When I was getting my solar panels installed, I couldn't wait to see my electric meter literally spin backwards. Alas, as part of the process, the utility swapped out the old analog meter. That spinning metal disk had been a reminder of the raw mechanical power—giant turbines, mighty waterfalls, searing furnaces—that stood at the other end of the dainty wires running into my house. Now, instead of a disk, I have flashing digits, which seem more ethereal. In return, the new meter is more capable, which is why power companies are installing smart meters by the millions. But a lot of people worry they are a little too capable.
If someone in a utility control room can read your meter remotely, shut off power to your house, and modulate individual appliances to shed load during peak hours, then so could hackers. As the number of smart meters grows, so does the incentive for criminals and terrorists to misuse them. Concern has been mounting for several years. In early 2009, IOActive, a security firm, demonstrated how little it takes is to break into smart-meter networks. Last year, computer security expert Nate Lawson of Root Labs hacked a smart meter radio module he'd bought on eBay for $30. Many people who've gotten the meters complain about incorrect readings, often with good cause. After all this, I begin to wish I had my old spinning wheel back.
I spoke yesterday with Ben Jun, vice-president of the security firm Cryptography Research, about the risks. The good news is that homeowners don't need to worry too much about hackers taking over our lights. "I don't think I'd be too scared about switching over to a smart meter," he said. At least, not yet. If utilities bungle the transition, Jun says some of the scare stories could come true.
One concern is that homeowners could jimmy their meters. Power theft already saps a percent or two of U.S. electricity production, and much more in other countries; there are pages all over the web showing how to fool a mechanical meter. But at least physical tampering is easy to spot. An unsecured smart meter could be reprogrammed without any visible trace.
Another problem is privacy. By monitoring your power use, utilities get to know rather more about your household routines than you'd like them to. It never ceases to amaze me how much you can learn from simple wattage measurements. Each appliance in your house causes a telltale fluctuation in power, and websites such as PlotWatt and EnerSave can analyze the output of a home power monitor to see how often you run what appliance—useful self-knowledge for those of us looking for ways to conserve energy. Imagine what marketers (let alone burglars) would pay for that information.
Then there are the systemic threats. As electrical engineer David Nicol warns in our July issue, the "smart grid"—the networking of control systems of generators and substations—is a veritable playground for mischief-makers. A government cyberwar exercise in 2007, shown vividly in footage obtained by CNN, caused a generator to self-destruct. In effect the generator was forced to fight the raw mechanical power of the rest of the grid, and lost.
Nicol's article didn't mention smart meters, but they, too, are part of the smart grid and pose similar risks. One goal of the meters is to let utilities vary electricity rates by time of day to encourage conservation; you could program electron-guzzlers such as air-conditioners and electric car chargers to take advantage of off-peak rates. But if hackers could manipulate the rates, they might cause vast number of appliances to turn on or off at inopportune moments and bring the whole grid crashing down.
So what can be done? Jun said utilities have traditionally focused on resilience against random threats such as lightning strikes; unlike, say, banks, they didn't have to worry much about systematic attacks. They need to learn, and quick. The main thing, Jun said, is to take the same basic countermeasures other industries do, beginning with hardening meters to thwart code-crackers. Lawson got into his module through the USB-like port provided for reprogramming and testing. The module did have some built-in cryptographic security, but it hadn't been enabled.
Although utilities have plenty of incentive already to secure their systems and many are doing so, others are in the habit of doing the minimum it takes to comply with regulation. So regulators may need to lean on them. A smart meter installed today will probably still be there in 20 years, so the time to act is now. "We may only have one chance to do it right," Jun said.
Smart meter, photo by George Musser