My energy company is wanting to fit a smart meter.
We don't struggle to pay our bills, pay by DD and I am interested in reducing our energy use where possible.
Other than the loss in jobs for meter readers is there any reason NOT to have one fitted?
Google them . Overall they seem unreliable with little advantage to you.
if you later decide to change providers your meter probably won't be compatible.
Gaping security flaws with close to outright lies told by the industry about the flaws. Improved since GCHQ put a stick up their arse but still a joke. Make absolutely no difference to energy consumption after a few months of staring at the numbers. Likely to be obsolete or broken decades before conventional meters. Gives the ability to disconnect your power under remote control - anyone who claims otherwise is either misinformed or a liar (this is covered in a parliamentary report).
The industry don’t won’t them, didn’t have the skills or approach to design and build them right but are close to outright false advertising to roll them out as the government are going to punish them for not doing it.
Suffice to say I don’t have one. Lest anyone dislike me for that - I’m saving you money. The cost of smart meters is charged to everyone’s utility bills including yours, the purported savings are largely a lie and are passed on only to those with such meters if they actually exist. Electricity company no longer has to physically switch meters to flip another poor sod to price gouging pre-pay, which must be nice for the company. Saves on the cost of a warrant as well.
> I am interested in reducing our energy use where possible
Smart meters are a sledgehammer to a nut for energy saving. They tell you nothing about what is using the power. Get a £15 energy metering plug and get in to the details yourself at the appliance level - that’s how you learn and improve. Chances are you’ll find almost no low hanging fruit and the major avenues left are thermal insulation to reduce heating and installing rooftop solar PV, neither of which a smart meter helps with. Some smart meters can’t cope with power being exported eg from solar...
Even if I believed in the “power of smart meters”, I’d hold off having someone mess about in my kitchen for another 5 years or so; “vehicle to grid” is starting to energy as a form of distributed battery storage and “virtual power plant”. But the integration of “smart” components isn’t really there; I’d wait and see what’s going to happen before replacing a perfectly simple and functional meter with another one - at environmental cost - for no anticipated savings.
Very useful post, thanks
I know that this is going against the grain of this thread, but...I really like ours. We've had it for a couple of years. It sits unobtrusively in the kitchen and has given me a real insight into what uses the power in our house. I have it displaying the instantaneous electricity usage (pence per hour) and it's quite an eye opener for me as to how much power the multitude of electrical goods do (or don't!) use.
Having said that - it does sound completely mad that they're not compatible across energy suppliers!
So when it's said that they aren't compatible across suppliers, what that means is they will not be able to automatically transmit usage to a new supplier. They'll still continue to do what you find useful, which is to tell you instantaneous and daily usage.
I've found mine helpful too - it's allowed me to track down a few things that were consuming more power on standby than I'd expected. But the fact that they don't retain their primary purpose of telling the electricity company your usage once you switch suppliers is just batshit.
I know electricity is expensive so I'm already doing my best to reduce consumption. I don't need a smart meter to do this. Also I suspect it won't be long before smart meters will be used to facilitate time sensitive charging, ie prices will rise during periods of high demand.
How do they transmit the info to the energy company?
I thought the latest ones were designed to work with different providers?
We don't have one, as said above its only a matter of time before the powers that be start messing with the supply and I can't see any benefit to having one.
We turn the lights off, only boil enough water for a brew, don't run the washing machine unless there is a full load and all our appliances are AAA rated. It wouldn't matter what it was saying because there isn't much we could reduce anyway. Energy costs money and I'm a tight arse.
If you are on a dual meter and you live in a flat, there’s a chance they’ll fail to replace it.
My supplier insisted on me getting a smart meter, so I did that. The first engineer was rescheduled and subsequently late, showed up way after 6pm, looked at the meters and said “I am not doing this, ain’t trained for that” and just buggered off. Not exaggerating!
The second engineer was a bit nicer, but he told me that our meters are all connected in series, so only Scottish Power can replace them, by replacing them all in the close. Got £30 from the supplier as a compensation.
My tariff (cheapest with the current supplier) is meant to be smart meter only with an exception that it is applicable to homes where smart meters can’t be installed. I’ll keep using that...
I have elec and gas smart meters. I like them. Will probably move to time of use tariffs when I get fully a electric car - not worth it with plug in hybrid.
Since I worked in Energy IT for many years I know a fair bit about them. I insisted BG fit SMETS2 smart meters (the ones that don't go dumb when you switch suppliers). Smart meters considerably strengthen my hand when I want to beat my supplier up for stupid increases in my monthly DD. At some point they may even stop these games but I'm not holding my breath.
Your supplier probably has a large stock of unused SMETS1 meters (the ones that do go dumb when you switch) they will try and palm off one of these on you.
If you live in certain areas or property types SMETS2 meters can be problematic. YMMV.
> How do they transmit the info to the energy company?
Over the mobile phone network. I.e. they have mobile phone telephony built into them.
