Security and Privacy in Smart Meters and Smart Grids. EECE 512 Konstantin Beznosov

Similar documents
Cyber Security and Privacy Issues in Smart Grids

What can a small device do in modern industrial World.

SMART METER ANALYTICS:

The DCUs collect data transmitted by the MTUs, providing reliable and flexible communication for all your metering needs.

WIRELESS HOME NETWORK CONTORL MECHANISM FOR STANDBY POWER REDUCTION

GENERAL. Q: IS AUDACY MADE IN THE USA? A: YES: Made in the USA from US and Global Components.

Design and Development of Power Monitoring and Controlling System using Wireless Zigbee Network

Security and Privacy Issues In Smart Grid

FIELD COLLECTION SYSTEM ROUND TABLE. Rich Layton Itron

THE PREPAID METERING SOLUTIONS.

Evaluation of Utility-Privacy Trade-Offs of Data Manipulation Techniques for Smart Metering

Mi.Net Mobile. Transceiver. Mueller Systems. operating Instructions manual

TEST board for RF module CDP series ECB-03 & DCB-03

AB Axis Industries. Use

Bob Warden. IP Metering and the Smart Grid WAN Revolution October 27, 2008

Electronic Capstone Paper Sample

Research on Two - Way Interactive Communication and Information System Design Analysis Dong Xu1, a

NET NEUTRALITY AND QUALITY OF INTERNET ACCESS INTERNET POLICY

An update of the AMR project at Tshwane

Security analysis of Dutch smart metering systems

Proven results Unsurpassed interoperability Fast, secure and adaptable network. Only EnergyAxis brings it all together for the Smart Grid

WELCOME. Landis+Gyr Technical Training Catalog

MiNet Mobile Collector Installation Guide

Designed for commercial, residential and industrial applications, guarantee rapid installation with few and easy connections.

Embedded System Security. Professor Patrick McDaniel Charles Sestito Fall 2015

Design of Underground Current Detection Nodes Based on ZigBee

Technology Primer. HOBO Data Nodes: Advanced Technology for Wireless Energy and Environmental Monitoring

NXP Semiconductors Smart Grid, Smart Mobility. Maurice Geraets June 2014

Singapore Deregulation and Smart Homes

Wireless Network Security Spring 2011

NTC-30WV-03. Outdoor Industrial Router. December 2012

CWNA Exam PW0-100 certified wireless network administrator(cwna) Version: 5.0 [ Total Questions: 120 ]

Presenter: Asim Sinan Yuksel. Submitted in Partial Fulfillment of the Course Requirements for. ECEN 689: Cyber Security of the Smart Grid, Spring 2011

EMU-2. Energy Monitoring Unit. User Manual

Rocky Mountain Power Docket No Witness: Rohit P. Nair BEFORE THE PUBLIC SERVICE COMMISSION OF THE STATE OF UTAH ROCKY MOUNTAIN POWER

WELCOME. Landis+Gyr Technical Training Catalog

Data Analytics for IoT: Applications to Security and Privacy. Nick Feamster Princeton University

J Do not fit rechargeable batteries. j Keep the Duet II away from. L For use in a dry, indoor. J It is not necessary for you to

Datasheet. Millimeter-Wave Radio (MMW) Security of MMW. Overview

Tech note. Submetering? Don t Take the Hardware for Granted

Itron s New 100G Gas ERT Module Janet Penz Sr. Product Manager, Gas EndPoint Strategy

Distributed Internet-Based Load Altering Attacks Against Smart Power Grids Authors: A.-H. Mohsenian-Rad and A. Leon-Garcia

FAST EnergyCam. The Smart Clip-on Meter Reader for Home and Business

PixController, Inc. Wireless Magnetic Switch Sensor For Doors, Windows, and Gates

Cyan Technology Ltd. Smart energy solutions. Meeting the challenges of smart metering in emerging regions

printeract, Xerox Remote Services Overview

Power Attack Defense: Securing Battery-Backed Data Centers

Installation Guide Solid State Meter

DETECTING, DETERMINING AND LOCALIZING MULTIPLE ATTACKS IN WIRELESS SENSOR NETWORK - MALICIOUS NODE DETECTION AND FAULT NODE RECOVERY SYSTEM

Smart Router Use Cases

Cross-Domain Security Issues for Connected Autonomous Vehicles

GL116 ENCODER/DECODER MANUAL GLOLAB CORPORATION

Advanced Metering Infrastructure (AMI)

Bi Directional Wireless IR Repeater System User Guide

Smart Grid: Implications for Convergence

Redwood City, Sensus & AMI

II. ZigBee technology. III. ZigBee technology as the basis of wireless AMR system

Wireless Sensor Networks (WSN)

SECURITY OF CPS: SECURE EMBEDDED SYSTEMS AS A BASIS

Secure Your Way of Life. Now Compa ble With. HSVGW-G Series Home Security Voice Gateway Series. Take Smart Living Up a Notch

Wireless Control Systems

Sensor Application for Museum Guidance

H202 中文 GB Version 1

The Internet of Things. Steven M. Bellovin November 24,

User manual for residents

WHAT FUTURE FOR CONTACTLESS CARD SECURITY?

