There’s been some buzz on the internet lately that the smart grid is vulnerable to hackers . This coincidentally came out after a security company issued a warning about a smart meter’s vulnerability to being hacked, which coincidentally came out a few days after Travis Goodspeed discussed how to hack the AES-128 encryption on an 802.15.4 radio. I covered his post last Sunday , a day before the security alert was released. And for those that don’t know what I’m talking about, 802.15.4 is the wireless communications protocol which is used for Zigbee, one of the main wireless communications methods being deployed in smart meters.

So before everyone’s panties get all bunched up, I thought I would make an attempt to clear things up about this AES-128 attack mentioned in Travis' blog post. Fortunately, since I run an independent Zigbee site, it gives me a little bit of leeway to comment on this somewhat murky topic that touches on two taboo subjects: hacking and discussing 802.15.4 without inserting marketing propaganda.

First of all, how did we end up like this? Well, first Travis Goodspeed posted on his blog that he was able to capture the AES-128 encryption keys on an 802.15.4 chip using a side-channel attack (thanks for correcting me on the terminology Robert). Then it got picked up by Hack-A-Day , which is actually an interesting website that I like to browse every so often to see who made the latest automated home beer brewer. Incidentally, the hack-a-day post got linked to so much that it knocked me off my #17 position on Google for the “Zigbee” search term and so, as of this writing, I’m sadly sitting at #18 (Damn you Google and my lack of SEO knowledge about Zigbee Zigbee Zigbee...).

Anyways, from Hack-A-Day, it got linked to by a bunch of others sites including some news outlets such as CNET and CNN . In fact, it even made the headline news on CNN whose reporters probably know nothing about Zigbee, 802.15.4, or hacking, but decided to carry the story with the theme that upgrading the smart grid is unsafe and can make it vulnerable to hackers. Ughhh…upgrading the PC communications infrastructure is also unsafe and can make it vulnerable to hackers. Hmmm...upgrading to eBooks with a Kindle is also unsafe and can let hackers browse your collection of Sweet Valley High novels (that Jessica is such a bitch)...

So first, let’s deconstruct this sequence of events and take a look at the source…how the attack on the 802.15.4 node was performed. According to Travis’ blog, it was done by sniffing the SPI bus which is an external communications bus carrying data from the microcontroller to the radio. The microcontroller in question was the MSP430 on a TelosB board, famously used in TinyOS wireless sensor networks. The radio was a Chipcon CC2420 which has since become a TI CC2420 since they purchased the company a few years back. The attack was a side-channel attack which meant that they exploited the actual hardware implementation rather than a vulnerability in the security algorithm itself.

When you’re configuring the radio at startup, the first thing you do is write to the registers. You do this to turn the radio on, set the channel that the radio will be operating at, the transmit power, etc. One of the things you will also need to do is set up the security since the CC2420 has an AES-128 encryption engine on-board the radio. This is to offload the encryption processing from the microcontroller since typically, 8-bit microcontrollers (think Atari 2600) don’t have a lot of computing horsepower.

When you go through the security handshaking procedure, you will eventually have to write the AES-128 keys to the encryption engine on the radio and it’s at this point that the vulnerability occurs. If you use an SPI sniffer such as the Beagle SPI analyzer, you can just capture all of the signals and then search for the address of the encryption registers. When you see SPI writes to the encryption key registers, you can pick off the data accompanying those writes and that’s where the keys are exposed.

Incidentally, the security company in the CNN article that said the meters could be hacked for as little as $500 in equipment were wrong.

IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials, and a background in electronics and software engineering, could "take command and control of the (advanced meter infrastructure), allowing for the en masse manipulation of service to homes and businesses." 

The Beagle SPI analyzer is $300. Just thought I'd drop some ghetto engineering knowledge...

However the blog post doesn’t mention the limitations on the attack they performed and this point should be understood. The first limitation is that the device must be authorized to join the network. There’s no way that the device will ever be able to obtain the AES keys from the trust center (errr…meter) unless it’s an authorized device, since the meter doesn’t like to hand out keys willy-nilly. Hence, there’s little chance that you can just take a random device, sit outside of someone’s house, and hack into their network using this attack. It would have to be an inside job since smart energy devices will most likely require pre-installed keys and authentication information to identify the particular user.

The other limitation is that the device would have to use a separate microcontroller and radio, hence it can then have its SPI bus exposed with its nibbles flapping in the wind. However the Zigbee smart energy transceiver market is pretty much dominated by a company called Ember who decided to include the microcontroller and radio inside the same chip in which case, the SPI bus will not be exposed because it won’t exist.

