European standards body the Open Smart Grid Protocol (OSGP) is preparing to release an update to its specifications despite recent criticism from a pair of academics on the security of its architecture.
The study by Philipp Jovanovic of Germany’s University of Passau and Samuel Neves of Portugal’s University of Coimbra found weaknesses in the group’s cryptographic architecture.
In a research paper titled ‘Dumb Crypto in Smart Grids: Practical Cryptanalysis of the Open Smart Grid Protocol’ released in April 2015, the pair claim “failures in the design and implementation of authenticated encryption schemes are a common sight and there are numerous examples”.
The researchers said the authenticated encryption scheme deployed by the independent not-for-profit group to protect data transmitted through communications channels is easy to break.
No smart meter security breach
OSGP said “there have not been any reported security breaches” of any deployed smart metering or smart grid system built with the current OSGP specifications, and that systems built with these specifications include a “comprehensive multi-layer security system that has always been mandatory”.
The protocol was developed by the Energy Service Network Association and has been a standard of the European Telecommunications Standards Institute (ETSI) since 2012.