Online Identity and Trust: ‘Smart’ meters will require ‘Smart’ security
Online Identity and Trust « A Year of Progress for VIP Access for Mobile | Main | Cloud-based Authentication Matters Here » ‘Smart’ meters will require ‘Smart’ security
Han Dong, Senior Product Marketing Manager, User Authentication
I came across a recent Associated Press article by Jordan Robertson, concerning “Smart” utility meters and their security holes. In this article, Robertson talks about the “aggressive roll out of new [Smart] meters” by utility companies in the U.S. Smart meters are a new type of enhanced utility meter, designed to measure natural gas or electricity usage in a more sophisticated manner. Essentially Smart meters (versus old-fashioned “dumb” meters) can measure not just the volume of utility used, but also when (peak vs. non-peak usage in real-time) those utilities are consumed. The benefit here is that utility companies can better plan resources required at any given time/day/season to deliver those utilities, and consumers can enjoy discounted/variable rates for utilities consumed (higher prices during peak times and lower prices during non-peak times). Add the fact that Smart meters can communicate over wired/wireless networks and now utility meter readers can also more efficiently capture/record data from these Smart meters, especially in rural areas.
The issue at hand is that while these new Smart meters do present a number of benefits, the ‘cost’ is the issue of potential security holes, given the programmability and network-connected aspects of these new meters. While today it may be true that Smart meters are vulnerable to a variety of attacks, there are quite a few simple steps that can be taken both by the meter vendors and the utility companies to ensure the security of the power grid and consumers’ utility information.
The Wireless industry has to a large extent addressed this problem, and so has the cable industry. The use of standards based authentication and excryption technology in ALL components, both at the consumer portion (Smart meter) of the power network and the distribution portion of the power grid, will not only enhance the security of the smart grid but will also foster interoperability. In fact, the National Institute of Standards and Technology (NIST) is working on a set of security standards that can be applied to the Smart Grid and participants from all segments of the power industry. Looking to some of the pioneers in this space, most notably the WiMAX and the Cable industry, several ecosystems have deployed PKI-based digital certificate and Smart card solutions to ensure the security of the network and a variety of distributed, connected devices in a scalable and trusted manner. Deployment of similar security mechanisms as part of the Smart Grid and Smart meters will go a long way in ensuring the trust worthiness of the network, its manageability, and audit ability.
So for Smart meter vendors and utility providers concerned about security of the grid – look to VeriSign to help solve your security concerns. No need to reinvent the wheel.
Posted by Han Dong on April 2, 2010 12:29 PM | Permalink Post a comment (If you haven’t left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won’t appear on the entry. Thanks for waiting.)
Remember personal info?
Comments: (you may use HTML tags for style)
Search Categories Authentication | Cloud-based Security | Device Security | Fraud Detection | Fraud Detection Service | Identity | Mobile devices and credentials | OpenID | VIP Blog | WiMAX | fraud protection | iPhone | layered security | two-factor authentication | second-factor authentication | verisign | Archives November 2010 October 2010 July 2010 May 2010 April 2010 March 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 Recent Posts And the SC Magazine Award finalists are… VIP Mobile Software Developer Kit (SDK) Available for Windows Phone 7 Some additional “Social Security” Qualys provides VIP Protection to its customers VeriSign Customers Honored by Computerworld Cloud-based Authentication Matters Here ‘Smart’ meters will require ‘Smart’ security A Year of Progress for VIP Access for Mobile VeriSign has “got your back” on fraudulent ATM activity Cloud computing security standards – Vinton Cerf, father of the internet, has got your back Subscribe Comments We encourage comments and look forward to hearing from you. Please note that VeriSign may, in our sole discretion, remove comments if they are off topic or inappropriate. Powered by
Movable Type 4.21-en Disclaimer: Opinions expressed here and in any corresponding comments are the personal opinions of the original authors, not of VeriSign.
VeriSign Legal Notices
View the original article here