There’s been some buzz on the internet lately that the smart grid is vulnerable to hackers . This coincidentally came out after a security company issued a warning about a smart meter’s vulnerability to being hacked, which coincidentally came out a few days after Travis Goodspeed discussed how to hack the AES-128 encryption on an 802.15.4 radio. I covered his post last Sunday , a day before the security alert was released. And for those that don’t know what I’m talking about, 802.15.4 is the wireless communications protocol which is used for Zigbee, one of the main wireless communications methods being deployed in smart meters.
So before everyone’s panties get all bunched up, I thought I would make an attempt to clear things up about this AES-128 attack mentioned in Travis' blog post. Fortunately, since I run an independent Zigbee site, it gives me a little bit of leeway to comment on this somewhat murky topic that touches on two taboo subjects: hacking and discussing 802.15.4 without inserting marketing propaganda.
First of all, how did we end up like this? Well, first Travis Goodspeed posted on his blog that he was able to capture the AES-128 encryption keys on an 802.15.4 chip using a side-channel attack (thanks for correcting me on the terminology Robert). Then it got picked up by Hack-A-Day , which is actually an interesting website that I like to browse every so often to see who made the latest automated home beer brewer. Incidentally, the hack-a-day post got linked to so much that it knocked me off my #17 position on Google for the “Zigbee” search term and so, as of this writing, I’m sadly sitting at #18 (Damn you Google and my lack of SEO knowledge about Zigbee Zigbee Zigbee...).
Anyways, from Hack-A-Day, it got linked to by a bunch of others sites including some news outlets such as CNET and CNN . In fact, it even made the headline news on CNN whose reporters probably know nothing about Zigbee, 802.15.4, or hacking, but decided to carry the story with the theme that upgrading the smart grid is unsafe and can make it vulnerable to hackers. Ughhh…upgrading the PC communications infrastructure is also unsafe and can make it vulnerable to hackers. Hmmm...upgrading to eBooks with a Kindle is also unsafe and can let hackers browse your collection of Sweet Valley High novels (that Jessica is such a bitch)...
So first, let’s deconstruct this sequence of events and take a look at the source…how the attack on the 802.15.4 node was performed. According to Travis’ blog, it was done by sniffing the SPI bus which is an external communications bus carrying data from the microcontroller to the radio. The microcontroller in question was the MSP430 on a TelosB board, famously used in TinyOS wireless sensor networks. The radio was a Chipcon CC2420 which has since become a TI CC2420 since they purchased the company a few years back. The attack was a side-channel attack which meant that they exploited the actual hardware implementation rather than a vulnerability in the security algorithm itself.
When you’re configuring the radio at startup, the first thing you do is write to the registers. You do this to turn the radio on, set the channel that the radio will be operating at, the transmit power, etc. One of the things you will also need to do is set up the security since the CC2420 has an AES-128 encryption engine on-board the radio. This is to offload the encryption processing from the microcontroller since typically, 8-bit microcontrollers (think Atari 2600) don’t have a lot of computing horsepower.
When you go through the security handshaking procedure, you will eventually have to write the AES-128 keys to the encryption engine on the radio and it’s at this point that the vulnerability occurs. If you use an SPI sniffer such as the Beagle SPI analyzer, you can just capture all of the signals and then search for the address of the encryption registers. When you see SPI writes to the encryption key registers, you can pick off the data accompanying those writes and that’s where the keys are exposed.
Incidentally, the security company in the CNN article that said the meters could be hacked for as little as $500 in equipment were wrong.
IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials, and a background in electronics and software engineering, could "take command and control of the (advanced meter infrastructure), allowing for the en masse manipulation of service to homes and businesses."
The Beagle SPI analyzer is $300. Just thought I'd drop some ghetto engineering knowledge...
However the blog post doesn’t mention the limitations on the attack they performed and this point should be understood. The first limitation is that the device must be authorized to join the network. There’s no way that the device will ever be able to obtain the AES keys from the trust center (errr…meter) unless it’s an authorized device, since the meter doesn’t like to hand out keys willy-nilly. Hence, there’s little chance that you can just take a random device, sit outside of someone’s house, and hack into their network using this attack. It would have to be an inside job since smart energy devices will most likely require pre-installed keys and authentication information to identify the particular user.
