diff options
Diffstat (limited to 'ma')
-rw-r--r-- | ma/safety_reset.bib | 99 | ||||
-rw-r--r-- | ma/safety_reset.tex | 66 |
2 files changed, 157 insertions, 8 deletions
diff --git a/ma/safety_reset.bib b/ma/safety_reset.bib index feb74e1..5d14c28 100644 --- a/ma/safety_reset.bib +++ b/ma/safety_reset.bib @@ -1226,4 +1226,103 @@ volume = {73},
}
+@TechReport{ukgov01,
+ date = {2018},
+ institution = {UK Department for Business, Energy and Industrial Strategy},
+ title = {Smart Metering Implementation Programme Progress Report for 2018},
+ url = {https://www.gov.uk/government/publications/smart-metering-implementation-programme-progress-report-2018},
+ urldate = {2020-05-18},
+}
+
+@TechReport{ukgov02,
+ date = {2014},
+ institution = {UK Department of Energy and Climate Change},
+ title = {Smart Metering Implementation ProgrammeSmart Metering Equipment Technical Specifications},
+ url = {https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/381535/SMIP_E2E_SMETS2.pdf},
+ urldate = {2020-05-18},
+ version = {1.58},
+}
+
+@TechReport{ukgov03,
+ date = {2016},
+ institution = {UK Department for Business, Energy and Industrial Strategy},
+ title = {Smart Meter Rollout Cost-Benefit Analysis Part I},
+ url = {https://ec.europa.eu/growth/tools-databases/tris/cs/index.cfm/search/?trisaction=search.detail&year=2017&num=350&iLang=EN},
+ urldate = {2020-05-18},
+}
+
+@Thesis{mahlknecht01,
+ author = {Peter Mahlknecht},
+ date = {2014},
+ institution = {Technische Universität Wien},
+ title = {Diplomarbeit Sicherheitsmodul für ein Smart Metering Gateway},
+ url = {https://publik.tuwien.ac.at/files/PubDat_233035.pdf},
+ urldate = {2020-05-18},
+}
+
+@WWW{delaw01,
+ title = {Stromgrundversorgungsverordnung StromGVV § 19 Unterbrechung der Versorgung},
+ url = {http://www.gesetze-im-internet.de/stromgvv/__19.html},
+ urldate = {2020-05-18},
+}
+
+@Article{cuijpers01,
+ author = {Colette Cuijpers and Bert-Jaap Koops},
+ date = {2012},
+ journaltitle = {European data protection},
+ title = {Smart metering and privacy in Europe: lessons from the Dutch case},
+ doi = {https://doi.org/10.1007/978-94-007-5170-5_12},
+ journalsubtitle = {Coming of age},
+ pages = {269-293},
+}
+
+@WWW{ec04,
+ editor = {The European Commission},
+ date = {2012},
+ title = {The Energy Efficiency Directive},
+ url = {https://ec.europa.eu/energy/topics/energy-efficiency/targets-directive-and-rules/energy-efficiency-directive_en},
+ urldate = {2020-05-18},
+}
+
+@Article{aubel01,
+ author = {Pol Van Aubel and Erik Poll},
+ date = {2019},
+ journaltitle = {International Journal of Electrical Power and Energy Systems},
+ title = {Smart metering in the Netherlands: what, how and why},
+ doi = {https://doi.org/10.1016/j.ijepes.2019.01.001},
+ issn = {0142-0615},
+ pages = {719-725},
+ volume = {109},
+}
+
+@TechReport{dsmrp3,
+ date = {2014},
+ institution = {Netbeheer Nederland WG DSMR},
+ title = {Dutch Smart Meter Requirements P3 Companion Standard},
+ url = {https://www.netbeheernederland.nl/_upload/Files/Slimme_meter_15_1f3c5c9b2c.pdf},
+ urldate = {2020-05-18},
+ version = {4.0.7},
+}
+
+@TechReport{dsmrp1,
+ date = {2016},
+ institution = {Netbeheer Nederland WG DSMR},
+ title = {Dutch Smart Meter Requirements P1 Companion Standard},
+ url = {https://smarty.creos.net/wp-content/uploads/DutchSmartMeterRequirements.pdf},
+ urldate = {2020-05-18},
+ version = {5.0.2},
+}
+
+@InProceedings{anderson01,
+ author = {Ross Anderson and Shailendra Fuloria},
+ booktitle = {2010 First IEEE International Conference on Smart Grid Communications},
+ date = {2010},
+ title = {Who controls the off switch?},
+ doi = {10.1109/SMARTGRID.2010.5622026},
+ location = {Gaithersburg, MD},
+ pages = {96-101},
+ url = {https://www.cl.cam.ac.uk/~rja14/Papers/meters-offswitch.pdf},
+ urldate = {2020-05-18},
+}
+
@Comment{jabref-meta: databaseType:biblatex;}
diff --git a/ma/safety_reset.tex b/ma/safety_reset.tex index fc78269..c5dd90d 100644 --- a/ma/safety_reset.tex +++ b/ma/safety_reset.tex @@ -462,13 +462,56 @@ transport encryption and other cryptographic services\cite{bsi-tr-03109-2,bsi-tr % FIXME \subsubsection{Germany} -% FIXME -\subsubsection{France} -% FIXME +Germany standardized smart metering on a national level. Apart from the calibration standards applying to any type of +meter smart meters are covered by a set of communications and security standards developed by the German Federal Office +for Information Security (BSI). Germany mandates smart meter installations for newly constructed buildings and during +major renovations but does not require most legacy residential installations to be upgraded. This is a consequence of a +2013 cost-benefit analysis that found these upgrades to be uneconomical for the vast majority of residential +customers\cite{bmwi03,bmwi1,bmwe01,brown01}. + +The German standards strictly separate between metering and communication functions. Both are split into separate +devices, the \emph{meter} and the \emph{gateway} (called emph{smart meter gateway} in full and often abbreviated +emph{SMGW}). One or several meters connect to a gateway through a COSEM-derived protocol. The communication interface +between meter and gateway can optionally be physically unidirectional. An unidirectional interface eliminates any +possibility of meter firmware compromise. The gateway contains a cryptographic security module similar to a +smartcard\cite{mahlknecht01} that is entrusted with signing of measurements and maintaining an authenticated and +encrypted communication channel