Detection Challenges Underlying Sense's Approach

General Sense Discussion
21

Ah yes, it is also Detroit that said, a while back, … “We’ll make cars so cheap/affordable. that no one would ever need to use public transportation” … Though in all fairness, any industry is ‘replete’ with similar claims … or maybe we should call them “Bold Visions”.

Every generation has its visionaries i.e., someone to push the envelope and make sure the rest of us work on achieving those crazy ideas … or we would have never succeeded in putting a man on the moon.

Talk about digression … :slight_smile:

22

Here’s the info on the Schneider load center that will include Sense functionality along with other smart technologies.

23

My biggest concern with the smart home/breaker/panel way of the future is security.
If it connects to the internet it can be hacked.
Smart plugs, thermostats, security systems, general “smart” devices, etc… have all shown vulnerabilities. From simply gathering data to actually controlling devices.

A simple password hack might allow someone to gather my Sense data and determine when I’m home, what I’m doing or where I am in my house. I’m not really worried about it as Sense is still rare. I would have to be a target and they would have to know enough about me to know I had Sense. If they knew that much then they would also know I have nothing much of value to anyone willing to go through the effort.

On the flip side, if smart breakers/panels became the way of the future and gather widespread use there would clearly be a very limited number of manufacturers and certified devices. If these products allowed not only data but internet controllability and firmware pushes. Some serious protections would need to be put in place to prevent a hacker from killing every breaker/panel at once. A hacked or faulty firmware update could brick critical devices. A physical mechanical manual override would have to be a separate part of these devices. That’s assuming the attack didn’t wreck too much havoc on the grid at a development, local, state or nation wide level.
Not trying to sound like some wack job paranoid conspiracy theorist, but it’s a real possibility.

24

I agree - security is important. But smartmeters are already networked today, and not particularly well secured in many cases. I’m guessing that making the meter / load center smarter will include better security.

RTLAMR: AN RTL-SDR RECEIVER FOR 900MHZ ISM SMART METERS

https://www.rtl-sdr.com/rtlamr-rtl-sdr-receiver-900mhz-ism-smart-meters/

25

That just gets you usage data from dumb smart meters. I know some time ago people were working on figuring out gas and water meters too. It’s pretty basic. I have a SDR myself but never dug into any of that, just use it as a cheap radio scanner.
If someone maliciously wants your information/data they will get it. I’m more worried about the ability to control things on a large scale. Some cars were hacked to be controlled remotely, but they have massively huge budgets and resources for that. Not so sure circuit breaker manufacturers have as many resources to invest in that aspect despite most being huge corporations. The devices themselves will be simpler in nature and much easier to reverse engineer where a simple hack could potentially kill power to critical systems.
Hopefully a more effort towards security will be put in to this than there is for other “smart” type devices.

26

Per SB 327, Cyber security concerns should have been already addressed by the manufacturer. SB 327 became law starting Jan 2020 this year in the state of California. I am not sure about other state lawsz. I assume various states have some sort of similar laws in place for IoT devices. It is at this point manufacturer’s responsibility to meet the new law related to Cyber security and provide reasonable security means.

More details below.

Screenshot_20201226-223759_Chrome
Screenshot_20201226-223759_Chrome1080×2220 495 KB

27

On 12/2 Trump signed H.R.1668 directing the NIST to issue guidance for IOT devices for the federal government. Really surprised something wasn’t already in place. Makes you wonder if government networks may have been hacked this way.

As far as the CA law if I understand it correctly all it does is require devices to have a unique password for the individual device or require the user to create a password when setting up the device. I read somewhere that requiring a user to scan a unique QR code or create a password for an app/program that controls the device would suffice. Which really isn’t much but it’s a start.

28

Regarding the CA law. Does it not put limits on how the User data is managed/sold/handled by the device’s manufacturer’s? With many of us having multiple devices (from many vendors), the issue is not just about password access.

When we talk about privacy, the common understanding is, that measures should be out in place to ensure:

  1. Prevent hacking by third parties - You sure do not want someone spying on your camera feed.
  2. No unauthorized access to my power consumption (Sense or else)
  3. My information (stored in the cloud) should be off limits to both hackers and company selling it to third parties (e.g. Facebook Cambridge Analytica)
  4. No one should be able to know what time I’m home/out by monitoring my Smart Garage opener

The above can be grouped into:

  1. Strong measures to prevent hacking and mischievous activities
  2. Not selling Customer data