Security analysis of a cryptographically-enabled RFID device
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Robust location distinction using temporal link signatures
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
Wireless device identification with radiometric signatures
Proceedings of the 14th ACM international conference on Mobile computing and networking
On the Power of Power Analysis in the Real World: A Complete Break of the KeeLoq Code Hopping Scheme
CRYPTO 2008 Proceedings of the 28th Annual conference on Cryptology: Advances in Cryptology
Reverse-engineering a cryptographic RFID tag
SS'08 Proceedings of the 17th conference on Security symposium
Security and Privacy Challenges in the Smart Grid
IEEE Security and Privacy
Order matters: transmission reordering in wireless networks
Proceedings of the 15th annual international conference on Mobile computing and networking
Inferring Personal Information from Demand-Response Systems
IEEE Security and Privacy
IEEE Security and Privacy
EUROCRYPT'08 Proceedings of the theory and applications of cryptographic techniques 27th annual international conference on Advances in cryptology
Proceedings of the 12th ACM international conference on Ubiquitous computing
Attacking and fixing PKCS#11 security tokens
Proceedings of the 17th ACM conference on Computer and communications security
Private memoirs of a smart meter
Proceedings of the 2nd ACM Workshop on Embedded Sensing Systems for Energy-Efficiency in Building
Energy theft in the advanced metering infrastructure
CRITIS'09 Proceedings of the 4th international conference on Critical information infrastructures security
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
They can hear your heartbeats: non-invasive security for implantable medical devices
Proceedings of the ACM SIGCOMM 2011 conference
SEC'11 Proceedings of the 20th USENIX conference on Security
Comprehensive experimental analyses of automotive attack surfaces
SEC'11 Proceedings of the 20th USENIX conference on Security
Privacy-preserving smart metering
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Protecting consumer privacy from electric load monitoring
Proceedings of the 18th ACM conference on Computer and communications security
Survey Cyber security in the Smart Grid: Survey and challenges
Computer Networks: The International Journal of Computer and Telecommunications Networking
Impact of integrity attacks on real-time pricing in smart grids
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Research on smart meters has shown that fine-grained energy usage data poses privacy risks since it allows inferences about activities inside the home. While smart meter deployments are very limited, more than 40 million meters in the United States have been equipped with Automatic Meter Reading (AMR) technology over the past decades. AMR utilizes wireless communication for remotely collecting usage data from electricity, gas, and water meters. Yet to the best of our knowledge, AMR has so far received no attention from the security research community. In this paper, we conduct a security and privacy analysis of this technology. Based on our reverse engineering and experimentation, we find that the technology lacks basic security measures to ensure privacy, integrity, and authenticity of the data. Moreover, the AMR meters we examined continuously broadcast their energy usage data over insecure wireless links every 30s, even though these broadcasts can only be received when a truck from the utility company passes by. We show how this design allows any individual to monitor energy usage from hundreds of homes in a neighborhood with modest technical effort and how this data allows identifying unoccupied residences or people's routines. To cope with the issues, we recommend security remedies, including a solution based on defensive jamming that may be easier to deploy than upgrading the meters themselves.