New research shows how vendors can ‘hackproof’ smart meters and other devices connected to a smart grid.
Cybersecurity researcher Karthik Pattabiraman, an associate professor of electrical and computer engineering at the University of British Columbia (UBC), explained what could happen if attackers gained access to a household’s smart meter: “They could deactivate your alarm system, see how much energy you’re using, or rack up your bill. In 2009, to cite one real-life example, a massive hack of smart meters in Puerto Rico led to widespread power thefts and numerous fraudulent bills.”
There is even a danger that hacked meters could cause house fires and explosions or a widespread blackout.
“Unlike remote servers, smart meters can be relatively easily accessed by attackers, so each smart meter must be quite hackproof and resilient in the field,” Pattabiraman explained.
Working with PhD student Farid Molazem Tabrizi, he developed an automated program that uses two detection methods for software-interference attacks, where the attacker accesses the meter and modifies its communication interfaces or reboots it. With such an attack the meter is unable to send data to the grid, or it keeps sending data when it shouldn’t or performs other actions it wouldn’t normally do.
Firstly, they created a virtual model of the smart meter and represented how attacks can be carried out against it – known as design-level analysis. Secondly, they performed code-level analysis – probing the smart meter’s code for vulnerabilities, and launching a variety of attacks on these vulnerabilities.
Code-level analysis found nine different types of attacks within an hour, while design-level analysis found three.
By using both the design-level and code-level approaches, vendors can test their designs and guard against software tampering on two different fronts.
“Our findings can be applied to other kinds of devices connected to a smart grid as well, and that’s important because our homes and offices are increasingly more interconnected through our devices,” Pattabiraman added.
While there is no such thing as 100% protection, “I believe the fact that our techniques were able to find not just one or two vulnerabilities, but a whole series of them, makes them a great starting point for defending against attacks,” he concluded.