Smart electrical grids more vulnerable to cyber attacks

Amsterdam, August 16, 2017

Electricity distribution systems in the USA are gradually being modernized and transposed to smart grids, which make use of two-way communication and computer processing. This is making them increasingly vulnerable to cyber attacks. In a recent paper in Elsevier’s International Journal of Critical Infrastructure Protection, Dr. Sujeet Shenoi and his colleagues from the Tandy School of Computer Science, University of Tulsa, US, have analyzed these security issues. Their report provides crucial keys to ensuring the security of our power supply.

"Sophisticated cyberattacks on advanced metering infrastructures are a clear and present danger," Dr. Shenoi pointed out. Such attacks affect both customers and distribution companies and can take various forms, such as stealing customer data (allowing a burglar to determine if a residence is unoccupied, for instance), taking power from particular customers (resulting in increased power bills), disrupting the grid and denying customers power on a localized or widespread basis.

The potential impact of smart meter bricking attacks on fifteen of the largest U.S. metropolitan areas

Advanced metering infrastructures can extend over a large geographic area. They consist of smart meters in homes, businesses and elsewhere (e.g. traffic lights), and meter data management systems. Data collectors act as intermediaries between the meters and the data management systems.

To assess the potential consequences of a cyber attack on an electricity meter infrastructure, Dr. Shenoi and his colleagues analyzed an advanced metering infrastructure that consists of over a million smart meters, over a hundred data collectors and two data management systems. The security analysis provides a detailed evaluation of the infrastructure’s ‘attack surface’ (points in the system that are vulnerable to attack), targetable elements in the system (such as data collectors), and the potential attack types and their impacts.

“The most devastating scenario involves a computer worm traversing advanced metering infrastructures and permanently disabling millions of smart meters,” noted Dr. Shenoi. Such attacks already occur: in December 2015, for example, the Russian hacker group Sandworm successfully attacked the Ukrainian power grid, disrupting power to more than 225,000 customers. Plant operators restored power within six hours by manually resetting the circuit breakers, but in the case of disruption in major US cities, this would take much longer. “Damaging a few million smart meters would cause a power outage in a large geographic area that may last anything from several months to over a year," said Dr, Shenoi. This is "because of the limited production and inventories of smart meters and availability of technicians.”

Advanced metering infrastructures' scale, diversity and complexity make them particularly difficult to analyze from a security perspective, but also for the utility personal to be fully trained to face such events. They are also continuously evolving in terms of scale, topology, technology (hardware, software and firmware), functionality and security controls. This makes this analysis essential to understanding the security landscape. It lays the groundwork for further research creating a framework for robust risk management programs tailored to protect individual metering systems, but also for the utility personnel to become more efficient thanks to a better comprehension of the threat environment of the new metering infrastructures.


Notes for editors
The article is “Security analysis of an advanced metering infrastructure” by Aaron Hansen, Jason Staggs and Sujeet Shenoi ( It appears in the International Journal of Critical Infrastructure Protection (2017), published by Elsevier.

Copies of this paper are available to credentialed journalists upon request; please contact Elsevier’s newsroom at or +31 20 485 2492.

About the International Journal of Critical Infrastructure Protection
The International Journal of Critical Infrastructure Protection (IJCIP) covers all areas of critical infrastructure protection, including information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. It focuses particularly on articles that combine science, technology, law and policy to create sophisticated yet practical solutions to secure assets in these sectors.

About Elsevier
Elsevier is a global information analytics business that helps scientists and clinicians to find new answers, reshape human knowledge, and tackle the most urgent human crises. For 140 years, we have partnered with the research world to curate and verify scientific knowledge. Today, we’re committed to bringing that rigor to a new generation of platforms. Elsevier provides digital solutions and tools in the areas of strategic research management, R&D performance, clinical decision support, and professional education; including ScienceDirect, Scopus, SciVal, ClinicalKey and Sherpath. Elsevier publishes over 2,500 digitized journals, including The Lancet and Cell, 39,000 e-book titles and many iconic reference works, including Gray's Anatomy. Elsevier is part of RELX, a global provider of information-based analytics and decision tools for professional and business customers.

Media contact
Elisa Nelissen
Communications Officer, Elsevier
+31 622 73 50 02