World’s First Smart Meter Hacking Framework Released
Released On: Thursday July 19, 2012
Highly anticipated open source tool introduced to the public by
SecureState’s Research & Innovation Team
a management consulting firm specializing in information security, today
announced the public release of the full open source code of Termineter,
a framework that allows users to assess the security of Smart Meter
utility meters over the optical interface. This is the first framework
designed to give authorized individuals access to manipulate and test
the security of smart meters.
A ‘lite’ version of the Termineter code with limited functionality was
sent out to a select group of registrants initially; however, the full
open source code, including all of the modules can now be found on the
SecureState Tools Page.
Spencer McIntyre, of the
SecureState Research & Innovation Team, will perform the first live
public demonstration of the Termineter framework during his
presentation, "How I Learned To Stop Worrying and Love the Smart Meter”
Security B-Sides Vegas on Wednesday, July 25, 3 pm at The Artisan
The goal of a public release for this utility is to promote security
awareness for Smart Meters and provide a tool that brings basic testing
capabilities to the community and meter manufactures so that security
can be improved. Power companies can use the framework to identify and
validate internal flaws that leave them susceptible to fraud and
significant vulnerabilities. Users must have general knowledge of the
meter’s internal workings in order to use Termineter proficiently.
The Termineter framework implements and supports the ANSI C12.18 and
ANSI C12.19 standards, offering basic non-vendor specific routines that
allow users to interact with and view information on the device using
the optical port.
Termineter gives users fine-grained control and direct access to the
data on the meter.
Current modules allow users to read and write raw data to tables, which
in turn can be used to initiate procedures. Certain modules require
passwords in order to be used. Additional modules allow higher level
access to certain functionality, such as parsing useful information from
the Security, Modem and Log tables.
Neither Termineter nor the modules contained within it carry any vendor
specific information. The design of Termineter was largely dependent on
the ANSI published standards which can be purchased by the general
About Our Company
The SecureState team is comprised of several specialties
Audit & Compliance,
Profiling & Penetration,
Risk Management, and
Incident Response. SecureState provides premier
consulting services for companies across the nation and
internationally, including government and commercial sectors.
« Back to Press Releases