Advanced Metering Infrastructure (AMI) is the core infrastructure for developing smart grids; smart metering systems with networking capabilities can display information in real-time, allowing users and the power company to both grasp the electricity usage status of the region and perform optimization management based on the usage scenarios. Users can view the data recorded by the electric meter at any time through a mobile APP or computer to adjust their uses of appliances and reduce unnecessary expenditures; they can also safely monitor the electricity usage of their homes while they go to work or go out. Power company personnel can also check whether the usage status is normal from a remote location, and the accumulated data can be applied in Big Data to analyze the electricity usage of different regions to find the most suitable power-saving and power-dispatching solutions. It is indispensable and important infrastructure for pushing demand response as well as power management.

The composition of AMI can be divided into a few parts: 1. Smart meter 2. The communication system 3. Electric meter management system. The electricity usage data measured by the smart meter is transmitted to the communication system through wired or wireless approaches, and the communication system will integrate all returned data of that region and further have the electric meter management system performance analysis and management of this data. Further exploring smart meters, the new generation meters mostly adopted both Metrology and management modules on their designs; the two can communicate through standard communication interfaces such as SPI and UART. Metrology is responsible for metering, information display (LCD), data storage, and status report. Management is also called the communication module; it plays the role of a bridge for communication through various wireless transmission methods such as programmable logic controller (PLC) and Ethernet etc. and is responsible to transmit the data from metrology to regional communication systems and to receive messages. Therefore traditional needs of requiring human labor to read the meters can be reduced.

As smart meters become more and more popular globally, the DLMS User Association has formulated a set of communication protocol standards based on the concept of modularizing electric meter communications - DLMS/COSEM (Device Language Message Specification/Companion Specification for Energy Metering). This association has set a series of specification standards that are currently also listed into IEC 62056 by the International Electrotechnical Commission (IEC) so those different countries can design electric meters based on this standard. As mentioned at the beginning of the article, even though smart meters with networking capabilities can bring many benefits, but the completeness of their security mechanisms and the privacy of users are also directions that electric meter manufacturers and power companies are working towards after they have started pushing electric meters. 

NuMicro® M2351 smart meter reference design solution

Nuvoton cooperated with Security Platform Inc. (SPI) from Korea and launched a new generation smart meter solution (AMI2.0). Nuvoton’s M2351 series microcontroller was used for the communication module along with the Arm® Mbed™ OS; its functions not only met the secure communication requirements of DLMS but further realized a complete secure function solution which we will explain below:

1. Secure communication

The SPI Smart-meter is based on the (D) TLS1.2 secure connection mechanism; when the connection is initiated, the supported connection version and encryption algorithm will first be explained, and then certifications will be further exchanged to confirm whether the object transmitting the message is trustworthy. Finally, when the keys have been exchanged successfully, encrypted communication will begin. Nuvoton provides complete hardware encryption and decryption engines (AES, 3DES, HAMC, ECC, SHA, and TRNG) to help reduce the resource used by the CPU and allow the smart meter to focus on the transmission and processing of data; related hardware resources are set within the secure zone of MCU to prevent illegal access from non-secure zones.

(Image source: Security Platform Inc.) 

2. Secure boot

Built on the TrustZone technology, SPI and Nuvoton provide a set of secure boot inspection mechanism/program code (Trust boot code) that is saved in a secure zone that cannot be modified. Every time the system boots up, it will check the validity of the firmware to run; it ensures the authenticity and validity of the firmware by verifying its HASH value and digital signature (ECDSA), and when verification has completed, it will then jump to this zone and execute the program. This measure can ensure that the electric meter was not maliciously tampered and no third-party programs were inserted to perform illegal acts such as stealing confidential data or electricity etc. The following process explains how the security credentials needed for SPI to provide secure boot is generated.

(Image source: Security Platform Inc.) 

3. Secure update

The advantage of smart meters is that firmware updates can be completed through OTA; SPI provides multiple wireless transmission interfaces (LTE, CAT.M1, NB-IoT, and Wi-Fi), and the internal flash of Nuvoton M2351 supports the Dual-bank function. The electric meter can complete firmware update without affecting its operations after the authenticity and validity of the firmware is verified; SPI also implemented the Anti-rollback protection mechanism to ensure that the firmware will not be restored to old versions to prevent security loopholes from being generated.

(Image source: Security Platform Inc.) 

Security threats may appear in different forms throughout the operating life cycle of electric meters. The new generation smart meter solution released by SPI completed the PSA Certified™ Level 1 OEM certification in October of 2019. Through the Arm Pelion IoT platform, the support needed for the deployment of digital certificates trusted update sources and secure communication protocols (TLS) for the life cycle of electric meters have already been integrated with the device management and access control abilities of the Arm Pelion IoT platform. Nuvoton is also currently actively developing next-generation products to provide more complete software and hardware capabilities to help smart meter manufacturers achieve higher levels of security protection.

As a developer of secure microcontrollers, Nuvoton designed the NuMicro^®M2351 based on Arm^® Cortex^®-M23; it is the first microcontroller that has passed both Arm PSA Certified Level 1 and PSA Functional API Certified certifications. In terms of security protection, we integrated software and hardware mechanisms to provide system developers with a series of complete tools; these include the following:

• Important assets of system developers can be securely stored in the microcontroller without being stolen
• Corresponding protection mechanisms can be provided for potential security risks
• Avoid potential security risks that system developers might generate in software and hardware designs