Energy Theft in the Advanced Metering Infrastructure
Global energy generation and delivery systems are transitioning to a new computerized “smart grid”. One of the principle components of the smart grid is an advanced metering infrastructure (AMI). AMI replaces the analog meters with computerized systems that report usage over digital communication interfaces, e.g., phone lines. However, with this infrastructure comes new risk. In this paper, we consider adversary means of defrauding the electrical grid by manipulating AMI systems. We document the methods adversaries will use to attempt to manipulate energy usage data, and validate the viability of these attacks by performing penetration testing on commodity devices. Through these activities, we demonstrate that not only is theft still possible in AMI systems, but that current AMI devices introduce a myriad of new vectors for achieving it.
KeywordsAMI Smart meter Penetration testing Attack tree
Unable to display preview. Download preview PDF.
- 1.McDaniel, P., McLaughlin, S.: Security and Privacy Challenges in the Smart Grid. IEEE Security & Privacy Magazine (May/June 2009)Google Scholar
- 2.Electric Light and Power Magazine: Reducing revenue leakage (2009), http://uaelp.pennnet.com/
- 3.National Cable Television Association: Ncta 2005 signal theft survey (2005), http://www.ncta.com
- 4.Netwondo LLC: Unlock your google phone (2009), http://www.unlock-tmobileg1.com/
- 5.King, C.S.: The economics of real-time and time-of-use pricing for residential consumers. Technical report, American Energy Institute (2001)Google Scholar
- 6.Schneier, B.: Attack trees. Dr Dobb’s Journal 24(12) (December 1999)Google Scholar
- 8.Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state estimation in electric power grids. In: Proceedings of the 16th ACM Conference on Computer and Communications Security (November 2009)Google Scholar
- 9.Clark, D.D., Wilson, D.R.: A comparison of commercial and military computer security policies. In: IEEE Symposium on Security and Privacy, pp. 184–195 (1987)Google Scholar
- 11.The Asterisk Project: Asterisk open source pbx, http://www.asterisk.org
- 12.American National Standards Institute: C12.18 Protocol Specification for ANSI Type 2 Optical Port (2006)Google Scholar
- 13.3CX: FXS, FXO Explained (2009), http://www.3cx.com/PBX/FXS-FXO.html
- 14.American National Standards Institute: ANSIX3.92-198 Data Encryption Algorithm (1981)Google Scholar