Security is often top of mind when making hardware - no one wants their data stolen, device used as part of a bot-net or their controls taken over. All reputable hardware manufacturers I speak to take security seriously and ensure their devices and services are meeting security requirements, update firmware frequently and obviously take responsibility seriously under the UK DPA (UK equivalent of EU GDPR).
We've just completed a feasibility study into a new secure hardware device which I've also written about here.
Our smart tariffs (Agile, Go, Go Faster, Tesla, Cosy, Intelligent Octopus) all apply control - mostly via third party systems integrated to our tariff API or, in the case of IO, by sending signals directly to cars and chargers a lot of which you can view on our Works With page. We’ve been doing this successfully for more than 4 years but when it comes to security you can’t sit still so it’s exciting to be leading the research into an alternative security solution.
In 2018 Dixons Carphone suffered a breach affecting 14 million customers and were fined £500,000 by the ICO, the maximum amount prior to GDPR coming into force (reduced to £250,000 on appeal). Similarly Tescos, Equifax, Lloyds, Wonga and others have experienced serious breaches. A UK DPA breach carries a fine of ‘£17.5 million or 4% of the total annual worldwide turnover in the preceding financial year, whichever is higher’. In 2018 British Airways faced an ICO fine of £183.4m (later reduced to £20m) for a loss of 500,000 customer records - the first under the UK’s DPA. Dixons Carphone suffered a 3% drop in share value and BA 1.4%. Ofgem have powers to fine energy sector licenced parties for breaching licence conditions up to 10% of turnover.
These examples focus on the impact on consumers of personal data being exploited but in the energy industry there’s also a risk to the electricity grid. If a nefarious actor were able to access a large number of EVs or chargers (or other high consumption appliances such as home storage) and instruct these to do something (charge or discharge for example) then enough simultaneous changes in demand on local parts of the grid or even nationally could affect grid frequency and voltage.
National Grid ESO manages the grid second by second using a range of inputs to ensure generation meets demand - weather, sporting events, etc. At half-time in the England v Italy 2020 Euro finals a surge in demand of 2GW was expected. The grid was ready to meet the equivalent of 1.1 million kettles all being turned on at the same time but the issue is when a surprise event occurs. If the grid weren't ready we would have seen the voltage dip as happened in January this year affecting a few hundred customers.
Generally drawing more energy without enough matched generation (1.1m kettles boiling, or thousands of cars starting to charge simultaneously) pulls down the voltage (like reduced water pressure in a pipe if everyone turns on at the same time). Domestic solar works in reverse - inverters sense the grid voltage and 'push back' at a slightly higher voltage; that's one reason a DNO may turn down requests for larger domestic solar systems in a local area.
In 2019 a blackout impacted over 1m people and train services due to the grid frequency going out of bounds when lightning struck a transmission line causing a gas generator and offshore wind farm to disconnect from the grid. The impact was 2GW loss of generation - the same scale as the 1.1 million kettles worth of demand during the Euro 2020 final. The grid is designed to disconnect local areas to preserve frequency and voltage nationally which is what happened. A kettle requires around 2kW to 3kW; charging a car at home is up to 7kW so an equivalent 300,000 EVs starting to charge (or discharge - pushing voltage too high) in a local area could have a similar impact and cause a blackout.
Hence the research in to the security of energy systems.
The security of connectivity and control of home appliances (cars, solar/battery systems, heat pumps, thermostats, etc) is therefore something we're researching with BEIS. BEIS selected five projects in autumn 2022 to evaluate the feasibility (phase 1) of secure control, and data reporting, of domestic systems via the DCC SMS which we've just finished. Phase 2 (to actually create a trial of something) is due to start April 2023. A key part of the project was designing a device to achieve something called Commercial Product Assurance (CPA). CPA is run by the NCSC who also oversee the security of the DCC SMS and know a thing or two about internet security. The requirements span everything from hardware tamper detection to fuzzing on the radio interface. Over the past few years we've built up experience creating our own devices that connect to the smart meter (via Zigbee) and the DCC SMS network (e.g. the Octopus Home Mini) so it's been very valuable to work with security experts Rufilla and NCC Group to design a CPA version of one of our recent devices - more to come on the particular devices in a future article.
Night storage heater control using ALCS (Auxiliary Load Control Switch) has been around for decades and predates smart meters (in fact the earliest version used Radio4 long wave radio signals). Given ALCS is already in use our design therefore advances the type of control by using the Stand Alone Proportional Controller (SAPC) in a generic context - meaning we've designed it to apply control to all sorts of home systems. The design also encompasses sensor data from a range of off-the-shelf smart home devices to demonstrate greater commercial feasibility than a single embedded sensor.
This flexible design gave us more security challenges when designing for CPA but gives us a lot of options in the future if we proceed.
We won’t know until April 2023 if we will proceed to develop the solution and run the trial over 22 months so watch this space as we’ll be seeking trial participants mid-2023 if we’re successful.