Security Experts:

Open Source Smart Meter Hacking Framework Released

Black Hat 2012

A researcher specializing in smart grids has released an open-source tool designed to assess the security of smart meters.

The open-source framework “Termineter” would allow authorized users, such as grid operators and administrators, to test smart meters for vulnerabilities, SecureState, a management consulting company focused on critical infrastructure, said Thursday. Malicious perpetrators can take advantage of the data collected by smart meters in various attacks, including energy consumption fraud and network hijacking, SecureState said.

There has been a lot of interest in smart meters recently, as utilities modernize their infrastructure to take advantage of the efficiency games promised by smart grids. However, power companies are worried about authentication issues such as weak passwords and weak access controls which would allow attackers to conduct fraud or cause power outages.

Power Grid Security

SecureState decided to publicly release the tool to promote security awareness for smart meters and bring basic testing capabilities to the community and meter manufacturers. Power companies can use the framework to give authorized individuals a way to manipulate and test the security of smart meters, SecureState said. The user must have physical access to the meter and know how meters work in order to use the tool.

Termineter uses the serial port connection that interacts with the meter's optical infrared interface to give the user access to the smart meter's inner workings.

SecureState's Termineter's user interface is much like the interface used by the Metasploit penetration testing framework. It relies on modules to extend its testing capabilities.

Spencer McIntyre, a member of SecureState's Research and Innovation Team, is scheduled to demonstrate Termineter in a session "How I Learned to Stop Worrying and Love the Smart Meter," at Security B-Sides Vegas on July 25.

Another researcher, Don Weber, a senior security analyst with InGuardians, is also scheduled to talk about smart meter hacking and unveil his own testing tool on the same day as part of Black Hat Las Vegas. The tool, dubbed OptiGuard, would demonstrate how infrared ports on a smart meter can be penetrated and vulnerabilities exploited. Unlike Termineter, OptiGuard will not be open-source and contains vendor-specific information.

Much of the existing energy grid is more than 30 years old, and integrating newer segments with legacy systems have been a challenge, McAfee researchers wrote in a report examining smart grids and cyberthreats, released Wednesday. "Security has largely been an afterthought," McAfee wrote in the report.

Industrial control systems that handle many of the functions in critical infrastructure are very different from traditional IT networks and equipment, Kim Legelis, vice-president of marketing at Industrial Defender, told SecurityWeek. Not only were control systems originally designed to be isolated from the rest of the network, they aren't intended to be patched on a regular basis, Legelis said.

"These systems aren't something that can be down for maintenance on Sunday evenings at 11pm," Legelis said.

As a result, traditional security measures aren't sufficient for critical infrastructure. In order to protect smart grids, the industry needs security products that are dedicated to these types of systems, Legelis said.

The Termineter Framework can be downloaded here.

Related Reading: Smart Grids Need to be Updated, Rebuilt With Security to Reduce Vulnerabilities

Related ReadingFun and Games Hacking German Smart Meters

Related ReadingSmart Meters Widely Considered Vulnerable to False Data Injection

Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.