Main Topic Privacy Security

Today: Submit Comments on Smart Meters

Many Electric Meters

manymetersThe Department of Public Utilities (DPU) is seeking comments on the introduction of smart meters to Massachusetts.  Smart meters can send data on a customer’s usage as well as potentially receive commands, such as to disconnect a user from the grid.

The DPU expects to receive comments by 5pm Today, Friday, 1/17.

We have multiple questions about smart meters that need to be addressed before they are introduced:

  • Exactly how detailed will the data gathered be? Will it be simply kilowatt hours used or will the data such meters gather be more detailed?
  • Will such meters securely encrypt their communications, preventing third parties from monitoring a customer’s usage or potentially affecting the operation of the meter?
  • Will utilities ensure that the data they receive is identical to the data the meter transmitted or actually originated from the meter?  Will they use public key cryptography and message signing?
  • Who owns the data they collect?  Can it be sold or monitored in real time?  Will governments need a warrant to get it? Can a customer of the utility obtain a copy of her meter data?
  • Exactly what data is transmitted?  What is the record format?  Is it in a proprietary record format, or does it adhere to an open standard?
  • For how long will the utility company retain meter data?

Should the meter be able to accept remote commands, we have additional questions:

  • What commands can the meter receive and what actions will the meter take in response to those commands?  In other words, what is the meter’s remote API?
  • How does the meter verify that a remote command came from the customer’s utility and not a malicious third party?
  • What happens when the electric company’s credentials are compromised?
  • For the models deployed, have they been subjected to a security audit?  Are customers able to review meter security audits?
  • Will the electric company periodically upgrade the software running on meters?  How will these updates be conducted?  How will the meter verify that the software update came from the electric company, as opposed to a malicious third party?  Will customers be informed when software upgrades are done?
  • Will customers be able to obtain a copy of the meter’s source code so that they can independently verify that it is secure? 

Finally, why do smart meters need to be deployed at individual customer residences?  If the goal is to obtain details on power consumption, then why can’t this be done at the transformer level since a single transformer often serves several residences?

How to Submit a Comment

We urge you to submit comments on this proposal.  You can send your comments to:

To: “Mark D. Marini, DPU Secretary” <>,

Subject: DPU Docket 12-76-A, December 23, 2013,

Body Text:

DPU Docket 12-76-A, December 23, 2013,
Investigation by the Department of Public Utilities on its own Motion into Modernization of the Electric Grid.

<your comments. The limit is 25 pages but one short page is also effective>

Be sure to include your name, address, phone and email address.

Please be sure to submit your request by 5pm Today, Friday, 1/17.

How to Request to be on a Panel

There will be panel discussions in late February.  Individuals who wish to participate on a panel must email the same addresses listed above and:

  1. provide their name, complete contact information (i.e., address, telephone number, and email address) and affiliation, if any;
  2. summarize their qualifications;
  3. identify the subject matter on which they wish to comment; and
  4. briefly summarize the conclusions, opinions, and basis for the subject matter on which they wish to comment.

Use the format comment email listed above and be sure to ç


Image courtesy of Manywinters via Creative Commons license.

If you enjoyed this post, please consider leaving a comment or subscribing to the RSS feed to have future articles delivered to your feed reader.