NSW-based Endeavour Energy is re-thinking smart meter security ahead of plans to deploy almost one million of the devices across the state.
The company’s security chief, Ian Appleby, said the meters present a complex physical and IT security challenge. Energy companies must be able to respond quickly to attacks, he said.
“We’re reassessing the entire security design,” Appleby told an audience at the AusCERT 2011 conference at the Gold Coast today.
That review will examine about 10 smart meter trial sites each with up to 5000 nodes. It will examine physical risk, network boundaries, risks of remote access, and how to best manage software across the fleet.
“Smart meters are basically a computer put on the side of your house – and it has to be located in a publicly-accessible spot," he said. "That’s a risk of physical attack right there”.
One concern is how to manage security of the 850,000 smart meters in the utility's upcoming deployments.
“From the time we evaluate a patch, within three months there is another patch out,” Appleby said. “And standards for meters aren’t mandated.”
Another is perimeter defence. The meters are at risk from being attacked by other devices that operate alongside the wireless network.
Appleby said all consumer devices should be classified as a threat.
He said strong encryption and authentication are critical for the success of smart meter deployments.
Smart meters are being rolled out across Australia and will give consumers new functionality and insight into energy consumption.
But as a recent trial in Tasmania revealed, there are serious consequences for operators should vandals tamper with the devices.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