Part of their appeal is supposed to be the simplicity of operation in terms of no more readings needed. If your meter isn't transmitting to your new supplier you have to provide the readings or let someone do the reading, I would imagine. I certainly found it annoying to be told that we would have to have a new meter when we changed suppliers.
> ... I certainly found it annoying to be told that we would have to have a new meter when we changed suppliers.
It is absolutely unbelievable to me that the system could have been designed in that way - but it does appear to have been.
I think you may be making a faulty assumption 😁
I work in the Electricity supply industry and I'll never have one fitted.
We have a smets2. It has enabled us to use Agile Octopus which is a pricing scheme that varies over the course of the day, a bit like the old Economy 7 but rather than being fixed periods, the prices are published the day before and you adjust your usage as you see fit. The highest prices are always 5-7pm when a unit is often 25p or more. Get in the habit of putting the oven on for dinner at 7pm and the price drops to 10p or less. Run the dishwasher and washing machine at 1am on a timer and the price is around 5p. On a sunny day there is often a price dip around midday too if you want to do a second load.
This strategy is good for the environment as it uses the energy from wind and solar when it is available, and reduces the necessity of firing up a gas turbine power station to cope with peak demand.
The smets2 is also compatible across suppliers. Most of the criticisms in this thread apply only to its predecessor - don’t get a smets1.
edit: oh yes, a few times a year there is the fun event that is plunge pricing, where they pay you to take the electricity away, so you can have fun and games turning the kitchen into a sauna and mining bitcoin.
I've got one that I inherited from the last owner. I've also stayed with the same energy company SSE. I was surprised when they sent someone out to read my meter last week and I asked the reader why. Wouldn't the info be sent to them directly from the device? Apparently they like to check as they don't seem to trust the accuracy of their own devices! Maybe scallies have learned how to rig them! I watched mine for a short while but haven't really seen how I could cut down usage from the information it's giving me. The heaviest drains on power are not things that I use for long periods eg kettle, shower, microwave, electric hob. All bulbs bar one are low energy. The smart meter readings are interesting rather than useful, to me at least.
> This strategy is good for the environment as it uses the energy from wind and solar when it is available, and reduces the necessity of firing up a gas turbine power station to cope with peak demand.
Not actually true at present. A cursory look at Gridwatch shows that gas (CCGT) is running 24x7. As an individual it changed what fraction of your power is renewably sourced. In terms of total emissions it just shifts when a CCGT plant fires up. The situation you describe may well become the reality in 5+ years time for ~8 months of the year as solar grows in prominence - except in winter. In the mean time the economy such demand shifting will enable is fewer total number of CCGT plants but the same total emission. Well, excepting that we have to keep them for the winter.
Edit: What can improve emissions is demand shifting to reduce losses in the transmission lines - these are quadratic with demand and depend on the locations of generation and use at any one moment. Lots of scope for efficiency improvements but no idea if this is being done!
I’m a great fan of smart demand shifting and pricing to go with it. I’m not however having a meter with a remote controlled disconnect relay in it installed for the unrelated benefit of smart demand shifting. OVO are now trialling one where they pay customers for access to EV battery supplied energy in a vehicle to grid which goes well beyond demand shifting and I think is a really important part of subsiding EV ownership and stabilising a more renewable heavy grid.
> I work in the Electricity supply industry and I'll never have one fitted.
What are your reasons?
I don’t trust them. Someone somewhere having control over my Electricity supply without my knowledge, and being able to change things without my say so - No thanks.
I always assumed that someone else always had control over my electricity supply, ultimately, same as with water and gas.
You can’t wind the gas meter back with a hoover if it’s a smart meter and if you’ve got a smart electricity meter you can’t stop it winding with a big magnet while you’re hoovering the gas back
> I don’t trust them. Someone somewhere having control over my Electricity supply without my knowledge, and being able to change things without my say so - No thanks.
Out of interest, what do you imagine is happening on the other end of the wire that comes to your house now?
> Out of interest, what do you imagine is happening on the other end of the wire that comes to your house now?
What’s not happening currently is individual control at the per house level through a centralised IT network. Currently a hacker can only take power out of my house by taking out a whole chunk of County Durham or by cutting through the live wire coming from the pole.
It’s connected to the main cable in the pavement, along with every other service cable.
No. Electricity is always on. It’s only the meter that controls how much you pay. There could be someone remotely altering the meter without my permission.
I don’t want that happening.
On the contrary, the SMETS1 meters were DELIBERATELY designed not to work when you changed supplier; the suppliers love that, because it creates a barrier to people changing supplier. The newer SMETS2 meters are designed to work when the supplier changes, but suppliers will continue to roll out SMETS1 until the Government stops them, which it won’t do, because the National roll out targets would be missed.
I've got one (well, two), it's great. It sends the reading in and I get correct non-estimated bills each time. No issues at all.
In reply to NERD:
> It'll stress you out every time you boil the kettle.
If you don't just put the energy meter away in a box after the initial novelty period, which I did. You don't have to use it.
> if you later decide to change providers your meter probably won't be compatible.