Vehicle to Vehicle Safety Device - An Ease for Safe Driving

International Journal of Electronics and Communication Engineering & Technology (IJECET), INTERNATIONAL JOURNAL OF ELECTRONICS AND

DENVER DTB-136H H.265 DVB-T2 RECEIVER

SI-103. Flood Sensor. User Manual

The network node works extremely well in more complex building environments (e.g. where fire doors/glass walls are installed).

HEMS 2000 Home Energy Management System

AudioCast Receiver Owners Manual

An Efficient Low Power Transmission Over Long Range in Wireless Sensor Networks for environmental studies

Topics. Introduction Architecture Node Types Network Topologies Traffic Modes Frame Format Applications Conclusion

Guide to Wireless Communications, 3 rd Edition. Objectives

PixController, Inc. Wireless Switch Sensor For Normally Open (NO) and Normally Closed (NC) Sensors

Wireless Network Security Spring 2014

T7270B1009 WIRELESS WALL MODULE

Wi.232DTS and Mesh Networking for short range applications in the US market

Security of vehicular communications. Vehicular communication (VC) systems

Ubiquitous and Context Aware Computing: Overview and Systems

AMI: Communications and Integration Options

Chapter 8: Smart Grid Communication and Networking

WaterCress Portfolio

MASKER: Masking for privacy-preserving aggregation in the smart grid ecosystem

The development of wireless communication technology for smart gas meters in Japan

AMI Implementation in Singapore

Overview of Security

Secure Routing in Wireless Sensor Networks: Attacks and Countermeasures

Controlling electrical home appliances, using Bluetooth Smart Technology (October 2015) Pedro José Vieira da Silva

Wi-Fi Backscatter: Internet Connectivity for RF-Powered Devices

Naveen Kumar. 1 Wi-Fi Technology

TETRA for SCADA Challenges in CLP

Home Electric Energy Monitoring System - Design and Prototyping -

IEEE PROJECTS ON EMBEDDED SYSTEMS

Wireless Attacks and Countermeasures

our experience...your solution Controlling and Monitoring Gateway

DAISY Data Analysis and Information SecuritY Lab

printeract, Xerox Remote Services A step in the right direction

Transcription:

Security and Privacy in Smart Meters and Smart Grids EECE 512 Konstantin Beznosov

smart meter background what networked embedded systems use state measurement circuits that can record minute- or second-level profiles of energy usage (load profiles) promise: better efficiency & reliability dynamic pricing schemes remote meter reading improved power outage reporting load curtailment in emergencies how: self-monitoring self-diagnosis demand-response communication privacy concerns due to fine-grained energy consumption data monitoring the power consumption of several households to identify temporarily vacant homes and timing burglars' break-ins estimating the number of residents in a household based on the frequency of power switches turned and the number of appliances simultaneously in use monitoring the location of a resident inside the home based on the type of appliances being used tracking eating, sleeping, and to some extent exercise habits by monitoring household appliance usage identifying the TV channel or movies being watched since television power consumption changes with the image being displayed security concerns of integrity & authenticity of the reported data underreporting energy usage or inflating the utility bills of a neighbour!!2

Automatic Meter Reading autonomously collects the consumption and status data from utility meters (e.g., electric, gas, or water meters) and delivers the data to utility providers for billing or analysis purposes AMR Meters metering engine: measures the consumption Encoder-Receiver-Transmitter (ERT): microprocessor & low-power radio transmitter periodically reports information such as meter ID, meter reading, tamper status AMR Readers: handheld devices for field investigation or walk-by meter reading, highly sensitive mobile collectors for drive-by meter reading, a network of permanently installed collectors and repeaters for reporting AMR meter readings in real time from [1] [1] Ishtiaq Rouf, Hossen Mustafa, Miao Xu, Wenyuan Xu, Rob Miller, and Marco Gruteser. 212. Neighborhood watch: security and privacy analysis of automatic meter reading systems, In Proceedings of the 212 ACM conference on Computer and communications security (CCS 12). ACM, New York, NY, USA, 462-473. DOI=1.1145/2382196.2382246!3

