Smart Energy Archives - Page 2 of 11

Smart Meter update – Let’s do a DDOS

If you’ve been following the GB Smart Metering story, you’ll already know that it is one of the worst examples of a Government led IT disaster, which has already cost the taxpayer around £20 billion. In the latest twist to the sorry saga, we have just had the bizarre phenomenon of National Meter Reading Day, when millions of energy consumers effectively performed a Distributed Denial of Service attack on the 31^st March, by submitting their energy readings. It resulted in the websites of most of our leading energy suppliers crashing.

The background to this is that consumer energy prices in the UK have just taken a substantial hike. On the 1^st April, a price cap enforced by the Government was lifted, allowing energy suppliers to raise tariffs. On his popular Money Show Live TV program, Martin Lewis urged customers to make a note of their meter readings on 31^st April and to submit them to their supplier’s website. The following message went viral:

NetZero nepotism – Boris’ COP26 cop out

Back in 2010, I was the CTO of a small energy startup, designing connected domestic energy sensors, along with some fairly hardcore data analytics, to help consumers work out what was contributing to their energy bills. It was a fairly crowded market as small companies saw the potential for promoting energy efficiency to consumers and investigating ways to use emerging battery technologies to smooth out household demand and reduce cost. Few of those companies survived. Energy suppliers acquired some, then shut them down as they realised that persuading consumers to spend less money didn’t really fit well with their business model. The energy suppliers also had bigger issues, such as dealing with the Government’s impending Smart Metering programme. A few of the startups have survived and were looking forward to renewed interest arising from the UK hosting the COP26 summit.

A couple of months back I started to hear from them that promises to be involved in the events surrounding COP26 were being withdrawn, because space needed to be allocated to other companies that were “closer” to the Government. It seemed that what you knew was less important than who you knew. NetZero nepotism appeared to be kicking in. It felt reminiscent of what we saw at the start of the pandemic, where companies with engineering expertise were asked to help design and build ventilators. A few months later, those efforts were quietly put on the shelf. Instead, contracts for PPE and Test & Trace took precedence. They were easier for Government ministers to comprehend than real engineering, so could be packaged up in marketing campaigns and handed out to the Friends of Dominic and Matty. This week’s damning report from the Public Accounts Committee has described Test & Trace as “muddled, overstated, with an eye-wateringly expensive budget of over £37 billion, which has failed on its main objectives”. That £37 billion is not vastly different from what the equally muddled and overstated Smart Metering programme will have cost the consumer by the time it’s complete, showing that the Government is not generally the best judge of who can deliver, or the way to do it. If we want to achieve our NetZero objectives, it’s vital that we don’t go down the same route.

Smart Meters, Fake News and the IoT

Do smart meters spread Covid? Of course they don’t. Not even the fake news community have suggested that. As regular readers will know, I’ve been socially distancing from smart meters ever since the British Government took what was basically a good idea and morphed it into a £15 billion IT disaster. Despite that, I still got Covid.

Do smart meters encourage fake news? Absolutely. Here in the UK we have a Government funded agency called Smart Energy GB, which specialises in misleading advertisements in an attempt to persuade people to install the world’s most expensive smart meters. I believe they may have the honour of producing the largest number of advertisements from a Government body to be banned for misinformation. But they’re not letting a little issue like that stop them from peddling more fake news.

What the Smart Metering Debacle tells us about the reality of the Irish Backstop

Last week, the UK Government finally admitted the obvious, presumably in the hope that the announcement would be lost in the Brexit noise, which is that the GB Smart Metering Programme rollout has been delayed by four years to 2024. For those who don’t know the history, back in 2011, the Government announced that it was instigating a smart metering programme which would see 53 million domestic smart meters installed by the end of 2019. We’re approaching that date and the latest figures show that only 2 million compliant SMETS2 meters have been installed. Despite many of us having pointed out the issues for years, it’s only now that reality has dawned on our ministers, who have set a new target of 2024. Many in the industry believe that’s equally fictional and are suggesting that 2030 is more realistic. That would mean a total of nineteen years for a project that was originally meant to take less than seven years to complete. Over the course of the project, costs have spiralled, although BEIS – the ministry now in charge of the project are still doing their best to dream up magic benefits, presumably because of a concern that if they revealed the full impact, any Minister in their right mind would cancel the project.

The announcement was hardly unexpected. Along with many others, I have been critical of the project since its early days, when it became obvious that that it was being driven by ideology rather than practical requirements. Countries such as Italy managed a national deployment in a couple of years at a fraction of the price. The difference with the GB programme is that it was politically led, turning into the latest in a long line of Government IT disasters. However, the announcement is timely, as it comes at the point when our current Ministers are promoting a technical solution to the Irish border as an alternative to the backstop. If we assume that the same mistakes will occur, as they have done again and again in previous IT projects, it is unlikely that we would see anything workable in place before 2030. More worryingly, it is likely to be hacked by organised crime well before that.

When Smart Meters go wrong

Most people don’t think much about firmware – the embedded software which runs the microcontrollers in all of the devices we have around us. We’re aware of the frustration when they don’t do what they’re meant to, at which point we realise that “smart” may not have been the best adjective to use to promote the product, but even when they do go wrong, turning them off and on again, or taking the battery out generally clears the problem. They almost always go wrong because the design process didn’t include enough testing, or not enough time was given over to thinking about the “edge cases” – those unexpected combinations of events which result in things not working the way they should. Most of the time it’s just a short-term annoyance; if it’s worse than that we’ll probably send it back, or throw it out and buy a new one.

However, we do expect safety critical devices like cars and planes and national infrastructure to be a lot better designed than this. Your boiler turning off because it thinks there’s a flow problem when there isn’t is annoying (time for a firmware upgrade please, Vailant), but it’s not life threatening. In contrast, a self-driving car that runs over a cyclist is not something the public is generally happy about. Nor is a plane falling out of the sky. But where would you put a smart meter in the scale of things that might affect your life? Last week we found out, and it’s not a happy answer.

How to Hack a Smart Meter and Kill the Grid

Last week was a watershed for the embedded security community, and by implication everyone else. Bloomberg announced that rogue chips had been found on the motherboards of servers sold by Super Micro Computer to companies like Amazon and Apple. Whoever had added these during the manufacturing process would have acquired the ability to control and access data from the servers when those companies installed them. For the first time, it appeared there was evidence that the supply chain could be disrupted. That meant hacking was happening during the manufacturing process, before the products had even left the production line.

Up until now, hacking has predominantly been viewed as getting malicious code into a device which is “clean”, by exploiting security flaws in its code. That’s what’s happened with every PC virus; attacks like the WannaCry ransomware, and state sponsored attacks such as Stuxnet and the recently discovered attempt by Russian hackers to infiltrate the Organisation for the Prevention of Chemical Weapons in The Hague. Although the concept of hacking a product before it has shipped has been discussed for years, the Bloomberg report signals that we’ve moved from academic debate to reality.

There is still debate about whether the report is correct. Apple and Amazon deny much of the detail, but its publication has started people looking more closely at the supply line and concluding that whether or not it is true, the way we design, subcontract and manufacture complex electronic products today means that it is possible. If it is true, this attack was probably commercial, where a company or a state wanted to discover what leading global companies were doing. What is more worrying is the prospect of a future where malicious state actors target infrastructure with the aim of crippling a country. Which brings me to smart meters.