How hackers target smart meters to attack the grid
According to researchers from Oregon State University College of Engineering, smart meters provide a prime vulnerable target for hackers seeking to destabilise the power transmission grid.
According to the research study, new technology being added to the grid, namely Advanced Metering Infrastructure (AMI), opens ground for hackers, who can attempt to control smart meter switches to cause load oscillations.
Load oscillations
According to the researchers, like circuit breakers in a household panel, power grid components can “trip” and shut off when demand, or load, is too high or problematic.
The result is load being passed on to other parts of the grid network, which may also shut down, creating the possibility of a domino effect that can lead to a blackout.
In their study, Load Oscillating Attacks of Smart Grids: Vulnerability Analysis, conducted with OSU College of Engineering associate professor Jinsub Kim, researchers used a model known as a time-domain grid protection simulator to demonstrate how causing load to vary back and forth in a regular pattern – known as a load oscillation attack – can compromise transmission.
The project was led by associate professor of electrical engineering and computer science Eduardo Cotilla-Sanchez alongside graduate student Falah Alanazi.
Said Cotilla-Sanchez: “New technologies have been introduced to make our ageing electricity infrastructure more efficient and more reliable.
“At the distribution level, upgrades have included communication systems, distribution automation, local control and protection systems, and advanced metering infrastructure. The bad news is, the upgrades also introduce new dimensions for attacking the power grid.”
AMI and smart meters are such new technologies being added into the grid equation and provide space for hackers to attempt to take control over smart meters and use them to cause load oscillations.
Have you read:
Oracle’s meter data system to support El Paso’s smart meter rollout
NB-IoT chipset launched for Indian smart meter market
Smart meter hacking
According to the study, with increased smart meter deployment at the distribution level, the frequency of such cybersecurity breaches are likely to increase.
One of these possible attacks consists in hacking the AMI to control the smart meter switches by altering the data or inserting false control data.
The research draws on recent cyber-physical attacks on power grids to demonstrate the cyber threat posed by smart meters:
“Examples include the attack on the Ukrainian power grid in 2015…smart meters could be hacked if the adversary gains access to the smart meter ID, password, and knowledge of the communication protocol and software programming,” states the research paper.
“Smart meters could be hacked as easily as mimicking communication devices to learn how to communicate with the smart meter. Malware could be spread to other smart meters through compromised smart meters to allow easier access.”
They add how hackers could make use of smart meter system weaknesses to ‘spoof’ a controlling signal and secure access.
“In addition, the adversary could determine appropriate line measurement by direct intrusion or estimating information through accessing associated sensor devices or communication links.”
Also of interest:
Smart meters and data enablers of the energy transition – Landis+Gyr CEO
Unlocking smart meter data for research
Threat level
Cotilla-Sanchez, in announcing publication of their study, commented on how, should a large number of smart meters be remotely controlled to switch off power, this could have big ramifications.
Such an incident would start with someone performing reconnaissance by ‘poking’ a couple of locations in a grid and using the information gained to estimate the grid’s destabilizing oscillation frequency, he said. After determining which customer meters to turn on and off at that frequency – less than 1 Hertz or cycle per second – the attacker would be ready to launch an assault.
And comparatively speaking, the researchers state, an attack doesn’t need to involve that many meters.
“We juxtaposed our work with related recent grid studies and found that a well-crafted attack can cause grid instability while involving less than 2% of the system’s load,” added Cotilla-Sanchez.
The findings, while unsettling, provide a jump-off point for grid operators to develop countermeasures, he added.
“For example, if they detect this type of oscillation on the load side, they could take lines A and B out of service, intentionally islanding the affected area and thus avoiding propagation of the instability to a broader area of the grid.
“Another solution, which could be complementary, might be to change the generation portfolio enough – for example, curtail some wind generation while ramping up some hydro generation – so the overall dynamic response is different to what the attack was designed toward, so the impact will be smaller and won’t be enough to tip the system.”
Either technique, he said, will require additional research and development to serve as an effective mechanism of protection, “but understanding the nature of possible attacks I would say is a good start.”