The other limitation is that the device would have to use a separate microcontroller and radio, hence it can then have its SPI bus exposed with its nibbles flapping in the wind. However the Zigbee smart energy transceiver market is pretty much dominated by a company called Ember who decided to include the microcontroller and radio inside the same chip in which case, the SPI bus will not be exposed because it won’t exist.
Okay, so say some smart energy device manufacturer is using a separate microcontroller and transceiver. Incidentally, this is my favorite configuration because you can be free to choose the microcontroller (I like ARM’s, and I don’t mean that as a fetish) and the radio. Will this evil meter cause the downfall of all the people browsing facebook in the free world? Uhhh…no. This is because when the smart energy device joins the meter’s local network, it will receive a specific key for that device only. That key will only be valid to communicate with the trust center (err…meter…again) and can’t access any other device in the network. As mentioned on the other news sites, getting on to the local meter’s network will not give you access to all the meters in the nation. Hell, the utility companies can’t communicate with each other, even if they wanted to. If some enterprising hacker could pull that off, they should be running our utilities.
So let’s say that some metering manufacturer accidentally designed a meter with this particular vulnerability. And also, let’s say that some hacker stole some poor family’s power meter, leaving them in the dark and unable to watch the Daily Show with John Stewart and that funny episode where he trashes Jim Cramer, and proceeded to take that meter apart and get a key to communicate with the utility. Oops…Zigbee isn’t used to communicate with the utility. Most likely the meters will be using either powerline networking or some cellular technology for the backhaul communications to the utility. So this would be a dead end for the enterprising Zigbee hacker and he’d have to call on his reinforcements in the powerline or cellular industries to finish the job.
Don't take this the wrong way. Travis Goodspeed has a history of hacking (in the security sense) embedded devices and revealed many vulnerabilities that exist in the TelosB motes. He also exposed a lot of the vulnerabilities of TinyOS using these motes, including numerous buffer overflow attacks which since have been fixed. It wouldn't surprise me if he found another one in a commercial stack. Also, his partner Aurelien Francillon wrote an article on how to create a worm and inject it into embedded Harvard architecture microcontrollers like the ones on the MicaZ motes. This in itself is pretty impressive since buffer overflow attacks usually assume a von Neumann architecture so you'd have to do some backflips with your assembler to get this to work.
What it all comes down to is that communication stacks needs to be designed in such a way that they are secure. This mostly entails protecting the data path to disallow buffer overflows which are the normal entry points for attacks (ie: enforcing maximum buffer size limits in code and checking them) but as Travis pointed out with the side-channel attack, there are other vulnerabilities that could be exploited as well. And for the record, I'm pretty sure my stack is going to get hacked just for the sheer irony of me writing this post...
So the point is that hacking any communications protocol is possible, but contrary to the claims of the security company, the hack is not practical for taking over the nation's energy infrastructure. All the meters are not connected by a local RF protocol as is assumed by the security company that published the alert. This is because there will be a variety of microcontrollers and communications protocols to handle the local wireless network, the local powerline network, and the backhaul to the utility. Contrary to the claims in the quote above, it won't be possible to take over a bunch of meters with Zigbee alone, because you would also need to compromise the backhaul as well. This will probably be difficult because I don't think even the utilities can agree on what the backhaul technology should be. The worst a hacker can do is attack a single meter if it fits all the limitations, and then it would just severely annoy their neighbor and this is assuming that the hacker can obtain the authentication codes for that residence. Instead of holding up the smart grid buildout until a committee can decide on security standards, which would be even more disastrous and possibly more vulnerable to hacking, we should be simultaneously testing the meters for vulnerabilities and updating the firmware to fix those that are found. We can't let fear stand in the way of progress...unless it involves AIG and Wall Street bonuses...Updated 2009-03-22: Just checked the driver to make sure I was enforcing the max buffer length to prevent a buffer overflow attack. Looks like it's okay...Yowzah.... Updated 2009-03-22: The buzz is reaching a crescendo. The issue just got posted to Slashdot which means that it's going to be seen by all the major news outlets on the web. Nothing more for me to do so I'm going to finish watching my anime. Updated 2009-03-23: Apologies to Aurelien Francillon, the author of the paper and the PPT on the Harvard architecture buffer overflow attack. I didn't realize that I had previously traded emails with him where he shared links to medical groups working on wireless outpatient monitoring for the elderly with me. This whole post reeks of my frustration on the potential for this security issue to derail the energy grid upgrade which I see as a potential way to decrease the US's energy consumption and for the country to contribute to improving the environment.