The new provider can replace it of course.
> How do they transmit the info to the energy company?
They have a SIM card in them, so via the mobile networks. I think some can also connect via your wi-fi if you don't have a signal in your area.
> So when it's said that they aren't compatible across suppliers, what that means is they will not be able to automatically transmit usage to a new supplier. They'll still continue to do what you find useful, which is to tell you instantaneous and daily usage.
Outside of the novelty period I don't really find that useful. The useful bit is not having to read it myself to avoid estimated bills. Fit and forget.
Now that I've understood Wintertree's explanation about remote hacking I understand your point about not trusting a smart meter.
I was just quibbling about a sentence like "Electricity is always on". Probably something to do with last month's 12 hour outage which still hasn't been explained properly.
There'll always be faults. But beyond where the fault actually is, the Electricity is still on.
Someone (Energy supplier) having the facility to remotely switch off my Electricity via a smart meter, for whatever reason, isn't something I think is a good idea. JMHO.
> The new provider can replace it of course.
Anything is possible, but it would be nuts if these meters needed to be replaced whenever anybody changed supplier.
I do think it is silly, but it is neither a reason not to get one nor a reason not to switch providers.
> It’s connected to the main cable in the pavement, along with every other service cable.
No every cable. For some strange reason in our old house the mains came in through the floor in to what I assume was a main fuse that had 2 outputs, one went to our meter and one went through the wall to next door to their meter.
> No every cable
Our old house had a single cable coming in to the loft from the downhill side of the terrace, splitting at a junction box and carrying on to the uphill house. Thankfully it was long since inert. No earth wire and the other two were jointed by twisting all 3 together and screwing on a ceramic cap with a spiral groove in it that tightened the twist. I imagine a lot of people used to get electrocuted back in the day...
> No every cable. For some strange reason in our old house the mains came in through the floor in to what I assume was a main fuse that had 2 outputs, one went to our meter and one went through the wall to next door to their meter.
Semi detached by any chance. It was pretty standard practice to run one service cable onto the party wall of the pair of semis and feed the other semi off the same service cable. Saved wire back in the day.
Back to back terrace.
I woulds never have one fitted. There have been quite a few reports where fuel bills have gone up, some considerably. I am also concerned about the health effects of EMF's, Lloyds Insurers of London has excluded from their policies any negative health effects caused by wi-fi technologies.
As regards deliberately designed "never explain as a conspiracy that which can be adequately explained as a cockup". SMETS1 design done in a vacuum because DCC design years late. Most SMETS1s are alleged to be firmware updateable to convert to SMETS2, but I'd trust that as far as I could throw it...
And the National Rollout targets have recently been changed so that SMETS1 installations don't count. They're just installing them to get rid of them. Don't disagree that suppliers love SMETS1 though.
> As regards deliberately designed "never explain as a conspiracy that which can be adequately explained as a cockup". SMETS1 design done in a vacuum because DCC design years late.
It seems quite difficult to get any detailed overall information on these systems. Where, for example, can I find a detailed description of the DCC? And, since the DCC seems to an integral part of the whole system, why was it 'years late.' (Or perhaps, why weren't the meters held back until it was ready?)
Has the roll-out of 'smart meters' been driven by externally-mandated deadlines?
> Most SMETS1s are alleged to be firmware updateable to convert to SMETS2 ...
Since that would obviously be a good idea, who has claimed that these devices are updateable, and how can we find out whether or not that's true? By which mechanism would any such firmware updates be applied?
The suppliers seem to believe there will be software/firmware to enable re-use of old smart meters - I was being pestered to take smart meters by Scottish Power last year but when I said I already had them, and it was just they were unable to read them, they said new software was on the way that summer. Heard nothing since, of course...
Perhaps you could stop them counting flow with a CB radio like the old petrol pump trick in the 1980s
> Since I worked in Energy IT for many years I know a fair bit about them. I insisted BG fit SMETS2 smart meters ...
How do you know that the meter was fitted is 'SMETS2' as opposed to 'SMETS1'? That is, is there any way to determine this by visual inspection, say? Or do you simply have to take the word of the person who is installing it?
> If you live in certain areas or property types SMETS2 meters can be problematic. YMMV.
What are the reported problems?
> The suppliers seem to believe there will be software/firmware to enable re-use of old smart meters - I was being pestered to take smart meters by Scottish Power last year but when I said I already had them, and it was just they were unable to read them, they said new software was on the way that summer. Heard nothing since, of course...
Thanks. We don't have a smart meter (a few years ago, we were being pestered like crazy to get one installed and, whenever anybody badgers me like that, my reaction is to say 'no thanks') but the overall situation seems both confusing and confused. I am now interested to find some detailed technical and political information about the entire business.
