Are Smart Meters Putting Your Home At Risk?
By Ron Grunsby
More than 40 million meters in the United States use automated meter reading (AMR) technology, and researchers from the University of South Carolina, IEEE, and Rutgers University say that picking up wireless signals from these meters could help intruders figure out whether anyone is home.
These “smart meters" broadcast electricity, gas, and water usage data by radio every 30 seconds, and utility company employees can read this information with a receiver. In a paper that analyzes the security of AMR systems, Ishtiaq Rouf, Hossen Mustafa, and their colleagues showed that intruders can intercept this information with little effort. Since energy usage often drops to near zero when no one is home, intruders can use this data to help them determine whether anyone is in a home.
In their experiment, the research team used an LNA and a 5-dBi omnidirectional antenna to monitor all meters in a neighborhood, capturing data from 485 meters in a 300 m radius. The team said that the AMR meters use a basic frequency-hopping wireless communication protocol that they were able to reverse engineer using about $1,000 in off-the-shelf equipment that included an encoder-receiver-transmitter reader and Universal Software Radio Peripheral with an RFX900 daughterboard.
To protect against such eavesdropping, the researchers recommended the use of a privacy preserving jammer (PPJ), the central component of an add-on device that requires no modification of the deployed meters. The PPJ sends out a jamming signal right after it detects a packet transmitted by the meter. The PPJ can be turned off remotely by authorized meter readers long enough to allow reading.
The authors did not name the companies that operate the meters they monitored in their research. They presented their findings last week at the 19th ACM Conference on Computer and Communications Security in Raleigh, NC.