Securing Smart Meters is Key to India’s Energy Market

India has long had an underdeveloped energy infrastructure, but the subcontinent is on a mission to change that using improved metering technology. Smart meters deliver a wide array of proactive benefits, including notifications in the event of a power outage, more accurately monitored consumption behavior, reduced operational costs and commercial losses of utilities, and serve as an important tool in power sector reforms. These benefits can then be passed down to consumers, who receive smarter pricing strategies and  enhanced reliability and resiliency of the power grid.

Smart Meters are Vital – but Vulnerable

Power distribution companies in India are floundering in the wake of the COVID-19 pandemic, as demand and collections have declined with the COVID-19 lockdowns, and researchers project demand to contract between 3-5% this fiscal year. The clearest solution for them to ramp up revenues in the face of lilting demand is to increase the efficiency with which they collect.

Additionally, the discrepancy between consumption and revenues, which is the main contributor to non-technical losses, accounts for an annual loss of $23 billion in India alone. This discrepancy is mostly attributed to meter tampering or direct connections to the grid that bypass the meter. The investments to fight these non-technical losses further impact finances and reduce the capacity to invest in grid improvements and provide the quality service.

Rolling out smart meters en masse would deliver precisely this result, as smart meters can generate an additional 15-20% revenue per meter relative to traditional meters. Utilities with smart metering infrastructure have also reported 95% billing efficiency in Q1-2020. That said, the task ahead is tall. To date, smart meters only account for a scant 1% of the market India, with just around three million smart meters in operation. This number pales in comparison to India’s roughly 270 million traditional meters.

In recognition of their dire economic straits, Energy Efficiency Services Limited (EESL) launched an initiative to install 240 million smart meters across the country by 2023. This intrepid objective hit a snag almost immediately however, when in August of 2020 a malicious insider attack on L&T smart meters in Uttar Pradesh left 160,000 homes without power. The breach was the largest of its kind in India’s history, and forced the project to pause its rollout until meter vendors arrive at a suitable solution to protect their products from the sort of future attacks that will only grow more prevalent over time.

 August Attack Highlights Need for Enhanced Security

The benefits of introducing smart meters are evident but the endeavor can and will be rendered inviable if security risks cannot be detected and prevented. There are also additional challenges with managing, monitoring, and updating smart meters in the field. For instance, though the installation of the compromised smart meters in UP was done “with the expressed motive of giving electricity consumers respite from a host of problems,” said the region’s energy minister, Shrikant Sharma, the breach forced him to request an immediate stoppage of all smart meter installations in the area and prompted demands for the cancellation of contracts with the three companies tasked with providing the meters to EESL. The potential revenue losses from contract cancellations or pauses can devastate a meter manufacturers, even though in this case, as a top official from EESL stated, “there [was] nothing wrong with the meters,” and the UP sabotage was due to a breach of protocol by an employee of one of the other vendors.

Though innocent of any wrongdoing, India’s largest smart meter provider, Genus Power, took the first step towards eliminating future events like the UP breach by partnering with NanoLock Security. This partnership with Genus, and by extension the energy service companies like EESL who utilize their smart meters, brings peace of mind that India’s smart power infrastructure will remain secure as the transition from traditional meters to smart meters resumes in earnest.

Device-Level Protection Prevents Persistent Attacks

Genus proceeded with their plan to incorporate NanoLock’s device-level cybersecurity solutions that go beyond zero-trust thresholds into their smart meter solutions. Unlike a network-based, backend or runtime approach to security, NanoLock provides device-level protection from all persistent attacks that hacker-proofs utility devices like controllers, smart meters, concentrators, etc., throughout their entire lifecycle. NanoLock also maintains resilience along multiple attack vectors: remote and local, outsider and insider, as well as the supply chain. Covering each of these fronts is crucial, as it is not always external actors who are targeting utility providers and their suppliers; often the call is coming from inside the house, so to speak, as was the case with the offending employee in the UP fiasco. More secure smart meters will do more than prevent hacks, too. Such smart meters will allow utility providers the ability to recoup some of the $96 billion lost each year to electricity theft, a cost split between consumers charged for stolen power and revenue losses for utilities.

NanoLock’s novel approach prevents such violations before they happen by blocking all persistent changes to critical code, unless they were authenticated and signed by an external authorized server, unlike common IoT security management that relies on updates or firmware fixes to solve problems reactively. NanoLock also enables a managed service for Genus’ utilities and smart city customers that reduces operational costs and secures revenue that could be lost due to theft. With this solution in place, Genus will be able to prevent glitches and outages and enable EESL to reform the power sector with energy efficient smart meters that are protected from threat, fraud, and human error. As demonstrated over the summer, the threats to IoT devices and utility infrastructures are ever-present. By partnering with NanoLock Security, Genus Power has demonstrated that they take these threats seriously. We at NanoLock look forward to a fruitful partnership with Genus Power and to a safer and more reliable smart meter infrastructure for India’s energy customers.

Book a demo to see NanoLock’s powerful defense in action.