'Smart' meters. Got any data?

My energy supplier E.ON have moved from letter to text message to hassle me about having a new meter installed. I’m told it will now be a SMETS 2 device, though I assume it’s a little network as my electric meter is outside and my gas is inside. I found this:

Does anyone have a SMETS 2 meter, particularly from E.ON? Can you get access to the data? I’m assuming the device they give you is pretty useless for data analysis.
Maybe this is a business opportunity (but probably not.)

A guy with Scottish & Southern was asking why his data is collected half-hourly (same period energy is priced and bought in the wholesale market) but he can only get daily data. He asked for compatibility with ‘something like’

British Gas meters also became of interest, as say they’ll knock £420 of my annual bill and give me emergency boiler cover (up to £99.) They only give 1 day numbers too.

Welcome to “Big Data”. Smart meters are not for your benefit, despite what the marketing says.

I’m also pretty sure that somewhere in the fine print there’ll be a clause preventing “tampering” (probably on “safety grounds”) that’ll let you get the information out of the device.

And let’s all start the countdown to the first “hack” that divides all reported usage data in half (“SAVE $$$ ON YOUR BILLS WITH THIS SIMPLE DEVICE”)



Smart meters have the facility to remotely disconnect and reconnect both the electricity and gas supply.


Your [in-home display] will be updated by your electricity meter about every 10 seconds and by your gas meter about every 30 minutes

Using Zigbee, so maybe sniffable.


Interestingly, the technical page refers to the fact that collected data is sent to the “Data Communications
Company” (read: mobile data network provider, which if the database training I was asked to provide a while back is any indication, is a certain Spanish telecoms company), but the specification they link to is the older, deprecated SMETS1 standard. If the timeline in that document is to believed, they’d actually ditched SMETS1 before it even got rolled out. Although there is a “version 2” available, it’s SMETS1v2 rather than SMETS2 - a quick search doesn’t seem to provide any docs for SMETS2 at all. has some much better details about the technical security aspects - they make all the right noises about ECDSA and asymmetic keys, but the bit that worries me is:

The smart bit is that each [certificate authority certificate] authorises a fixed number of meters, and is then destroyed. It’s not needed once the keys are in the meters, and if it’s destroyed it can’t be compromised.

Which I don’t think is true - a CA certificate not only issues certificates (signs certificate requests), but it also involved in the chain-of-trust in order to validate certificates. Destroying the issuer CA certificate completely breaks that chain of trust - the key installed in the meter can’t be checked, because the issuer CA certificate no longer exists. I’m hoping what they mean is that the private part of the CA certificate is destroyed (thus making it unable to issue new keys) but the public part is retained in order to validate the existing keys. Unfortunately, it’s subtle nuances like these in security that are like a brown M&M clause for the entire thing. Or maybe I’m just being paranoid/oversensitive… :smiley:

My last jobs was at E.ON, in the team that put in the early Smart metering test infrastructure. I had lunch most days with the electrical engineer evaluating the hardware and he was working to improve his software knowledge, for obvious reasons. His advice then was to avoid SMETS 1 meters. I have some security policy and tech standards experience, so I ‘offered some advice’ about establishing open industry standards for software interfaces before they started. The response was “Yeah, WE KNOW!” and a lot of closed eyes head shaking about the awfulness of everything. The whole project was led by a hierarchy of incompetence with politicians at the top, timescales that didn’t allow appropriate hardware or standards to be developed and which flowed down onto really good techies trying to do the impossible with the crap decisions they’d been handed. If I move to British Gas to save £s, I have to take a SMETS. They’ve been given crazy targets for conversion by the government so are forcing them on customers. I might risk a SMETS 2 as they run on a private network but I want all the data and I’m not sure they can give it me yet. I suspect they’re throwing half-hourly data away and aggregating to daily numbers. I plan to be a nightmare customer.

In an attempt to be fair to managers, I once heard a UK Director say that it takes longer to get a new energy minister to understand the complexities of the energy supply industry than they stay in post and most of this was negotiated while government were blaming the Big 6 for the price rises that were the natural consequences of their own energy policy, so they were not the best of friends and ministers were chucking their weight around to show who was boss. Fear about job losses were causing cowardly middle managers to be afraid to say they thought anything was impossible, or even to check with people who understood. ‘When told to jump, they asked “how high?”’ and hoped they’d have moved on before there were consequences.

Far longer ago, I worked at Instem in Stone. They sold kit for telemetry, so they had boxes that counted clicks e.g. representing water flow. These outstations did some basic calcs on the clicks then used dial-in modems to transfer summarised data, to keep comms costs down. I guess it might be a similar arrangement, that the in-house devices have far more data than they are sending to the data collector. I expect they can change that centrally when they have had time to increase data capacity.

I think the British Gas meters are Trio II.

The smart meters have non-WiFi wireless connections to the monitor display and the ‘Data and Communications Company’. The DCC sends the data to your energy company and energy network company.
You energy company shows your data on the web and in an app.

“You’ll get a different communications hub depending on where you live. In the south and central areas of Great Britain, hubs use cellular and wireless mesh technology to communicate with the DCC’s central network. Further north, they communicate via long-range radio.”

There’s a WiFi module available but I don’t know if you get it.

[as at Instem, the gas meter wakes up and transmits data to the electricity meter every half hour then goes back to sleep]

I went with British Gas. Wow their tech is bad. The service that takes meter readings is down and they gave me a deadline of Easter Monday. My ‘happy path’ is not available. They sell this as ‘great news, you CAN do gas’. I’d forgotten I left them after some appalling service on a 5* service contract. I worked on contract for them a couple of times and they were great, so :frowning:

Not sure if you’re aware, but apparently at Birmingham LUG on the 21st May, Brian Cooper will be “giving us detailing[sic] his researches on the topic of Smart Meters”

Thanks, No, I hadn’t seen that. It hadn’t been announced when I last looked. I’ll try to go.

I did go. It wasn’t about SMETS2 (or Linux.)

But I’ve found this: which links to some InfoSec stuff.

Smart Metering Equipment, Technical Specifications Version 1.58

I got that via Bulb

I’ve booked to have gas and electricity meters swapped tomorrow, so if you don’t hear from me for a while, it wasn’t a smart move. I probably should have bought a solar panel first.

The Smart meter installation went well. I kept waiting for data to arrive but got bored. Last week I discovered my account had been closed. I’ve had 5 letters for someone else. After one aborted fix, They are “looking into it”. Their web site is glacial but the web text chat for help is quite good, if you are looking for excessive (automated?) politeness - “Thanks for your patience”, “we are sorry you are having to wait”, if they go quiet for 2s) rather than having your problem fixed. “May be fixed by 23/12”

1 Like

Proudly sponsored by Bytemark