Energy Theft in the Advanced Metering Infrastructure

  • Stephen McLaughlin
  • Dmitry Podkuiko
  • Patrick McDaniel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6027)


Global energy generation and delivery systems are transitioning to a new computerized “smart grid”. One of the principle components of the smart grid is an advanced metering infrastructure (AMI). AMI replaces the analog meters with computerized systems that report usage over digital communication interfaces, e.g., phone lines. However, with this infrastructure comes new risk. In this paper, we consider adversary means of defrauding the electrical grid by manipulating AMI systems. We document the methods adversaries will use to attempt to manipulate energy usage data, and validate the viability of these attacks by performing penetration testing on commodity devices. Through these activities, we demonstrate that not only is theft still possible in AMI systems, but that current AMI devices introduce a myriad of new vectors for achieving it.


AMI Smart meter Penetration testing Attack tree 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    McDaniel, P., McLaughlin, S.: Security and Privacy Challenges in the Smart Grid. IEEE Security & Privacy Magazine (May/June 2009)Google Scholar
  2. 2.
    Electric Light and Power Magazine: Reducing revenue leakage (2009),
  3. 3.
    National Cable Television Association: Ncta 2005 signal theft survey (2005),
  4. 4.
    Netwondo LLC: Unlock your google phone (2009),
  5. 5.
    King, C.S.: The economics of real-time and time-of-use pricing for residential consumers. Technical report, American Energy Institute (2001)Google Scholar
  6. 6.
    Schneier, B.: Attack trees. Dr Dobb’s Journal 24(12) (December 1999)Google Scholar
  7. 7.
    Kinney, R., Crucitti, P., Albert, R., Latora, V.: Modeling cascading failures in the north american power grid. The European Physical Journal B - Condensed Matter and Complex Systems 46(1), 101–107 (2005)CrossRefGoogle Scholar
  8. 8.
    Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state estimation in electric power grids. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (November 2009)Google Scholar
  9. 9.
    Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: IEEE Symposium on Security and Privacy, pp. 184–195 (1987)Google Scholar
  10. 10.
    Desmedt, Y.: Man in the middle attack. In: van Tilborg, H.C.A. (ed.) Encylopedia of Cryptography and Security, p. 368. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    The Asterisk Project: Asterisk open source pbx,
  12. 12.
    American National Standards Institute: C12.18 Protocol Specification for ANSI Type 2 Optical Port (2006)Google Scholar
  13. 13.
    3CX: FXS, FXO Explained (2009),
  14. 14.
    American National Standards Institute: ANSIX3.92-198 Data Encryption Algorithm (1981)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Stephen McLaughlin
    • 1
  • Dmitry Podkuiko
    • 1
  • Patrick McDaniel
    • 1
  1. 1.Systems and Internet Infrastructure Security Laboratory (SIIS)Pennsylvania State UniversityUniversity Park

Personalised recommendations