Feeds

Smart meters: Nothing can possibly go wrong, says gov

Sky box in charge of your house is a tip-top notion

High performance access to file storage

A UK government minister has reassured Parliament that upcoming deployments of smart meters will be secure.

The assurances by junior energy minister Charles Hendry follow admissions by a senior civil servant at a House of Commons Public Accounts committee on Monday that the government's £12bn plan to roll out smart energy meters in the UK by 2019 might yet be shelved, depending on the outcome of a review next year. The review will focus on the business case for the deployment of smart meters but security concerns also exist.

Last year Ross Anderson, professor in security engineering at the University of Cambridge Computer Laboratory, warned that smart metering would introduce a "strategic vulnerability" that might be exploited by hackers to remotely switch off elements on the gas or electricity supply grid. Software errors introduced during an update also pose a risk.

Security researchers at IOActive previously highlighted (PDF) flaws in poor authentication, lack of encryption and inadequate authorisation in smart meter rollouts during a research project that looked at rollouts in the US and Europe.

Asked about these security concerns, and in particular fears that smart meter systems may not have been properly secured against hacking by third parties, Charles Hendry, minister of State for the Department of Energy and Climate Change, told Parliament on Wednesday that a comprehensive risk assessment programme would accompany the deployment of the technology.

The government are putting robust arrangements in place for the security of the smart metering system, which have been informed by a rigorous risk assessment. DECC has a dedicated team of security experts within the Smart Metering Implementation Programme, who perform ongoing risk assessments in order to identify the nature of possible threats, including hacking by third parties.

Security requirements are being developed to minimise: (i) the likelihood of such an event taking place, and (ii) the impact should it occur. The development of these requirements has involved extensive consultation with other government departments and relevant agencies, as well as with industry.

We have a comprehensive risk assessment and we are developing a plan for implementation, which will specify the enduring security governance roles and responsibilities to ensure risks are appropriately managed.

Smart meters introduce two-way communication between a meter and the central system of a utility absent from older analogue meters. The devices feature sensors, so they can monitor and report on the quality of gas and electricity supply, as well as how many units are consumed for billing purposes.

Utilities want to deploy smart meters because the technology will simplify the process of collecting meter reading and controlling supply at times of high demand. The kit also makes it easier to switch subscribers to higher tariffs in cases where they fail to pay their bill on time.

But for consumers the rollout of an estimated 47 million smart meters to the UK's 26 million homes is likely to cost £6 per annum per household at a time when energy prices are already rising at record rates, a trend that shows no signs of turning around anytime soon. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
NSA denies it knew about and USED Heartbleed encryption flaw for TWO YEARS
Agency forgets it exists to protect communications, not just spy on them
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.