Okay, so say some smart energy device manufacturer is using a separate microcontroller and transceiver. Incidentally, this is my favorite configuration because you can be free to choose the microcontroller (I like ARM’s, and I don’t mean that as a fetish) and the radio. Will this evil meter cause the downfall of all the people browsing facebook in the free world? Uhhh…no. This is because when the smart energy device joins the meter’s local network, it will receive a specific key for that device only. That key will only be valid to communicate with the trust center (err…meter…again) and can’t access any other device in the network. As mentioned on the other news sites, getting on to the local meter’s network will not give you access to all the meters in the nation. Hell, the utility companies can’t communicate with each other, even if they wanted to. If some enterprising hacker could pull that off, they should be running our utilities.

So let’s say that some metering manufacturer accidentally designed a meter with this particular vulnerability. And also, let’s say that some hacker stole some poor family’s power meter, leaving them in the dark and unable to watch the Daily Show with John Stewart and that funny episode where he trashes Jim Cramer, and proceeded to take that meter apart and get a key to communicate with the utility. Oops…Zigbee isn’t used to communicate with the utility. Most likely the meters will be using either powerline networking or some cellular technology for the backhaul communications to the utility. So this would be a dead end for the enterprising Zigbee hacker and he’d have to call on his reinforcements in the powerline or cellular industries to finish the job.

Don't take this the wrong way. Travis Goodspeed has a history of hacking (in the security sense) embedded devices and revealed many vulnerabilities that exist in the TelosB motes. He also exposed a lot of the vulnerabilities of TinyOS using these motes, including numerous buffer overflow attacks which since have been fixed.  It wouldn't surprise me if he found another one in a commercial stack. Also, his partner Aurelien Francillon wrote an article on how to create a worm and inject it into embedded Harvard architecture microcontrollers like the ones on the MicaZ motes. This in itself is pretty impressive since buffer overflow attacks usually assume a von Neumann architecture so you'd have to do some backflips with your assembler to get this to work.

What it all comes down to is that communication stacks needs to be designed in such a way that they are secure. This mostly entails protecting the data path to disallow buffer overflows which are the normal entry points for attacks (ie: enforcing maximum buffer size limits in code and checking them) but as Travis pointed out with the side-channel attack, there are other vulnerabilities that could be exploited as well. And for the record, I'm pretty sure my stack is going to get hacked just for the sheer irony of me writing this post...

So the point is that hacking any communications protocol is possible, but contrary to the claims of the security company, the hack is not practical for taking over the nation's energy infrastructure. All the meters are not connected by a local RF protocol as is assumed by the security company that published the alert. This is because there will be a variety of microcontrollers and communications protocols to handle the local wireless network, the local powerline network, and the backhaul to the utility. Contrary to the claims in the quote above, it won't be possible to take over a bunch of meters with Zigbee alone, because you would also need to compromise the backhaul as well. This will probably be difficult because I don't think even the utilities can agree on what the backhaul technology should be. The worst a hacker can do is attack a single meter if it fits all the limitations, and then it would just severely annoy their neighbor and this is assuming that the hacker can obtain the authentication codes for that residence. Instead of holding up the smart grid buildout until a committee can decide on security standards, which would be even more disastrous and possibly more vulnerable to hacking, we should be simultaneously testing the meters for vulnerabilities and updating the firmware to fix those that are found. We can't let fear stand in the way of progress...unless it involves AIG and Wall Street bonuses...

TrackBack URI for this entry

Comments (12)

Subscribe to this comment's feed

Great Response
written by Juha, March 23, 2009

Great response, good and full of information as usual. Enjoyed reading through the details, thanks for writing it down.

report abuse

vote down

vote up

Votes: +0

The security of embedded systems
written by Aurélien Francillon, March 23, 2009

Thanks for the nice review,
Actually those smart meters can be seen as a kind of wireless sensors networks.
This is a challenging research area on which I'm currently working, my objective is to
both analyzes their security and find protocols and techniques to secure them. I just want
to make clear that this work (Code injection on Harvard architecture devices, I
can't really comment on Travis work on smart meters) was mostly motivated by
actually showing that the threat is real, in order to motivate security to be really
considered at design time. Like in the wireless sensor network model the smart meters
have an inherently difficult to secure. Due to cost reasons they are not tamper resistant
and do not have the capability to perform public key cryptography. This makes key
distribution difficult, one one hand you can have one key for each device but this does
not scales well this makes key management very difficult on the other hand having the same key
for all the devices is dangerous. If ever one device is compromised all the devices or
communications can be compromised. There are trade-offs possible, yet it remains a difficult
problem in practice.


Back to the smart grid I think this kind of attacks are actually very
useful in order to bring security in the front line to products designers. IMHO this kind
of attacks will not derail the move toward a smart grid but could actually make designers
start right and consider security seriously. It's still time, if large scale atacks with
malicious intent would be performed when such technology were largely deployed that could
really derail the smart grid.

Aurélien

report abuse

vote down

vote up

Votes: +3

...
written by Akiba, March 23, 2009

Thanks for the clarification. I was also informed by someone close to the security work that the alert regarding the smart meters was not the side-channel attack but in fact a more serious vulnerability that allows a worm to propagate. I still don't have a lot of details, but if that's the case, then this post was written too hastily. I can't even say for sure that it involves Zigbee or 802.15.4 anymore because propagation would mean that the backhaul was compromised. There are some serious consequences regarding national security if something like this was let out of the gate too early and I should have taken that into account. I believe that more details will be coming up soon and I'll try to keep everyone informed as this unfolds.

report abuse

vote down

vote up

Votes: -3

Public Key crypto in smart meters
written by Robert Cragie, March 23, 2009

Aurélien states that smart meters don't have public key cryptography - not necessarily true. ZigBee Smart Energy profile meters use certificate-based public key cryptography based on ECC. ZigBee Smart Energy security has also been audited by a major organisation, which is available to ZigBee members.

Whilst cybersecurity and crypto is of course important, it is just as important to focus on the non-crypto aspects as well. Let's face it, if a few select pylons were blown up, it could cause major havoc. And no amount of crypto is going to protect against that. Similarly, meters have to be tamper-proof and the underlying circuitry difficult to hack. The UCA IUG through AMI-SEC (amongst others) has put a lot of effort into specifying a comprehensive set of requirements and use cases covering the whole gamut of security considerations for the Smart Grid.

There is a very large industry out there who makes lots of money spreading FUD about cybersecurity so the Smart Grid will inevitably be on their hit list.

report abuse

vote down

vote up

Votes: +2

thanks for a sane response
written by Ed Beroset, March 24, 2009

Even among the security conscious folks, I find that few of them also have deep understanding of embedded systems, and particularly meters, so many of the security stories and recommendations are skewed to IT-centric solutions which aren't practical for embedded systems. There are, however, many things that do translate: e.g. use of static code checking with tools like splint http://www.splint.org and holding code reviews, etc. Also, there's a lot of good research being done on wireless sensor network security, which, as Aurélien Francillon pointed out, has a lot in common with this problem.

report abuse

vote down

vote up

Votes: +2

On public key cryptography availability
written by Aurélien Francillon, March 24, 2009

Robert,
I admit that I'm not following closely the evolution of various Zigbee specifications,
and I will have a look at the smart energy profile, thanks for the hint.
Still, the availability of public key cryptography is a question of tradeoffs, cost/energy vs security.
I didn't mean that it's impossible to have public key crypto in smart meters, and that would
actually make a lot of sense.
Aurélien

report abuse

vote down

vote up

Votes: +0

The problem is physical key security
written by Ken, March 24, 2009

I have some background in security in banking system, namely ATM machines, where key security is taken very seriously. The attack mentioned in this article is a very basic physical attack on a device to determine the key due to a bad security architecture. Transmitting security keys in the clear (even inside an embedded device) is a huge security risk and would never pass even the most basic security assessment.

The issue is more than just using an external 802.15.4 transceiver for the security portion - any device that has an embedded security key is a risk. It doesn't matter if it's symmetric or asymmetric (public/private) key - if someone can have physical access to the device it is possible to get the key out of it. Embedding the key and all the crypto functions inside the micro is a deterrent but by no means is a failsafe way to protect the key.

The question is - by giving someone physical access to a device that has a security key, what are the mechanisms that prevent that person from determining what that key is? Can they use JTAG to read the key out of the micro? It is stored in non-volatile memory (EEPROM / Flash)? Even if the device is code protected, what's to stop someone from taking off the chip and getting direct access to the memory (it's not as hard or expensive as it might sound).

With an ATM machine, the keys have to be stored in volatile memory. The device also has to have multiple physical security mechanisms that prevent someone from getting physical access to the crypto section - ie if someone opens up the case the keys are erased. The device has to pass multiple independent evaluations and security checks before being approved for use.

In the wireless metering case, If these keys are so important what's to keep the technician who originally loaded the keys in the system from selling them to some terrorist organization for a few bucks? Whether through bad design, malicious human activity, or just basic human error - you have to assume the keys will get out.

The big question is - who cares if someone gets the keys to this? If someone does figure out the security key inside a sensor node in their home meter, what can they do with it? Can they really "hack" the grid? That's the important part of the security design of these sensor networks - if someone does gain access (and they will), what is done to minimize the effects? Inserting malicious packets such as the worm described into the network should not propagate through the entire system, it should be localized (by the good network design) and detected.

report abuse

vote down

vote up

Votes: +3

...
written by Akiba, March 25, 2009

Thanks for the insight Ken.
Also, if you're following the comment thread, I got some feedback from people that are involved in this investigation, but I can't mention too much without causing problems for them. They didn't reveal much anyways, but they did point out that my initial assumptions were wrong and they hinted at some complaints about SCADA. The security company has been working on this for about a year, and I suspect the company was contracted by the same government agency that put out the general call to Zigbee and other groups to organize the smart grid effort. Hence, it seems that I took this issue too lightly in my post. My personal suspicion is that they discovered multiple vulnerabilities, including the 802.15.4/AES attack that was mentioned. They also could have chained those vulnerabilities in creating the worm, hence it could be a system issue and not just with one protocol in particular. Unfortunately, I don't know much more than that, but it was hinted that there would be a follow-on press release with more details so I'm waiting for that before I clear up the air on my "clear up the air" post.

report abuse

vote down

vote up

Votes: +0

...
written by Robert Cragie, March 25, 2009

Great response Ken, which puts it all into context very well. Strangely enough, it's sometimes difficult to convince people that no matter how strong the cryptographic security, it can be severely weakened by poorly-specified systems with regard to non-cryptographic security.

report abuse

vote down

vote up

Votes: +0

physical key security in meters
written by Ed Beroset, March 26, 2009

Interesting comments, Ken. In particular, the answer to your question, "can you really hack the grid from a residential meter?" is assuredly "no, not even close" in my experience. Physical key security is important, of course, but solutions that work in an ATM are impractical for a meter. Consider that the typical residential meter costs less than $100 and is mounted on the side of somebody's house. How physically secure could you make a $100 ATM mounted to the side of my house? There's a physical security seal that the utility applies, but this is to allow detection of tampering, and not to prevent it. As I'm sure you'd be able to guess, JTAG port access to memory is typically disabled during manufacturing by setting a security bit which permanently disables access. Competent people within the industry encrypt stored keys within the device, but key distribution "in the small" is only a slightly less difficult problem than key distribution across the system. Storing keys in volatile memory can work in some instances, but consider the case when there has been widespread outage due to ice storm or hurricane. When power is restored, it's useful for the devices to report this. If the key had been stored in volatile memory, it would be gone by that point so one is left with either reporting restoration in the clear or reprovisioning keys in a system that is already known to have suffered major damage. As with any engineering task, there are many tradeoffs and few answers that are both obvious and correct.

report abuse

vote down

vote up

Votes: +1

Re: physical key security in meters
written by Ken, March 26, 2009

Ed,

I agree with your comments - for cheap meter nodes it's not practical to implement the physical key protections that are used in higher end systems (like ATM's). Keeping keys in volatile memory is a pain for the reasons you mention - you need batteries and if for some reason the keys get erased it's a maintenence nightmare.

My point is that in every case (including ATMs) you have to assume the keys can get out. And when they do get out, what is the damage that a malicious person can cause with this information? If someone knowing the keys can take complete control over the system, you have a big, big security problem. But a well designed system will attempt to minimize the effects of this and (hopefully) allow detection of the malicious activity.

report abuse

vote down

vote up

Votes: +0

...
written by hany teylouni, April 14, 2009

Cripto or not, there are some real issues.Ther are two fundamental entry points. First by hacking the wireless signal (zigbee) between the various devices measuring consumption, the meter (colleting info from the various devices attached to the appliances) and wherever the utility is locating a receiver end-point (connection the backhaul). The second way is by hacking into the utility network.
Let's not forget that the idea is to have a two way communication mechanism from the plant to the consumer and vice-versa so that the utilities can help "optimize" consumption and peak load demand.
Larger utilities might have the means (and brains) to secure their networks, but experience has shown us that fairly large and secure networks can and have been hacked (refer to TJX, or more recently a major credit cart payment system).

report abuse

vote down

vote up

Votes: +0

Show/Hide comment form

Name

Email

Website

Title

Comment

smaller | bigger

Subscribe via email (Registered users only)

I have read and agree to the Terms of Usage.

Write the displayed characters

Add Comment