arnold Reinhold

More information about the cryptography mailing list