What is a smart meter gateway?

5 February 2019

Electricity from wind or sun is clean but, by its nature, pretty dependent on the weather. If we are to keep the lights burning in the course of the energy turnaround, the electricity grid of the future will need to be able to respond with flexibility to these fluctuations. To do so, it will need information about electricity generation and the consumption of individual households. Markus Bartsch from TÜViT explains the role to be played here by smart meter gateways, why their security is so crucial, and what makes them so unique internationally.

Because an EU directive dictates that 80 percent of households must be equipped with smart meters in every Member State, the law on the digitisation of the energy turnaround includes clauses on smart metering. In Germany we’re using the technology known as the smart meter gateway. This is a communication unit that connects the measurement systems for household electricity meters, shortly also to be followed by gas meters, with the provider of the measuring points. They can provide unfalsifiable energy data in a way that satisfies measuring device calibration law and which can also be used for the scaling of the smart grid. The gateways that are currently under development are primarily going to be used to provide information to users and for billing purposes. The first gateway of its kind was certified at the end of 2018 by the Federal Ministry for Security in Information Technology (BSI) on the basis of an evaluation carried out byTÜViT. The legally binding rollout will start as soon as three gateways have been evaluated and certified, which, from our perspective, can take place before the year is out. Households with an electricity consumption of more than 10,000 kWh will then be required to be equipped with these devices, to be followed as a next step by all households whose consumption is in excess of 6,000 kWh.

In the first instance, this has to do with data protection. Some years ago in the Netherlands, the rollout of smart measuring systems was halted for this very reason - after all, with high-resolution energy data it’s very easy to trace the consumption patterns of an individual household. What must also be prevented are manipulations of the measuring system by the consumer in order to minimise their electricity bill, as has happened, for example, in Malta. The third scenario relates to cyber-attacks against smart meter systems as a way of destabilising the electricity grid. In some European countries, remote-off switches, which can be used to unplug a household from the grid, have been built into the measuring systems. If a cyber-attacker were to be able to use a swarm attack to flip all the switches of all the households at the same time, the result might be instability in the power grid, leading in turn to a blackout. German smart meters gateways don’t feature such remote-off switches - not least because a high legal threshold needs to be reached here before the power supply to a household can be cut off.

To ensure privacy and security, the BSI has published protection profiles for potential manufacturers to which the latter must adhere by law in the development and production of smart meter gateways. We at TÜViT are, on the one hand, supporting the BSI and the Federal Ministry of Economics with the specifications of smart meter gateways and the systems required to operate them. On the other, we’re also testing the gateways and certain technologies connected to them. Of the nine smart meter gateway manufacturers currently listed in the BSI evaluation, six are being tested by TÜViT. Of three other security module producers charged with the development of the security chips installed in the gateways, two have been scrutinised by us. In this work, the testers rely on what are known as the common criteria (CC - ISO15408). This is an international IT security standard for software and hardware products, according to which, for instance, electronic ID cards, passports, health insurance cards, credit and debit cards are tested, alongside databases, operating systems and firewalls. These feature a predefined set of security functions - ranging from identification and authentication, access control, user roles and secure administration to cryptographic technologies. This tool kit was also used to define the protection profiles for smart meter gateways referred to above. The IT security evaluator - that is, the tester - scrutinises the entire manufacturer development process to establish whether the security technologies defined in the protection profiles have been correctly and effectively developed and installed. They then also carry out their own vulnerability analyses.

Nearly all the other measuring systems in the world use the AMI (advanced metering infrastructure) method, in which the measured values from not-so-smart meters are transmitted directly to the cloud of the measuring points provider and processed there. In the German smart meter system, the measurement data are prepared directly in the smart meter gateway connected to the measuring system: in other words, before they are sent to “third parties” such as billing service providers or distribution grid operators. These then get only the data which have been processed for their particular purpose. It’s for this reason that, in when it comes to data protection, we can say that, when the data leave a private residence, data protection requirements in accordance with the European General Data Protection Regulation are satisfied 100 percent by both default and design. It’s this that makes smart meter gateways so unique in comparison to other international systems. The idea realised in them of shifting the data processing and high security functions into the terminal devices could from our point of view serve as a blueprint for the entire Internet of Things. Until now, every manufacturer of smart lightbulbs, robotic vacuum cleaners and even of networked fire alarm systems has had to come up with their own security concept, a task which, even if attempted in the first place, often proves overwhelming. This throws the door wide open to cyber-attackers. Instead, it would make sense to install modules with pre-existing high security functionalities along the lines of the smart meter gateway into these devices to guarantee uniform, interoperable and mandatory security standards.