with its authorities. Security of the system is certified according to a Common Criteria +process. + +The German specification does not include any support for load switches outside of demand-side management as they are +common in some other countries. It does not prohibit the installation of one behind the smart meter installation. This +makes it theoretically possible for a utility company to still install a load switch to disconnect a customer, but this +would be a spearate installation from the smart meter. In Germany there are significant barriers that have to be met +before a utility company may cut power to a household\cite{delaw01}. The elision of a load switch means attacks on +German meters will be limited in influence to billing irregularities and attacks using DSM equipment. + +% FIXME elaborate DSM attacks vs. whole-household attacks in attacks section + +\subsubsection{The Netherlands} +The Netherlands were early to take initiative to roll out smart metering after its recognition by the European +Commission in 2006\cite{cuijpers01,ec04}. After overcoming political issuses the Netherlands were above the European +median in 2018 having replaced almost half of all meters\cite{cuijpers01,ec03}. Dutch smart meters are standardized by a +consortium of distribution system operators. They integrate gateway and metrology functions into one device. The +utility-facing interface is a IEC DLMS/COSEM-based interface over cellular radio such as GPRS or +LTE\cite{aubel01}. Like e.g.\ the German standard, the Dutch standard precisely specifies all communication +interfaces of the meter\cite{dsmrp3}. Another parallel is that the Dutch standard also does not cover any functionality +for remotely disconnecting a household. This absence of a load switch limits attacks on Dutch smart meters to causing +billing irregularities. \subsubsection{The UK} -% FIXME + +The UK is currently undergoing a smart metering rollout. Meters in the UK are nationally standardized to provide both +Zigbee ZSE-based and IEC DLMS/COSEM connectivity. UK smart metering specifications are shared between electrical and gas +meters. Different to other countries' specifications the UK national specifications require electrical meters to have an +integrated load switch and gas meters to have an integrated valve. In the UK a significant number of consumers are +subject to prepaid electricity contracts. Prepayment and credit functionality are also specified in the national smart +metering standard, as is remote firmware update functionality. Outside communications in these standards is performed +through a gateway (there called \emph{communications hub}) that can be shared between several meters +\cite{ukgov01,ukgov02,ukgov03,brown01,sato01}. The combination of both gas and electricity metering into one family of +standards and the exceptionally large set of \emph{required} features make the UK regulations the maximalist among the +ones in this section. The mandatory inclusion of both load switches and remote connectivity up to remote firmware update +make it an interesting attack target. \subsubsection{Italy} @@ -476,9 +519,10 @@ Italy was among the first countries to legally mandate the widespread installati in 2006 and 2007 by law set a starting date for the rollout in 2008\cite{brown01}. The Italian electricity market was recently privatized. While the wholesale market and transmission network privatization has advanced the vast majority of retail customers continued to use the incumbent distribution system operator ENEL as their supplier\cite{ec03}. This -dominant position allowed ENEL to orchestrate the large-scale rollout of smart meters in Italy. An unique feature of the -Italian smart metering infrastructure is that it relies on Powerline Communication (PLC) to bridge distances between -meters and cellular radio gateways\cite{gungor01}. +dominant position allowed ENEL to orchestrate the large-scale rollout of smart meters in Italy. Almost every meter in +Italy had been replaced by a smart meter by 2018\cite{ec03}. An unique feature of the Italian smart metering +infrastructure is that it relies on Powerline Communication (PLC) to bridge distances between meters and cellular radio +gateways\cite{gungor01}. \subsubsection{Japan} @@ -487,7 +531,13 @@ standardization effort has been spent on smart home integration.\cite{usitc01,sa standards (JIS) for metrology and physical dimensions. The TEPCO deployment currently being rolled out is based on the IEC DLMS/COSEM standards suite for remote meter reading in conjuction with the Japanese ECHONET protocol for the home-area network. Smart meters are connected to TEPCO's backend systems through the customer's internet connection, -sub-gigahertz radio based on 802.15.4 framing, regular landline internet or PLC\cite{toshiba01}. +sub-gigahertz radio based on 802.15.4 framing, regular landline internet or PLC\cite{toshiba01,sato01}. + +A unique point in the Japanese utility metering landscape is that the current practice is monthly manual readings. In +Japan residential utility meters are usually mounted outside the building on an exterior wall and every month someone +with a mirror on a long stick will come and read the meter. The meter reader then makes a thermal paper print-out of the +updated utility bill and puts it into the resident's post box. This practice gives consumers good control over their +consumption but does incur significant pesonnel overhead. % FIXME citation. Maybe the toshiba one? \subsubsection{The USA} |