Securing the smart energy revolution

Last updated: 17 August 2022

The potential of the IoT to make consumers’ lives more convenient is well-documented. One area in which it can deliver immediate benefits and significantly change how a household or company manages and keeps track of its energy use is smart metering.

Rather than rely on estimated energy use to calculate bills, or physically visit customers’ homes to take meter readings, a smart meter allows energy suppliers to have a real-time view of a household’s or business’ energy consumption – resulting in more accurate billing. Smart metering systems also open up opportunities for better management of the demand and supply of energy. Utilities can track energy which is stored and available for purchase for other players who are in demand. Today’s systems no longer rely on just fossil fuels, but also on renewable energy, that more and more parties produce and sell, when not using it for their own consumption.

Watch this video to understand the changes the energy ecosystem is going through:


However, as with any connected device, there are security considerations. And since energy grids are critical national infrastructure, robust protection is paramount. With European Utility Week conference taking place this week, here’s a look at some of the unique challenges smart metering poses.

A highly-motivated cyber target

National energy infrastructure is a prime target for cyberattacks, and the consequences, as seen with the recent Stuxnet attack, can be devastating.  Black outs across entire countries, access to personal data and even to nuclear power plants make the smart energy ecosystem very attractive to cyber actors. Smart meters and smart grids present many potential routes of attack for criminals, which must be protected.

This is why governments including Germany, France, the United Kingdom and the United States are responding with initiatives that mandate specific protection protocols for smart grid deployments. Non-compliance could prevent access to the marketplace or lead to costly fines.

Smart meters have a long product lifecycle…

Smart meters won’t just be installed for a couple of years and then be updated – the intention is for them to last as long as 10-15 years. This means that advanced security processes need to be in place to replace ageing keys and to enable remote credential management, along with strong encryption and authentication tools to ensure that only authorized parties can access the energy assets and their data.

…And are often hard to reach

Smart meters can also be very difficult to access. Deployments are very wide – spread out over an entire country or even further – while the devices themselves are put into walls, behind locked doors or in physically remote locations such as mines or offshore sites. These make regular maintenance visits difficult, time consuming and costly. For these reasons, the ability to remotely monitor smart meters appear as crucial, to continuously protect the ecosystem in the long-run.

A dynamic market

Lastly, the energy market changes quickly. New entrants join the market frequently, while others disappear. The smart meter ecosystem has thus to be configured so that only authorized organizations and applications have access to metering data, and that changes to access can be applied instantaneously, whenever needed.

As smart meter manufacturers might not be IoT security experts, partnering with digital security specialist firms can avoid putting AMIs (Advanced Metering Infrastructures) at risk.

At European Utility Week, we’ll be on hand to explain how we address end-to-end security of the smart energy ecosystem, showcasing dedicated solutions that provide encrypted keys and hardened key storage into smart meters, right from the manufacturing steps, as well as our credential lifecycle management solutions, which can strongly authenticate assets and provide access only to authorized players.

If you’re at the show, please come and visit us at booth 1F17 to learn more.

Leave a Reply

Your email address will not be published. Required fields are marked *