Looking Into The Eye Of The Meter

DEF CON 20

Presented by: Cutaway
Date: Sunday July 29, 2012
Time: 12:00 - 12:50
Location: Track 1

When you look at a Smart Meter, it practically winks at you. Their Optical Port calls to you. It calls to criminals as well. But how do criminals interact with it? We will show you how they look into the eye of the meter. More specifically, this presentation will show how criminals gather information from meters to do their dirty work. From quick memory acquisition techniques to more complex hardware bus sniffing, the techniques outlined in this presentation will show how authentication credentials are acquired. Finally, a method for interacting with a meter's IR port will be introduced to show that vendor specific software is not necessary to poke a meter in the eye.

This IS the talk that was not presented at ShmooCon 2012 in response to requests from a Smart Grid vendor and the concerns of several utilities. We have worked with them. They should be okay with this.....should.....

Cutaway

Cutaway: Jack of All Trades and hardware attack dog for the InGuardians founders. I specialize in physical and information technology penetration testing, web assessments, wireless assessments, architecture review, incident response/digital forensics, product research, hardware research, code review, security tool development, and the list goes on. I am currently focusing on hardware research specifically in the technologies surrounding products comprising the SMART GRID with a focus on implementing Zigbee protocol API's and microprocessor disassembers/emulators for research, testing, risk assessment, and anything else you can think of with these technologies. Twitter: @cutaway http://www.cutawaysecurity.com/blog


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats