Fuzzing Optical Smart Meters with ProtoPredator


Our team has been working hard in the lab, once again testing the optical implementations of a variety of smart meters. Using our proprietary in-house developed tool, called ProtoPredator for Smart Meters, we have been doing full fuzzing of optical protocol implementations. 

Our tool makes this process easy and reproducible. It also provides for easy regression testing and fix validation through session replays. 

One of the things that makes ProtoPredator so cool is that it includes both arbitrary conversations with the meters in addition to canned sessions, making much more flexible in the hands of a knowledgeable user. You can easily use this feature to perform more nuanced validation of the protocols, testing things like sequence errors, poor trust, error recovery, etc. 

While ProtoPredator is still tied to the optical coupler speed and the inherent speed of the protocols in use, testing with it makes validation of the optical ports more effective than other more traditional approaches. Additionally, you can use multiple seats of ProtoPredator in parallel to decrease the overall testing and validation time, especially since the “brain files” and packet sessions are easily interchangeable amongst installations.

The easy to use GUI also means less frustration and more time on task for most users. It lets the testers spend less time on mundane tasks like serial configuration and hand crafting packets and more time on security testing, protocol analysis and bug hunting.

To find out more about ProtoPredator, or to discuss having our lab give your smart meters a look over, get in touch. Info(at)micro solved(dot)com will get you a prompt response. As always, thanks for reading! 

ProtoPredator to Become Family of Products

On Nov 16, we announced the availability of ProtoPredator for Smart Meters (PP4SM). That tool, aimed at security and operational testing of optical interfaces, has been causing quite a stir. Lots of vendors and utilities have been in touch to hear more about the product and the capabilities it brings to bear.

We are pleased with the interest in the PP4SM release and happy to discuss some of our further plans for future ProtoPredator products. The idea is for the ProtoPredator line to expand into a family of products aimed at giving developers, device designers and owners/operators a tool set for doing operational and security testing. We hope to extend the product family across a range of ICS protocols. We are currently working on a suite of ProtoPredator tools in our testing lab, even as we “scratch our own itch” and design them to answer the needs we have in performing testing of SmartGrid and other ICS component security assessments and penetration tests.

Thanks to the community for their interest in ProtoPredator. We have a lot more to come and we greatly appreciate your support, engagement and feedback.

ProtoPredator for Smart Meters Released

Today, MicroSolved, Inc. is proud to announce the availability of their newest software product – ProtoPredator™ for Smart Meters (PP4SM). This tool is designed for smart meter manufacturers, owners and operators to be able to easily perform security and operational testing of the optical interfaces on their devices.

PP4SM is a professional grade testing tool for smart meter devices. Its features include:

  • Easy to use Windows GUI
  • Easy to monitor, manage and demonstrate testing to management teams
  • Packet replay capability empowers testers to easily perform testing, verification and demonstrations
  • Manual packet builder 
  • Packet builder includes a standards compliant automated checksum generator for each packet
  • Automated packet session engine 
  • Full interaction logging
  • Graphical interface display with real time testing results, progress meters and visual estimations
  • Flexibility in the testing environment or meter conditions

The tool can be used for fuzzing smart meter interactions, testing protocol rule enforcement, regression testing, fix verification and even as a mechanism to demonstrate identified issues to management and other stakeholders. 

ProtoPredator for Smart Meters is available commercially through a vetted licensing process. Licenses are available to verified utilitiy companies, asset owners, asset operators and manufacturers of metering devices. For more information about obtaining PP4SM or to learn more about the product, please contact an MSI account representative. 

More information is available via:

Twitter: @lbhuston

Phone: (614) 351-1237 ext 206

Email: info /at/ microsolved /dot/ com (please forgive the spam obfuscation…) 🙂

Smart Grid Security is Getting Better – But Still Has Ways to Improve

Our testing lab has spent quite a bit of time over the last several years testing smart grid devices. We are very happy to say that we are seeing strong improvement in the general security controls in this space.

Many of the newer smart grid systems we are testing have implemented good basic controls to prevent many of the attacks we used to see in these devices in the early days of the smart grid movement. Today, for example, most of the devices we test, have implemented at least basic controls for firmware update signing, which was almost unheard of when we first started testing these systems years ago. 

Other improvements in the smart grid systems are also easily identifiable. Cryptographic protocols and hardened system configurations are two more controls that have become pretty well standard in the space. The days of seeing  silly plain-text protocols between the field devices or the field deployments and the upstream controls systems are pretty well gone (there are still SOME, albeit fewer exceptions…).
Zigbee and communications of customer premise equipment to the smart grid utility systems is getting somewhat better (still little crypto and a lot of crappy bounds checking), but still has a ways to go. Much of this won’t get fixed until the various protocols are revised and upgraded, but some of the easy, low hanging vulnerability fruit IS starting to get cleaned up and as CPU capability increases on customer devices, we are starting to see more folks using SSL overlays and other forms of basic crypto at the application layer. All of this is pretty much a good thing. 
There are still some strong areas for improvement in the smart grid space. We still have more than a few battles to fight over encryption versus encoding, modern development security, JTAG protection, input validation and the usual application security shortcomings that the web and other platforms for app development are still struggling with.
Default passwords, crypto keys and configurations still abound. Threat modeling needs to be done in deeper detail and the threat metrics need to be better socialized among the relevant stakeholders. There is still a plethora of policy/process/procedure development to be done. We need better standards, reporting mechanisms, alerting capabilities, analysis of single points of failure, contingency planning and wide variety of devices and applications still need to be thoroughly tested in a security lab. In fact, so many new applications, systems and devices are coming into the smart grid market space, that there is a backlog of stuff to test. That work needs to be done to harden these devices while their footprint is still small enough to manage, mitigate and mature.
The good news is that things are getting better in the smart grid security world. Changes are coming through the pipeline of government regulation. Standards are being built. Vendors are doing the hard, gut check work of having devices tested and vulnerabilities mitigated or minimized. All of this, culminates in one of the primary goals of MicroSolved for the last two decades – to make the world and the Internet safer for all of you.
As always, thanks for reading and stay safe out there!