|
Current News
Survey: Energy Security Pros Believe Smart Meters Vulnerable to False Data Injection; Disagree on Hype Surrounding Smart Meter Privacy Issues
April 9, 2012
[ back ] [ comment ]
nCircle recently announced the results of a survey of 104 energy security professionals. The survey was sponsored by nCircle and EnergySec, a DOE-funded public-private partnership that works to enhance the cyber security of the electric infrastructure. The online survey was conducted between March 12 and March 31, 2012.
When asked, "Do smart meter installations have sufficient security controls to protect against false data injection?" 61% said "no".
The analysis of smart meter measurements and power system models that estimate the state of the power grid are a routine part of system monitoring. False data injection attacks exploit the configuration of power grids by introducing arbitrary errors into state variables while bypassing existing techniques for bad measurement detection.
Patrick Miller, the founder, CEO and president of EnergySec, noted, "Smart meters vary widely in capability and many older meters were not designed to adequately protect against false data injection. It doesn't help that some communication protocols used by the smart meter infrastructure don't offer much protection against false data injection either. Together, these facts highlight a much larger potential problem with data integrity across the smart grid infrastructure. Because our nation relies on the smart grid to deliver robust and reliable power, we need to make sure that all systems that process usage data, especially those that make autonomous, self-correcting, self-healing decisions, assure data integrity."
Elizabeth Ireland, vice president of marketing for nCircle, noted, "A false data injection attack is an example of technology advancing faster than security controls. This is a problem that has been endemic in the evolution of security and it's a key reason for the significant cyber security risks we face across many facets of critical infrastructure. Installing technology without sufficient security controls presents serious risks to our power infrastructure and to every power user in the U.S."
When asked, "Has the hype around privacy issues associated with smart meter consumer data been overblown?" 53% of survey respondents said "yes" and 47% said "no".
Commenting on this additional finding, Miller observed, "Smart grid meter privacy is still a new area. "State regulations are inconsistent and sensitive customer details in smart grid data vary from utility to utility. I expect to the smart grid industry to struggle with several challenges around who ultimately ‘owns’ customer data. There are several grey areas that impact how smart grid customer data will be used as the industry attempts to maximize revenue potential. Even seemingly innocuous customer data has significant value -- just ask Facebook or Google."
Ireland added, "We haven’t seen a significant breach of smart meter consumer data yet so it’s natural to see a difference of opinion between energy security professionals on the front lines. As with any type of digital information, there are professionals that are very concerned about privacy and believe a breach is inevitable and those that have a more optimistic viewpoint. It’s encouraging to see this discussion happening in advance of a data breach when additional protection for smart grid customers can still be implemented."
Source: nCircle
Comments
Please note: By posting a comment, you agree to our Terms & Conditions.
|
|
|
|
|