Securing the Smart Grid: The Road Ahead - Page 2

By Joshua Pennell | Posted Feb 5, 2010
Page 2 of 3   |  Back to Page 1
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

In 2008, IOActive researchers evaluated the security of a series of smart meter devices and uncovered several security vulnerabilities. In addition to being vulnerable to common attack vectors, IOActive achieved proof-of-concept, worm-able code execution on standard smart meters. Since the smart meter's radio communication chipset is publicly sourced and the communication protocols lacked authentication and authorization, IOActive researchers were able to leverage these weaknesses—among others—to produce a proof-of-concept worm. If an attacker were to install a malicious program on one meter, the internal firmware could be made to issue commands that would flash adjacent meters until all devices within an area were infected with the malicious firmware.

Theoretically, once the worm spreads to meters, the attacker gains several abilities including connecting and disconnecting customers at predetermined times; changing metering data and calibration constants; changing the meter's communication frequency; and rendering the meter non-functional.

While IOActive's findings are serious and warrant immediate attention, it is certainly not too late to secure the Smart Grid. So, how is that done, exactly? Just like remediating any serious security vulnerability, securing the Smart Grid is a joint effort that requires the support of utility companies, smart meter vendors, the government, and leading privacy and security experts.

Utility companies are in a powerful position to secure the Smart Grid because they can apply pressure to meter vendors so that they produce more secure devices. By continuing to conduct security reviews that test the meters' security, quality, and reliability for the entire duration of the product lifecycle, utilities can ensure that meter vendors continually improve their security protocols. 

To help meter vendors develop more secure products, IOActive advocates for the adoption of leading security methodologies including Microsoft's Secure Development Lifecycle (SDL). Taking a proactive stance, the SDL implements security and privacy measures during each stage of a product's development, requires third-party auditing, and conducts a final review before software is released. The SDL also makes business sense, as it is a proven tool to save money—studies indicate that overall project costs are 60 times higher when gaps in information security controls are addressed late in the development phase. 

Following an SDL will help meter vendors resolve many of the design flaws discovered in their devices including the lack of layered defenses. Multiple layers of defense provide the best security, using the theory that if one mechanism fails you have several others to prevent a breach. It is especially important for smart meters to have a layered defense because they are installed on the outside of homes with minimal physical protection. Without a layered defense in place, someone with a basic understanding of electronics could easily steal a meter, reverse engineer it, and potentially uncover exploitable vulnerabilities.

Contributing to the lack of layered defenses, IOActive discovered that strong encryption, authentication, and authorizations were often poorly implemented in smart meter devices. IOActive found that many devices do not use encryption or implement any authentication before carrying out sensitive functions like executing software updates and performing disconnect operations. Even when meters had encryption algorithms in place, it was found that functionality was unmanageable, and that the keys were often exposed, extremely weak, and could be recovered through simple hardware hacking techniques.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter