AMINet: An Industrial Honeynet for AMI Systems

The Advanced Metering Infrastructure (AMI) is lately introduced to ensure the real-time exchange of smart meter measurements and their availability for both utilities as well as their customers. DLMS/COSEM is the mostly used protocol for AMI system as well as allows the integration in 5G-enabled network slices to increase the reliability of energy measurement exchange and availability of sufficient data to calculate energy demand. Nevertheless, such integration augments the threat landscape and increases the probability of cyber-attacks by malicious entities, which aim at the exploitation of vulnerabilities. In this paper, we propose a risk assessment method based on the NIST SP 800-30 standard, for identifying such vulnerabilities as well as to classify them according to a risk matrix based also on their impact on the AMI system. The method is then applied to the DLMS/COSEM, in order to identify its vulnerabilities, which may be later be exploited within a cyber-attack aiming in disruption the AMI system operation. Moreover, it is demonstrated through a 5G-enabled emulated smart home network which is used to exploit smart meter vulnerabilities and then through a lateral movement to conduct attacks causing fluctuations on PhotoVoltaic (PV) systems and energy storage batteries.