My reason for not having one relates to our solar panels. For those who don't know, you get paid for every unit of power you produce. You also get paid a feed-in tariff for how much of what you produce gets fed back into the grid because you aren't using it. But they don't know how much you feed in unless you have a smart meter, so in that case they assume you feed in 50% and pay on that basis. So if you manage to use more than 50% of what you produce you are getting paid more than you should. On a cloudless day in June we generate about 16kwh, much more than we can use, but on the average we probably use more than 50%. By thinking about when best to make bread, use the washer and dishwasher I'm convinced we benefit from not having a smart meter.
Oh, and we're bright enough to know which appliances use a lot without some machine telling us.
We have a SMETS2 meter. We needed to move our gas meter, and our supplier changed it when we did that. For us it has been "fit and forget" as someone else put it. We changed supplier a little later and it switched with no problems.
Our bill has gone down slightly as well.
> The cost of smart meters is charged to everyone’s utility bills including yours, the purported savings are largely a lie and are passed on only to those with such meters if they actually exist.
However, the savings from being able to remotely turn off a supply instead of sending a man out, and not sending a man out to read the meter every year or more often are considerable and counter the extra cost of the meter. We had a 'smart meter' fitted last week with no useful access to me, the customer; so that's not the reason it's being done here (Guernsey). We have a monopoly electricity provider.
A massive source of tax revenue is the tax on vehicle fuel.
When everyone is in an electric car - that revenue will need to be replaced.
Smart meters will be how it's done - all the new at home charging points being installed now have to have a smart meter attached - that way tax can be applied to the electricity used to power your vehicle.
> My reason for not having one relates to our solar panels. For those who don't know, you get paid for every unit of power you produce. You also get paid a feed-in tariff for how much of what you produce gets fed back into the grid because you aren't using it. But they don't know how much you feed in unless you have a smart meter so in that case they assume you feed in 50%
sadly the feed in tariff subsidy scheme has ended. New installations will only get paid for what they actually export, so smart meter required, but one can choose to receive either a fixed rate or the market rate after the energy firm’s cut.
> Oh, and we're bright enough to know which appliances use a lot without some machine telling us
we use ours to spy on the teens while we are out, if we have told them to run the dishwasher or do their laundry (we can tell the difference between the two devices by the shape of the curve), so we can remind them if they have forgotten.
> we use ours to spy on the teens while we are out, if we have told them to run the dishwasher or do their laundry (we can tell the difference between the two devices by the shape of the curve), so we can remind them if they have forgotten.
You could probably do the same - without recourse to gadgetry - by just looking to see whether or not the piles of dirty dishes (and/or clothes) have disappeared ...
> You could probably do the same - without recourse to gadgetry - by just looking to see whether or not the piles of dirty dishes (and/or clothes) have disappeared ...
I assume that you could monitor it remotely and send a text to remind them if the readings show that a diswasher, etc. hasn't been used.
> Smart meters will be how it's done - all the new at home charging points being installed now have to have a smart meter attached - that way tax can be applied to the electricity used to power your vehicle.
The reason for the smarts in new charging points is more about being able to rapidly load shed by temporarily disconnecting EV chargers.
It’ll be almost impossible to tax EV charging in the way you describe. Most EVs come with a portable charge point with a 13A plug on the end, and it’s perfectly possible to buy and install higher (or lower!) power chargers yourself. Open source hardware exists. A lot of draconian and basically unenforceable legislation would be needed to make it work. Further, with the incoherent mishmash of approaches to monitoring domestic micro generation it’s impossible for most houses to unpick the source of the energy charging the EV - grid or local?
Pay as you drive is probably more likely...
> I assume that you could monitor it remotely and send a text to remind them if the readings show that a diswasher, etc. hasn't been used.
I assume they could just plug in an electric heater....
I worked with a guy who was involved with a company doing the back end systems for smart meters, his opinion was the same, don't bother.
I foresee meter bypassing becoming a booming 'industry' in future decades!
> sadly the feed in tariff subsidy scheme has ended
I always saw it as a regressive tax, funding a nice guaranteed returns investment scheme for the wealthier home owners, so I can’t say I was sad to see it go.
It led to a booming marker for operators who “leased” rooftops keeping the FIT and reducing household bills a bit. We saw some roofs badly damaged by some of these firms when looking around houses, and I understand the business owners have now sold the roof leases and FIT incomes on to some pension firms leaving a cruddy situation with regards repair/support for the homeowners who were induced into the schemes. Several law firms are now working up cases on mis-selling by other cowboy solar operators. Plenty of backfiring and profiteering under the FITs regime...
> > sadly the feed in tariff subsidy scheme has ended
> I always saw it as a regressive tax, funding a nice guaranteed returns investment scheme for the wealthier home owners, so I can’t say I was sad to see it go.
> I assume that you could monitor it remotely and send a text to remind them if the readings show that a diswasher, etc. hasn't been used.
Correct, we are monitoring it while we are out for the day, to avoid the problem that we might get back after teens have gone to bed with no clean clothes for school the next day and a pile of dirty dishes.
There aren’t any other devices I can think of with similar signatures. Perhaps they could fake something similar by standing by the oven twiddling the thermostat constantly, but they aren’t the sort of teenagers who would do unnecessary work.
