Thursday, December 5, 2013

Beroset on AMI and Smart Meter Security Considerations - Late 2013

Ed Beroset is the Director of Technology and Standards at one of the main smart meter making companies, Elster, and I've had the good fortune of meeting him on several occasions when both had speaking duties at grid security conferences. In this case, tech director also = security strategist and spokesman.

Recently, as I've started to prepare myself for work with Greentech Media's Grid Edge council, I wanted to check up on the current state of security thinking around AMI and smart meters.

Lo and behold, here's Ed who just put it down in pixels with 3 questions to ask yourself, along the lines of what are you protecting and why, and 7 to ask your vendors.  In the latter category, I particularly like #1 and the advice that follows:
What security measures does your system employ? 
Don’t settle for vague or imprecise answers to this question. Any reputable vendor will be able to give you a clear and detailed answer. Furthermore, don’t accept the excuse that the security measures are proprietary and top secret. As any security expert can attest, in modern systems, it is not a secret algorithm, but a secret key, that ensures security.
This may be more advanced than your typical energy sector start-up is ready for or need be ready for, but it's a good example of the types of scrutiny mature product suppliers like Elster have come to expect as a matter of doing business with increasingly security-aware customers.

You can read the full article HERE.

No comments: