Smart metering is certainly one of the largest deployment of IoT devices, with ongoing roll-out in several regions including the US, Japan and China, or about to start, as in several European countries or India.
Each deployment has its own characteristics in terms of system architecture, but usually three types or class of architectures can be identified:
- Open, de-centralised architecture in which meters of different types are connected to a residential gateway, itself accessed by different service providers (energy retailers but also potentially others)
- Closed, centralised architecture where meters communicate with a residential hub connected to a central back-end system managed by a single entity. The back-end routes the data to/from different energy retailers
- Closed, centralised architecture where meters connect to data concentrators (typically located on the streets), collecting and aggregating data from typically hundreds of meters (usually thru power-line communications, cellular or Sub-GHz radio technology) and communicating consolidated data to the back-end
In terms of security, the first architecture will require, in particular, the implementation of strong access control mechanisms to insure Privacy of data, as well as selective access to different data sets. This will require strong authentication to support differentiated role-based access control (multi-tenant platform), as well as platform ownership management and administration. The (SW) integrity of the gateways will be essential to prevent any data leakage or loss of control.
In the second architecture, the centralised collection of data in the Cloud from a large collection of endpoints makes the protection of such a data centre very important, leading to the need for end-to-end secure connections (meter to back-end), as well as strong authentication to the back-end system with secure distribution and management of hub and meter credentials.
In the third case, the use of data concentrators in potentially exposed locations and controlling a significant number of endpoints, will require strong protection of credentials, as well as countermeasures to verify, preserve and maintain the integrity of software running on the concentrators.
In all cases, it is essential to set-up encrypted and authenticated communications with the meters (endpoints) with integrity protection of SW running on the smart meters, especially when critical remote control functions, like a switch on electrical meters or valve in gas meters, are implemented. Java Card products are widely used in those scenarios to provide authentication and integrity services. They can be adapted to multiple system architectures by virtue of the programmability. Running on secure and certified hardware, Java Card applications ensure that physically exposed metering devices can protect their security credentials.