> Correct, we are monitoring it while we are out for the day ...
How do you arrange the monitoring? Can you connect to your smart meter over the Internet? Is that a standard feature of these devices?
Our energy supplier, Octopus, has a customer web page where you can see your day’s consumption as a graph.
there is an API as well if you want to program a klaxon to sound and a cage to spring up around the oven when the unit price gets high.
I've got one. Never look at it, but the great advantage is that I no longer have to go outside and battle with vegetation, and rain/snow, poor eyesight when trying to see the dial numbers which are plastered with dust and cobwebs, and find somewhere to put my pen and paper when kneeling in mud, whilst trying to read it when asked for a reading.
Hello Rob. Where can you find info about the DCC? - well their main external site is here - https://www.smartdcc.co.uk/smart-future/switching-programme/ but of course that's their view of the world.
The programme delivery date has gone back multiple times and the costs have gone up substantially. Typical of government IT programmes. Latest NAO report here - https://www.nao.org.uk/wp-content/uploads/2018/11/Rolling-out-smart-meters-Summary.pdf
The UK is the only country in the world that uses our smart meter infrastructure. Due to some highly questionable decisions taken during energy privatisation which mean that the foundations on which we deploy smart meters are far more complex than they are anywhere else.
How can you tell if a meter is SMETS1 or 2. You can determine by inspection if you know what you're looking for. Here is the simple way - https://community.purepla.net/threads/2883-How-do-I-know-if-my-smart-meter-is-smets-1-or-2
and if you really want to get into model numbers try this - https://www.smartme.co.uk/technical.html
SMETS2 smart meters use a totally new data network which is being rolled out. If it isn't in your area yet, you'll have problems until it is.
As regards SMETS1 to 2 upgrades, a quick google will give you the basics.
> Our energy supplier, Octopus, has a customer web page where you can see your day’s consumption as a graph.
Ah right, thanks. So the interface is with your supplier's website, rather than direct to your actual meter. How does the authorization for that website data work by the way: are you supplying a password or similar?
> there is an API as well if you want to program a klaxon to sound and a cage to spring up around the oven when the unit price gets high.
I like the sound of that!
> Hello Rob. Where can you find info about the DCC? ... snip ...
Thanks for all that information: I'll now take a read.
Yes, there is a regular account password, and a separate API key for tinkerers. We are a household full of computer scientists and are happy with Octopus’s level of technical competence - things do break, like the live calculation of outgoing credit from us having a battery and filling up when power is cheap then selling it back to them at peak times, but apparently the infrastructure is all new and they are quite upfront about it. We have a little home made script that the everyone can run to tell them when is the cheapest time in the next day to put the laundry on, plus other scripts to monitor our battery and so on.
I think when we joined up Octopus were the only people doing the ‘ Agile’ pricing - different prices for every half hour, set a day in advance - but there might be others now. If anyone is interested in switching, DM me and I can give you a referral code for Octopus and some sample scripts. We saved money on the Agile tariff before having a battery, but the battery lowers the bills even more - which it should! They are expensive. Sadly we had to pay VAT on the battery as it wasn’t done at the same time as a solar panel installation. If you are thinking of installing panels I suggest you get a battery at the same time to save money.
i recently changed energy supplier using that comparison site - 8-9p/day standing charge and 2.2p/kWh were good savings. now i read the t&cs, i'm agreeing to have a smartmeter fitted- the cheeky sods.
am tempted to cancel after reading the knowledgeable contributions on this thread..
> Pay as you drive is probably more likely...
This is exactly what is being considered here in Guernsey at present. The island abolished motor tax a few years ago and put a tax on fuel to compensate and effect a 'polluter pays' policy. Fuel volumes and associated tax revenue are now declining so they're looking to retain that tax revenue by other means. Telematics would appear to be the way to go as it has benefits way beyond simply counting the miles you drive, but of course the conspiracy theorists are whinging about being tracked everywhere they go, and being charged for driving in other places on holiday (both of which are easily eliminated, but you can't tell the thickos who shouldn't be allowed internet anything).
Just say it isn't your property and you don't have the landlord's permission.
I’m surprised about the amount of tin hat bollocks being spouted on this thread, which seems to be fed by hysteria pushed by the Daily Mail
large manufacturing companies including defence contractors have had smart meters for decades. They are not scared of being hacked, why should you be? Has there been any evidence of a smart meter being hacked ever?
Data from smart meters is a massive help in managing the grid, which includes maximising use of renewables and reducing carbon emissions from a mix of fossil fuelled generators. This goes hand In hand with reducing energy costs; a major incentive for those manufacturing companies to use them.
data is collected by data collection companies. Any problems in losing data when changing suppliers is due to admin cock ups, this happens in industry and can usually be resolved after a short while.
The same checks and controls to switching off supplies for non payment apply whether done remotely or by a man in a van.
