Is your utility meter getting personal?

Oct 30, 2012 by Steven Powell

As of 2010, more than a third of all utility meters in the United States used wireless automatic meter reading (AMR) technology – 47 million in all. They make it a lot easier for the utility company to gather data on electricity, natural gas and water usage. But as a University of South Carolina research team has shown, it's possible for their unencrypted broadcasts to be intercepted, giving a sophisticated eavesdropper a window into household activities.

Lead researcher Wenyuan Xu, a professor in USC's College of Engineering and Computing, says that much of the focus in the research security community right now is on the next generation of devices, the so-called "smart" meters. Utilities hope in the future they will be able to use these to match to individual houses with overall demand, enabling much more efficient allocation of resources.

"There's been a lot of discussion about smart meters and whether they're secure or not," said Xu. "But smart meters are not yet widespread. So we wanted to look at the wireless readers common now. Are they secure? Will they leak private information?"

Wireless meters greatly reduce the need for human operators. A single truck can drive through a neighborhood and collect usage information on hundreds of dwellings that previously required a reader to walk to each meter and record data by hand.

Xu and her team reported at October's Association for Computing Machinery (ACM) conference on Computer and Communications Security that they found neither security nor privacy in the representative AMR systems they tested. AMR systems use proprietary devices and communications protocols, and Xu's team was able to reverse-engineer the transmissions to obtain access to the usage data.

Once they understood how to read the data, they conducted an eavesdropping experiment in a local apartment complex. Using a modestly priced antenna and laptop located inside one of her graduate student's apartment, they were able to detect dozens of nearby electricity meters. By adding an inexpensive amplifier to the system, they were able to gather electrical data from every apartment in the complex – hundreds of units up to 500 yards away.

"We were able to detect even further than we expected," said Xu. "The complex had 408 units, but we were able to see 485, so we were seeing beyond the complex itself."

The data being transmitted had the potential to be matched to the individual dwellings because the transmitted packets contained an identification number that was stamped on the meter itself.

The team's analysis showed that, beyond raw usage data, a range of information could be deduced from analyzing the meter's activity, particularly when it came to electricity. "Most electrical meters broadcast data every 30 seconds," said Xu. "The gas and water meters, because they run on batteries, only transmit data after a wake-up call."

The detailed electricity data gave information about activities within the household – when the inhabitants got up, went to work and got home, for example. The team was able to deduce that 27 of the apartments within the complex were unoccupied.

That sort of information could be harmful in the wrong hands. Xu is careful not to reveal too much detail in her publications, she said. "We don't want the bad guys to know too much. It's about letting the right people know what needs to be better protected."

The good news is that reliance on what's often called "security through obscurity" appears to be working. Obtaining personal household data through wireless meters is difficult. What Xu and her team hopes is that drawing attention to the potential for problems might help the industry realize the necessity of designing systems with security in mind.

"The meter data should have been encrypted before transmission and authenticated by readers in the drive-by trucks to prevent the potential misuses that we've discovered," said Xu.

Explore further: After Fukushima, Japan gets green boom—and glut

add to favorites email to friend print save as pdf

Related Stories

Report: 'Smart' meters have security holes

Mar 26, 2010

(AP) -- Computer-security researchers say new "smart" meters that are designed to help deliver electricity more efficiently also have flaws that could let hackers tamper with the power grid in previously ...

Tire-pressure monitors vulnerable, researchers say

Sep 02, 2010

(PhysOrg.com) -- Wireless tire pressure monitoring systems designed to alert drivers to problems with low tire pressure can be intercepted or forged, causing possible security or privacy threats, according to research at ...

New 'smart' electrical meters raise privacy issues

Nov 06, 2009

The new "smart meters" utilities are installing in homes around the world to reduce energy use raise fresh privacy issues because of the wealth of information about consumer habits they reveal, experts said ...

Recommended for you

European grid prepares for massive integration of renewables

11 hours ago

Today, the ancient city of Rome welcomed an important new initiative for the large-scale integration of grids and of renewables sources into Europe's energy mix, with nearly 40 leading organisations from research, industry, ...

Preparing for a zero-emission urban bus system

Oct 30, 2014

In order to create a competitive and sustainable transport system, the EU must look to alternative fuels to replace or complement petrol and diesel. Not only will this reduce transport emissions but it will ...

Exploring the value of 'Energy Star' homes

Oct 30, 2014

The numbers in neat columns tell—column by column, page by page—a story spread out across Carmen Carrión-Flores' desk at Binghamton University. It's a great story, she says; she just doesn't know how ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.