Security analysis of Dutch smart metering systems
Security analysis of Dutch smart metering systems
Sander Keemink and Bart Roos
July 2, 2008
1 / 19
Security analysis of Dutch smart metering systems
1 Smart metering introduction
2 Theoretical research
3 Practical research
4 Recommendations
5 Conclusion
2 / 19
Security analysis of Dutch smart metering systems
Smart metering introduction
Smart Metering goals
Accurate billing
Insight in energy usage
NTA Dutch Technical Agreement
First GenerationSmart meters
NTA 8130
2008 2009 2010 2011
Law in effect
First Evaluation
Second Evaluation
Second GenerationSmart metersNTA 8130 plus
3 / 19
Security analysis of Dutch smart metering systems
Smart metering introduction
NTA
Page 6 of 137
File name: Dutch Smart Meter Requirements v2.2 final Main.doc Date: 18-04-2008
Author: KEMA Consulting Config. ID: B101
Version: 2.2 Final Project: Functional and technical specifications Smart Meters
1 INTRODUCTION
1.1 The Dutch standard for smart metering (NTA 8130)
The Ministry of Economic Affairs has at first commissioned the Netherlands Normalization
Institute, NEN, to formulate and describe a standardized minimum set of basic functions for
remotely readable metering for electricity, gas, thermal energy (heat and cold) and water for
domestic consumers (in this document we use the expression domestic consumers although
small scale consumers might be more appropriate). Under the auspices of the NTA 8130 pro-
ject group, set up for this purpose by NEN, work has been performed on the drafting of re-
quirements that ‘smart metering systems’ must satisfy. During the formulation process, the
formal field of view of mandatory functions has been reduced to electricity and gas. For water
and thermal energy, recommendations are given in an appendix. This process has been fi-
nalized in April 2007, as its result, a so-called Netherlands Technical Agreement called
“Minimum set of functions for metering of electricity, gas and thermal energy for domestic
customers” has been brought out. The reference number of this Netherlands Technical
Agreement is NTA 8130.
The document “Dutch smart meter requirements” is an elaboration of the NTA8130, commis-
sioned by the Dutch grid companies (ENBIN), and aimed at meter interoperability. Also re-
quirements have been added, mainly with respect to installation & maintenance, quality and
performance.
1.2 Short description of the metering installation
Figure 1-1 – Communication ports belonging to the metering installation
CAS
Independent Services Provider
Supplier
Grid company
P1
G
E
Metering
system Other
Services
Module
W/T
P3
P2
P4
P0
4 / 19
Security analysis of Dutch smart metering systems
Smart metering introduction
Your energy usage
What do you see in this image?
230 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22
Hour of day
Label
U
S
A
G
E
indicative
Electricity Water Gas5 / 19
Security analysis of Dutch smart metering systems
Smart metering introduction
Research objective
“Analyze the possible impact of the use of smartmetering systems on the security of electricity meteringusing the CIA-triad and minimum requirements as statedin the NTA-8130 regulation. Compare the NTA and apreferred situation with the smart metering systems thatare currently implemented.”
6 / 19
Security analysis of Dutch smart metering systems
Theoretical research
Theoretical research
Defined the need for security using the CIA-triad
Analyzed the NTA security requirements:
P0 Not defined
P1 Read-only
P2 Encryption allowed if interoperable
P3 Grid operator should take ‘appropriate measures’
P4 Grid operator should take ‘appropriate measures’
P5 Out of scope
Defined possible attack vectors based on CIA-triad
7 / 19
Security analysis of Dutch smart metering systems
Practical research
Port 0 security
Optical interface (all meters)
Programming buttons (some meters)
Security measures
Switch behind security sealTamper detection
8 / 19
Security analysis of Dutch smart metering systems
Practical research
Port 2 security
WiredM-Bus without encryptionM-Bus interfaces widely availableSimulate gas or water meter (slave)Simulate electricity meter (master)
WirelessProprietary protocolsWireless M-Bus not being used
10 / 19
Security analysis of Dutch smart metering systems
Practical research
Port 3 security
Communication methods:
PowerLine Communication (PLC)GPRSEthernetRadio Frequency mesh (RF)
Risks
Sniffing (Serial GPRS modem and Ethernet)Disrupting communicationsDenial of Service attacks
11 / 19
Security analysis of Dutch smart metering systems
Practical research
Port 5 security
Risks
SniffingMan-in-the-Middle attackShoulder surfing for credentialsThe usual risks
Basic security measures
SSL (HTTPS)Strong authentication
13 / 19
Security analysis of Dutch smart metering systems
Recommendations
Recommendations
NTA:
Aggregate data per day, week or month
More specific security requirements in NTA
Port 0 should be part of NTA
Including minimal security requirements
16 / 19
Security analysis of Dutch smart metering systems
Recommendations
Recommendations
Supplier and grid operators:
Do not trust security seals
Data availability can not be guaranteed
Use open encryption on all links
Do not underestimate privacy aspects
Use SSL and strong passwords on website
Perform data checks to verify correctness of data
17 / 19
Security analysis of Dutch smart metering systems
Conclusion
Conclusion
Privacy underestimated
NTA not specific enough about security
Security of meter management functions not sufficient
No secure channel between electricity and gas or water meter
Supplier websites should improve their security
18 / 19