SecureState performs a physical review of the smart meter to determine the location of access points, including serial and ethernet ports. This includes assessing the physical security controls for each device. SecureState then uses documentation provided by your organization or available publicly to identify connection methods. Using a variety of gathering techniques, all data collected will be used to benchmark system behavior and determine possible abnormalities via communication, system utilization/processing, and interfaces. Additionally SecureState will perform offsite research to gather previous research on the topic and look for public information on the system being tested. For example information could be gathered from vendor documentation, patent files and regulatory documentation.
SecureState begins penetration testing with simplistic attacks that a basic hacker or beginner would attempt. SecureState then gradually increases the sophistication of the attacks to identify a wide spectrum of vulnerabilities. Based on the connection method, SecureState may use the open source tool Termineter, which was developed internally by SecureState. Termineter uses the ANSI C12.18 standard for communication with the smart meter over the optical interface to read the C12.19 data stored on the meters. Interacting with meters over the optical interface is a very common attack vector as it does not require the meter to be removed from its mounting, making it much safer than attacking the hardware.
SecureState may also develop customized tools to assess the Smart Meters, providing our clients with the knowledge and confidence to be resilient to a potential attack. Since the testing is adaptive by nature, the procedures are unique to each environment.
SecureState is able to perform Smart Meter Penetration Tests on devices deployed in the field or in our onsite lab.