Solar PV meters are not connected to smart meters. The contractual agreement you have to assume that 50% of your solar PV generation exported is fixed by your contract. Your solar PV contract can be with a different company to your electricity supplier. So even if the powers that me used a spreadsheet to prove you export less than 50% it wouldn’t change your solar PV income.
I’m very happy with my electric and gas smart meters
In reply to David Slater:
A wonderful 'sourse' of crackpot articles by the scientifically illiterate.
> They are not scared of being hacked, why should you be? Has there been any evidence of a smart meter being hacked ever?
Yes there is evidence of other smart meters being hacked. It’s far too soon to say if SMETS2 devices will be; if they have any sort of shelf life they have to remain hack proof for decades. How many 30 year old security systems do you know that haven’t been compromised? Or we could just replace them every 8 years invalidating the environmental savings...
There is also evidence of GCHQ having been less than impressed with industry efforts on the security of the smart meter system. In general the answer to “Has X been hacked” almost invariably ends up being “yes” when X is something in widespread circulation. Satellite TV encryption, DVD/BluRay encryption, RF and then near field car keys, keyless ignition, the list goes on. Time and again industry get it wrong with security and encryption.
> The contractual agreement you have to assume that 50% of your solar PV generation exported is fixed by your contract.
Or you can have a separate export meter. The connection to solar from my view is that some firms won’t install a smart meter if you export to grid as their meters don’t like it.
> data is collected by data collection companies. Any problems in losing data when changing suppliers is due to admin cock ups, this happens in industry and can usually be resolved after a short while.
Apparently not the case for version 1 of this metering technology - see the discussion upthread.
I understand that what spooked GCHQ was not what most people are nervous about "up thread", i.e. individual smart meters being hacked. They had rather different concerns, of a CNI nature. Nuff said.
Quite; kind you when you have a single physical control centre for all smart meters, a limited number of security keys in the meters - with permanent remote revocation support - and a disconnect relay, pervasive smart meters are CNI. Breach the data centre and you can brick every smart meter with permanent full power disconnect in 10 minutes or so. It’d take electricians months to replace them all, in which time many people would bodge around the meters themselves leading to all manner of deaths and fires.
None of which needs security flaws in the meters themselves - although I’d be amazed if they make it ten years without any being found...
They may not be of obvious direct benefit to the user, but it's pretty handy to have large, high-resolution data-sets describing end user behaviour if we're going to transition to decentralised, renewables-based, sustainable power networks, without suffering the blackouts, surges and supply disruption that would characterise an unstable or poorly-understood system.
In reply to David Slater:
If you're a scientist, David, you must appreciate that the way science works is that we change our theories when prompted to do so by data. Real data, in real papers published in established journals, with reproducible results. Not when people write crackpot articles on internet sites, backed up by junk science or (at best) highly cherry picked or misapplied results from proper research.
Given that we, as a species, started widely spending lots of time with microwave transmitters held to our heads about twenty years ago, don't you think we should be seeing a huge increase in primarily right-sided brain abnormalities by now?
Here’s a fresh article on Bad Guys (tm) working to subvert industrial control infrastructure. The reported attempt is crude but the article includes links to many other, more sophisticated attempts including an attempt to deprive the people of Ukraine of electrical power in mid-winter.
The threat is real.
There are two ways of securing something against this sort of attack when deploying data connected devices into existing industry.
One of those ways leaves you with something it’s almost impossible to secure properly. Can we guess how smart meters were done?
Of course industry says they are secure. Banks swore black and blue that “chip and pin” was secure, stiffing customers with losses insisting “you must have shared your PIN”. It was only when they tried this with a professor of computer security from Cambridge that it transpired the whole industry was either fundamentally wrong or telling lies to shift liability to the consumer - https://www.cl.cam.ac.uk/research/security/banking/nopin/press-release.html
I don’t trust industry. I don’t trust government to regulate industry sufficiently. I fear I may be tending towards paranoia...
Several people have mentioned that smart meters tell you which appliances are using energy: how do they do that? They presumably only see the current drawn at the main entry point of the house? How does it disentangle the multiple different appliances that might be running at once?
No, they can’t tell which appliance is which. The householder may be able to have an educated guess at which major appliances are on by looking at the graph - dishwashers, ovens and washing machines have different curve shapes and sizes as they have energy use spikes at different times in their program.
If you want to monitor a single outlet there are smart plugs you can get.
In reply to David Slater:
Please provide some references for your statement that UK smart meters communicate using a 5g network?
Don't get one!!!
Although, to counter this - when there is excess wind power on the grid - people with smart meters got paid 5p k/wh they took off the grid, but that was overnight...
In reply to David Slater:
Are you the guy that ‘didn’t’ take the monkey photo? Or the guy that’s a tennis coach or the guy that’s the lecturer at Imperial?
In reply to David Slater:
If it helps, I was always on your side. The monkey is a hack.
Personally, I wouldn't bother.
Eon have been nagging me for a couple of years about fitting one. They wanted me to be in between 0900 and 1800 on a weekday. When I told them that I am the customer and they work for me. I suggested that they pay my daily rate at 1.5T to compensate for my loss of leave, they went very quiet after that.
It does not take a lot of intelligence to work out which appliances are heavy energy users, the power label tells you that.
1) Seem unreliable still.
2) Puts meter readers out of a job.
In reply to David Slater:
Definition - the way in which 5G differs from 3G and 4G is that as well as using 3G and 4G frequencies, it uses much higher (millimetre) frequencies, in the range 24-86GHz.
Smart Meters in the UK (both SMETS1 and SMETS2) DO NOT communicate using the millimetre frequencies which are unique to 5G.
There is extensive documentation for the UK Smart Metering programme, published by the DCC and Elexon, and all on public websites. If you want to know what Smart Metering equipment does or does not do, just look up the relevant spec. Your links to “5g exposed” don’t “prove” what you say it does (as far as I can see), I’m sure you can find sites that says that UK smart meters use 5g - and any such sites would be wrong. See this doc (excuse the title!) - it is a Sept 2019 spec for a UK Smart Meter comms hub.
Download the PDF and check page 43, table in F2.0, which lists all the frequencies used by Smart Meter comms hubs for WAN and HAN purposes. No 5G.
Swapping out existing smart meter hubs to use 5G would be an extremely expensive exercise with no benefit to the Supply companies who are paying for it.
And as a scientist I'm sure you'll be interested in some actual science (with measurements) on Smart Meter emissions, try this -
At the end of the day if there are any health effects from phones or smart meters you'd be far more likely to find it from phones (transmitting lots of data, right next to body) than from smart meters (infrequent transmission of small bits of data, not normally close to people). The first two of the papers you listed in your reply to Jamie are based on the same single French study - the paper below seems more recent and more comprehensive, as it does a meta-analysis of pretty well all substantive serious research to date -
TLDR version - "there may be an issue, caution advised, especially with children - there is no proof as yet".
Finally for those who are worried about the security implications of Smart Meters, so were GCHQ. This is what Smart Meter security looks like these days -
TLDR version. "Multiple layers of defence to best current standards". Nothing is completely “hack proof” - but there are many easier targets.
There’s very little actual information in there for security professionals to digest and comment on. Banks were just as eloquent when assuring customers of the (massively flawed) security of chip and pin.
I find it very hard to trust a system when the security model was designed as an afterthought once GCHQ became sufficiently alarmed to wade in.
To quote the article: If you reverse engineer a meter, you get precisely enough information to compromise that specific meter.
I doubt a security professional is ever going to say that. Perhaps when they reverse engineer it they’ll find an exploit of the incoming message verification that allows privilege escalation and arbitrary code execution. Perhaps they’ll find an equivalent of the “rowhammer” exploit that can’t be caught by all the software review in the world because it exploits analogue behaviours in the substrate in which the code runs. There’s a dozen different reasons to suspect that paragraph and by extension the whole article is pure marketing wash.
"I doubt a security professional is ever going to say that" - hmm - well I'm not a security professional, I'm a retired IT architecture manager. However I didn't write it. What would you call the author then? https://www.ncsc.gov.uk/section/about-ncsc/ncsc-leadership
If he's not a security professional then we have bigger problems. BTW, are you ISSxP of some variety? Agree BTW that asking GCHQ after the event not the best approach.
I should say - I totally agree with the other part of your post about RF stuff and the literature.
> What would you call the author then?
A civil servant with a background in information security.
I'm not a professional in information security, but I know enough to call total bullshit on a quote like "If you reverse engineer a meter, you get precisely enough information to compromise that specific meter."
The number of "hardware level" and "microcode level" exploits to emerge into the public domain recently like spectre/meltdown/spoiler and Rowhammer show just how untrustworthy the hardware under our software is, and how its got to the point nobody really understands it any more and even "provably safe" software can be anything but because the linear system is runs on is actually non-linear under carefully constructed cases.
I've designed and built CPUs in the past in FPGAs and have written a production level virtual machine so I'm not totally naive in the area; and long before Rowhammer I had a very interesting time doing post-power-off data recovery from SRAM which is a great insight into some of the subtle non linear effects and interactions in what's normally treated as a binary logic system, and some of my current research is in getting computational behaviour out of a system intended for simple signalling (or so biologists think anyway...).
At the vey least the cryptographic verification of incoming messages in the smart meters should run on a very simple, fixed purpose processor that's physically separate to the main processor along with separate memory and some good reactive power line filtering to isolate its ability to side channel through the power supply. I've a suspicion it's just another process running on the main CPU but I've not found sufficient published data yet to tell.
> Agree BTW that asking GCHQ after the event not the best approach.
My understanding is that the industry didn't ask GCHQ, more that GCHQ sort of blew their top when they looked in to what the industry was doing. I have a suspicion that this is as much about how the DCC infrastructure was being put together, but that's not the centre of the public/media concerns so it's not had as much scrutiny.
Ultimately I feel strongly that the security architecture should have been put out to open review by anyone interested as should have chip and pin. Industry got away with a lot for a long time with the later due to a lack of openness. Then again there have been some embarrassing flaws found in key open source security tools recently as well.
Why does decryption of incoming messages on the meter matter so much? There's no harm in a side channel getting the public key of the sender and the plain text of the message or software update goes onto the rest of the meter where it has no particular protection.
The only* secret on the meter is it's unique id for billing, which might be a private encryption key. If you reverse engineer that only one meter is compromised.
Everything else could be (should be?) open source so needs no protection (although that might be wrong, how do you protect against fiddled meter OS that fiddles bill?).
As you say open source does not guarantee there are no holes that comprise all meters.
*GDPR will mean customer consumption data is private but getting that data doesn't compromise any other meter.
Mind you, once the private key on the central infrastructure gets uploaded to GitHub by mistake...
> Why does decryption of incoming messages on the meter matter so much?
It's not "decryption" - it's "cryptographic verification" - the use of cryptographic methods to allow the entity sending the meter a command to prove to the meter that it has the right to send that command.
> There's no harm in a side channel getting the public key of the sender and the plain text of the message or software update goes onto the rest of the meter where it has no particular protection.
It's not about that. It's about the thread(s) performing cryptographic verification of incoming commands potentially being able to compromise the CPU with carefully crafted incoming data and thereby bypass securities.
> The only* secret on the meter is it's unique id for billing, which might be a private encryption key. If you reverse engineer that only one meter is compromised.
No - other secrets may be ways of subverting the hardware that aren't currently known and that apply to all meters. Reverse engineer a meter, learn its secrets (not necessarily hidden by people but just exploitation modes in the hardware that nobody knew about). That's why I disagree so vehemently with the comment I quoted from the marketing article linked above.
> Everything else could be (should be?) open source so needs no protection. And as you say open source does not guarantee there are no holes that comprise all meters.
Having a meter subject to compromise wouldn't be such a problem if they didn't all have physical supply disconnect ability in them. But it saves the industry cost when switching people in arrears to even more expensive pre-pay billing...
> *GDPR will mean customer consumption data is private but getting that data doesn't compromise any other meter.
I'm not too worried about compromised private data on usage (you can a reasonable estimate of that by looking at the size of our house, pointing a thermograph at it and looking at the electric car and checking out its annual milage from the online MOT database), but the ability of a Bad Guy (tm) to send a message which passes or subverts cryptographic verification and either overwrites the firmware to trip the disconnect relay (or contractor?) and brick the meter, or commands the device in to pre-pay mode before revoking all communication keys to achieve the same effect. Do that to 30,000,000 smart meters and you've got serious disruption on your hands of the sort the IRA once tried for the "old fashioned" way. Except then it couldn't be bodged around by householders trying to bypass their meters and starting fires or killing themselves with the results...
> Mind you, once the private key on the central infrastructure gets uploaded to GitHub by mistake...
Quite. How many cryptography systems placed into the hands of millions of consumers go the distance?...
Cryptographic verification and encryption are variants on the same thing - public key private key cryptography (a pair of keys).
I think the cryptographic verification is just "does it decrypt with the sender's public key?" as only the legit sender has the private key that can be decrypted by the public key.
Just wait for some 14 year old to randomly change a few million bills so power companies have no data with which to issue bills. The opportunities for share price manipulation are immense!
> Cryptographic verification and encryption are variants on the same thing - public key private key cryptography (a pair of keys).
Not exactly. You can send an encrypted message, decrypting it does then verify it. You can also send a plain text message with a smaller encrypted checksum or hash of the message, decryption of which allows verification of the sender’s possession of the private key. But yes I agree they both use asymmetric cryptography.
My point was that I’m not concerned by the messages being decrypted by a third party in terms of the message being read, but of a third party learning to subvert the cryptographic verification of commands and so being able to mess with the meter.
Give of take the above I agree. Given how long the UK kept the fact it discovered asymmetric cryptography totally secret - way back before Zimmerman was arrested for exporting it from the USA - it’s tempting to wonder what other mathematical theories are kept squirrelled away and could be (re)discovered in the public domain one day. Voiding of current methods isn’t a great concern for the meters as it seems each has its own public/private key pairs with the DCC, but if the cryptographic verification system can be subverted by either flawed software (unlikely with the level of review now in place) or a yet to be discovered software+hardware level exploit it doesn’t really matter...
You're right, if public/private key is gubbed then smart meters are gubbed. But that might a minor issue compared to everything else that would be gubbed.
Eventually public/private will be broken but discovery of a software flaw before then is almost guaranteed!
In reply to David Slater:
> Also, the 5G frequencies go as low as that of your microwave oven - 2.4GHz, and is the band that most 5G networks use.
I hope you don't have any wi-fi in your house if you're this concerned about EMR at 2.4GHz!
Sabrina Verjee has beaten her own women's Pennine Way fastest known time, running the route in a time of 74 hours 28 minutes and 46 seconds, beating her previous time of 82 hours and 19 minutes.