Solved

How secure are Smart Meters. What security measures are in place?

  • 17 April 2019
  • 5 replies
  • 101 views

I an advised by an industry software engineer to ask what measures have OVO taken to assure customers that their Smart Meters can't be hacked.
icon

Best answer by Eva_OVO 18 April 2019, 13:07

Hey @Micky Mouse,

Smart meters are secure, they have a security system developed by leading experts in industry and government including GCHQ’s National Cyber Security Centre.

I hope this helps! 🙂
View original

5 replies

Userlevel 5
Hey @Micky Mouse,

Smart meters are secure, they have a security system developed by leading experts in industry and government including GCHQ’s National Cyber Security Centre.

I hope this helps! 🙂
Userlevel 1
Hey @Micky Mouse,

Smart meters are secure, they have a security system developed by leading experts in industry and government including GCHQ’s National Cyber Security Centre.

I hope this helps! :)


Hi @Eva_OVO

Noting your assurance of security, does this now mean OVO will soon be allowing customers to pair CAD devices of their choice to their SMETS2 meters?

(I understand that the reason this has not been allowed by OVO until now is because security was a concern, yet either the system is secure enough for customers to be allowed to pair their own devices without risk, or the technology is not actually as certain to be secure as is being suggested, surely?)

Kind regards
Julie
Userlevel 6
Badge +4
Hey @jewelie - as I mentioned on an earlier post, we're getting an update on this and we'll keep you guys posted.
Userlevel 1
Hey @jewelie - as I mentioned on an earlier post, we're getting an update on this and we'll keep you guys posted.

Thanks Nancy. 🙂
Userlevel 7
Badge +3
Hi @jewelie - glad you raised this point.

I'm unsure what was the issue which led to OVO withdrawing access to meter data by customers last year. I'm not convinced it was merely security related. Here's why:

The only way for commands to be sent to a Smart Meter (of any vintage) is via DCC. This is an encrypted system and includes a number of sanity checks to ensure that a command is only processed if it originated from your authorised Energy Supplier or the meter manufacturer (for firmware upgrades and diagnostics).

A CAD link would use the Zigbee network to receive data from your Communications Hub, just as the IHD does. There is no route for SMETS commands to be sent to the meter(s) via Zigbee and never has been.

In any case, all our IHDs currently lack the facility to configure electricity demand-led responses once Energy Suppliers offer Time-Of-Use (TOU) Tariffs. So at that stage, it would seem anyone opting in to such a tariff will require a new IHD.

The SMETS2 meters also have a minimum 5 channels of Auxiliary Load Control Switches with which we can run stand-by devices such as washing machines, storage radiators and immersion heaters. Since ALCS-enabled versions of these units don't yet exist, customers will have to buy 3rd party ALCS with which to connect their existing devices... which we will need to pair without reference to OVO.

The whole strategy behind SMETS2 is based on users connecting all manner of things to their Communications Hub via the Zigbee Home Area Network (HAN). There is no way Ofgem/DCC/GCHQ would've approved the design of SMETS2 meters if they could be compromised using something connecting on the HAN.

Reply