Is your utility meter getting personal?

Oct 30, 2012 by Steven Powell

As of 2010, more than a third of all utility meters in the United States used wireless automatic meter reading (AMR) technology – 47 million in all. They make it a lot easier for the utility company to gather data on electricity, natural gas and water usage. But as a University of South Carolina research team has shown, it's possible for their unencrypted broadcasts to be intercepted, giving a sophisticated eavesdropper a window into household activities.

Lead researcher Wenyuan Xu, a professor in USC's College of Engineering and Computing, says that much of the focus in the research security community right now is on the next generation of devices, the so-called "smart" meters. Utilities hope in the future they will be able to use these to match to individual houses with overall demand, enabling much more efficient allocation of resources.

"There's been a lot of discussion about smart meters and whether they're secure or not," said Xu. "But smart meters are not yet widespread. So we wanted to look at the wireless readers common now. Are they secure? Will they leak private information?"

Wireless meters greatly reduce the need for human operators. A single truck can drive through a neighborhood and collect usage information on hundreds of dwellings that previously required a reader to walk to each meter and record data by hand.

Xu and her team reported at October's Association for Computing Machinery (ACM) conference on Computer and Communications Security that they found neither security nor privacy in the representative AMR systems they tested. AMR systems use proprietary devices and communications protocols, and Xu's team was able to reverse-engineer the transmissions to obtain access to the usage data.

Once they understood how to read the data, they conducted an eavesdropping experiment in a local apartment complex. Using a modestly priced antenna and laptop located inside one of her graduate student's apartment, they were able to detect dozens of nearby electricity meters. By adding an inexpensive amplifier to the system, they were able to gather electrical data from every apartment in the complex – hundreds of units up to 500 yards away.

"We were able to detect even further than we expected," said Xu. "The complex had 408 units, but we were able to see 485, so we were seeing beyond the complex itself."

The data being transmitted had the potential to be matched to the individual dwellings because the transmitted packets contained an identification number that was stamped on the meter itself.

The team's analysis showed that, beyond raw usage data, a range of information could be deduced from analyzing the meter's activity, particularly when it came to electricity. "Most electrical meters broadcast data every 30 seconds," said Xu. "The gas and water meters, because they run on batteries, only transmit data after a wake-up call."

The detailed electricity data gave information about activities within the household – when the inhabitants got up, went to work and got home, for example. The team was able to deduce that 27 of the apartments within the complex were unoccupied.

That sort of information could be harmful in the wrong hands. Xu is careful not to reveal too much detail in her publications, she said. "We don't want the bad guys to know too much. It's about letting the right people know what needs to be better protected."

The good news is that reliance on what's often called "security through obscurity" appears to be working. Obtaining personal household data through wireless meters is difficult. What Xu and her team hopes is that drawing attention to the potential for problems might help the industry realize the necessity of designing systems with security in mind.

"The meter data should have been encrypted before transmission and authenticated by readers in the drive-by trucks to prevent the potential misuses that we've discovered," said Xu.

Explore further: Engineering new vehicle powertrains

add to favorites email to friend print save as pdf

Related Stories

Report: 'Smart' meters have security holes

Mar 26, 2010

(AP) -- Computer-security researchers say new "smart" meters that are designed to help deliver electricity more efficiently also have flaws that could let hackers tamper with the power grid in previously ...

Tire-pressure monitors vulnerable, researchers say

Sep 02, 2010

(PhysOrg.com) -- Wireless tire pressure monitoring systems designed to alert drivers to problems with low tire pressure can be intercepted or forged, causing possible security or privacy threats, according to research at ...

New 'smart' electrical meters raise privacy issues

Nov 06, 2009

The new "smart meters" utilities are installing in homes around the world to reduce energy use raise fresh privacy issues because of the wealth of information about consumer habits they reveal, experts said ...

Recommended for you

Engineering new vehicle powertrains

16 hours ago

Car engines – whether driven by gasoline, diesel, or electricity – waste an abundance of energy. Researchers are working on ways to stem this wastefulness. Ultramodern test facilities are helping them ...

First self-contained step dimming LED tube

Sep 30, 2014

Samsung Electronics today introduced the industry's first AC Direct step-dimming LED linear replacement for T8 and T12 fluorescent tubes at the National Electrical Contractors Association (NECA) Convention ...

Battery system will be able to light 2,500 homes

Sep 30, 2014

One of the largest, most environmentally-friendly, battery-based energy storage systems in the nation will be installed at the University of California, San Diego the campus announced today (Sept. 29).

User comments : 0