Security for optical ports on energy meters
Optical ports provide local access for service engineers during installation or maintenance of energy meters. Households have physical access to their energy meter and might try to get access to the meter software.
The optical interface and communication heads for smart meters from almost every manufacturer are specified in the IEC 62056-21. (The US-American ANSI C12.18 is not covered by this article.)
Main functions that can be accessed using optical communication
Note: During the production process, electronic meters need to be adjusted. This is done by writing correction values in a dedicated memory inside the meter. These correction values are protected against external access and can not be overwritten once the meter has left the manufacturing site. There are different protection solutions. Some manufacturers are using the optical port for adjustment and later lock this memory section. CLOU meters are using a special port on the PCB for adjustment, which has no physical connection with the infrared port in compliance with the Measuring Instruments Directive (MID).
Protection of the Optical Port
The IEC specification defines the following communication modes:
For the password command, the following command type identifiers are defined:
– 0 data is operand for secure algorithm
– 1 data is operand for comparison with internally held password
– 2 data is result of secure algorithm (manufacturer-specific)
These defined command type identifiers allow static passwords (1) or a manufacturer-specific challenge-response algorithm (0 and 2). Furthermore, operation mode C supports manufacturer-specific enhanced security, which is out of the scope of the IEC standard.
Besides this password protection, the IEC standard defines a set of security levels for use in combination with mode C.
Practical security implementation
The safest method for optical port protection is an authentication by a challenge-response algorithm. This requires that each meter has a unique key. The complex key administration is a back-draw for optical port communication because each handheld or PC needs to keep the meter specific key, while each meter needs to keep the PC specific key. For remote access (AMI systems) this procedure is recommended.
The CLOU risk analysis shows that the most suitable approach is to use a password for read-only operations, together with a manufacturer specific data encryption. For writing operations the terminal cover must be open.
Once the terminal cover is opened and unauthorised the meter is recording a tamper event. Depending on the meter type the relay trips and in case of an AMI system, the tamper event is forwarded to the centre.
A sealing of the optical port itself does not provide additional security (personal opinion of the author).
Nevertheless we had some customer requests for a sealable optical port.
Take a look at our CL710K20 or our K23 series. These meters are optional and available with a sealable port.
Read more from Shenzhen CLOU.
Optical ports provide local access for service engineers during installation or maintenance of energy meters. Households have physical access to their energy meter and might try to get access to the meter software. Main functions that can be accessed using optical communication Protection of the Optical Port Practical security implementation