reverse engineering AMR communications reverse engineering requires modest effort an ERT reader and programmable radio costing $1, no encryption bubble- up meters: anyone can eavesdrop on the real time consumption of customers with meters. wake-up meters: consumption data can be eavesdropped on at arbitrary rates using activation signals battery drain attacks: After receiving an activation signal, wake-up meters will immediately transmit a packet no authentication the ERT reader accepts any AMR transmission with a proper packet format no input validation When receiving multiple packets with the same meter ID but conflicting meter readings, the ERT reader will accept the packet with the strongest signal without reporting any warning.!4

decoding with and without low noise amplifier Meters decoded using LNA only. M Meters decoded without using LNA. Location of the RF sniffer and omni-directional antenna. 2 m Figure 6: An aerial view of the neighborhood where we performed our eavesdropping experiments. Each blue triangle or red star represents a group of four or five meters mounted in a cluster on an exterior wall. Using an LNA and a 5 dbi omnidirectional antenna, we were able to monitor all meters in the neighborhood. Some sniffed meters may be out of the scope of this view. area with sparse two-story independent houses and an urban area with several connected three-story apartment buildings plifies the received signal strength (RSS) of each packet and thus increases the likelihood of successful decoding. To il-!5

Nu (c) 12.5 MHz pph per meter what can (d) 12.5 one MHz learn from stats? gure 8: Histogram of received packets per hour ph) from each meter using a narrowband sniffer MHz) or a wideband sniffer (12.5 MHz). 3 from [1] no. of meter 2 1.5 1. 1.5 2. 2.5 3. kw gure 9: 27 The meters distribution exhibited of less electricity than 16Wh consumpn for meters hourly in the power author s consumption neighborhood. 27 eters exhibited less than 16Wh hourly power conmption, indicating 27 apartments unoccupied. onding apartment units were likely to be unoccupied at e time of our experiments. This is an example of potenlly sensitive information that can easily be obtained on is neighborhood scale. In this experiment, we were only le to receive a few packets per hour (pph) for a large porn of meters. Methods to increase received packet rates are ailable and therefore finer granularity data and additional sitive information from the neighborhood could likely be tained. We will examine this next. INFERRING HOUSEHOLD EVENTS We now study to what extent it is possible to infer detailed usehold activities and events from the obtained data are e risks similar to those of smart meters? The lower update daily routine from [1] Figure 12: An RF sniffer can collect data that suffice to infer daily routines, which could be misused by thieves. [Top to bottom] The electricity consumption over a 24-hour period that are collected using (1) a camera or an IR photodiode circuitry; (2) an ideal RF sniffer receiving all packets; (3) a real meter being studied; (4) a narrowband RF sniffer that eavesdrops on one channel only. kw kw kw 4 3 2 1 T 8 6 4 2 3am 6a 8 6 4 2 3am 6a Figure 13: The da sumption of a hous patterns.!6

redesign the protocol against spoofing radio fingerprinting anomaly detection AMR security manual checking to detect spoofing use wake-up mode rather than bubble-up privacy preserving jamming!7

Ishtiaq Rouf, Hossen Mustafa, Miao Xu, Wenyuan Xu, Rob Miller, and Marco Gruteser. 212. Neighborhood watch: security and privacy analysis of automatic meter reading systems, In Proceedings of the 212 ACM conference on Computer and communications security (CCS 12). ACM, New York, NY, USA, 462-473. DOI=1.1145/2382196.2382246!8

smart meters [2] Weining Yang, Ninghui Li, Yuan Qi, Wahbeh Qardaji, Stephen McLaughlin, and Patrick McDaniel. Minimizing private data disclosures in the smart grid. In Proceedings of the 212 ACM conference on Computer and communications security (CCS '12). ACM, New York, NY, USA, 415-427. DOI=1.1145/2382196.2382242

!1 risks risks & countermeasures with Non-Intrusive Load Monitoring (NILM), load profiles can be analyzed to reveal individual appliance usage sleep patterns number of occupants times of vacancy leakage to both utility companies and third parties countermeasures Battery-based Load Hiding (BLH) battery partially supplies the net demand load from the house to alter the external load strategy: flatten the load profile to a constant value as often as possible

!11 18 16 14 12 Power (kw) Power (kw) (volts) 1 8 6 4 2 9/16 : 9/16 12: 9/17 : 9/17 12: 9/18 : 9/18 12: 9/19 : 9/19 12: time (seconds) from [2]

!12 25 2 25 2 power(w) 15 1 power(w) 15 1 5 5 3 31 32 33 34 35 3 31 32 33 34 35 (a) Original demand load (b) External load by BE 25 25 2 2 power(w) 15 1 power(w) 15 1 5 5 3 31 32 33 34 35 3 31 32 33 34 35 (c) External load by NILL (d) External load by LS2

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback