 Yeah, thank you quite curious that are so many people here Yeah, we will divide the talk into three small sessions. So the first I will introduce what smart metering is or what Are we going to hack or what privacy implications we want to consider? Then Stefan will show you the privacy implication we have and later on I show you some Slides about hacking the smart meter So what is a smart meter smart meter is electrical power meter at the consumer side So it's down in your cellar and it measures The power consumption so why is it smart and it's smart because it's digital So it's more precise and can measure and the country consumption very Precisely It has a memory so it has the possibility to store the consumption over the time So you don't have an only value one value that you can read at the end of the year you can see the power consumption during the whole time and The other thing which makes it smart is it has a network connection. So it can transmit the required data You are not In the need that you have to go down to the cellar you can read it out remotely Yeah, what are the advantages the advantages is? Oh, I'm Advantages is that You can measure and optimize your own consumption when you see how much do you Consumed during the last day and you see that there are some lights switched on and you see the next day when you switch them off you Gain more money because you don't use so much energy that is from the consumer point of view And from the energy provider point of view that is that they can issue variable service charges So they can think about Having more times the day whether I'm current and cost you more and other times in the night where it's less expensive and What they say in the internet when you look over smart meters Let's say that they helps them to Utilize and the power infrastructure even when everyone is doing solar cells and windcraft Then they need to know about the power and they say that smart meters. I'm gonna help them for this So what is the hardware for a smart meter the hardware is typically divided into two parts? So you have a energy meter which is shown in this picture. So it's digital measurement instrument and This is the really payments relevant Device which is in your cellar and it's working like the other you had before which was analog and Maybe it has the possibility to switch and different prices and show the amount for different times a day and Attached to this and you can see it here in the upper part is a gateway So the gateway does the intelligent stuff so it can record the data. It has a communication interface to the smart meter normally it's via Infrared signals and it has an external interface and TCP IP either net or GP is and it depends on your local site and It can transmit the data to any other any other person So now let's switch and take some privacy implications Hi, that's okay, so Our motivation is that you can read from the Different data that is transferred to the Energy Okay First of all I show Something about our motivation After that we see our experimental setup Our motivation is about finding TV Films and movies in the power signal transfer to The At the end I show a little demo so Sorry so Motivation for privacy is that the smart meter sends consumption Data to the energy provider it's You can analyze this this data So from the data Mr. Hart shows in 1992 that you can Identify several Consumer devices uniquely so what you see here is For example a refrigerator which has three power cycles and Six heater cycles which Which are added to the signal so Our experimental setup at the labor is An easy meter as power meter and two different gateways We've used first of all the table connects are one point zero which sends one value every ten seconds this is Not enough so which for work so we switched them to come one from commit with sense One value per two seconds, which is equal to the real world Easy meter with meter read And set up which is applied in Mario's cellar for example This cover G is This Discovery, okay. This cover G is a Company which Sensors Which insert a smart meter for you and does and this I'm think for you and they have a web interface and The client can use this to plot his own data. So here you see the data consumption during a whole day. I think and In the web interface there are only the last three months available and it's a basic zoom functionality And you can't get the data. There's no RP provided to get out the data and he wants to Analyze this data so As there is no RP Provided by this cover G When you look at the HTTP Side and and to see what HTTP get requests do you have to do and then you can get all these values Based down to make one value every two seconds So you can get each value that was sent by the smart meter to The discovery side and you can start them on your local heart is for further For further calculations that he did maybe you want to do the next So and this is a detailed view of the web At the upper top there's the invoice Value we have pixelized for anonymity you see the Consumption graph of a wall day It shows the consumer his consumption He is a little error in the picture you see It's based on the daylight saving time in Germany. There's an interpretation error within the data Discovery shows you less than less information than they saved These pictures Can Tain the same data. We've downloaded the data from their server the upper image is from this cover G web At the bottom you see the predicted data with canoe plot Our goal is to determine which program was running raised on power consumption is Not possible. So to be more precisely We want to determine if a certain program was running So what we have to do is predict the power consumption of one program and correlate power consumption with the predictive predicted data Some TV power consumption basics and the power consumption of a TV is relevant Power consumption of a TV is the brightness of the backlight and This starting position so I've Said before we have We have one Value per two seconds. So it's important if the film starts at the first At the beginning of the two seconds or at the end the audio output is Negliable even so the manual brightness adjustment the user does Interferences can be Came from envy light sensors and program changes At the bottom we have the Difference from highest to lowest consumption of for example a plasma TV which shows us 160 watt with Contrast of two million to one In this at this point I have to say that the contrast is is Multiplied yeah multiplied by the brightness of the backlight. So with We've Tested another CT in with the difference about 50 watts which has a Contrast of 100,000 to one and even a two at CD displays the first as a difference about three words with an Contrast of 4,000 to one without Dynamic backlight and the second LCD has about 70 watt with 30,000 to one as contrast and To determine the to predict the power of him We have to determine the minimum brightness With max power consumption so-called women as we see in this picture We have three Yeah, and we have three pikes at the beginning to find our test film and after that we are we display Several frames which first a black then a gray one and after that wait One as a gray frames started at black and runs and runs To white it's a GB interpreted So We can We can see and that's the that after nearly 30 gray strips The steps the maximum power consumption with minimum brightness is reached For the power prediction we analyze film chunks maybe five minutes we've used in this context first of all we You see on the left side the blue graph is the brightness of the frames We interpret So I think I don't know about this I think I think The rule one is on the brightest of the films So you take the home film or film chunk of five minutes you get this five minutes and you see the brightness Over this five minutes and then as the power meter Sees the power consumption during this whole five minutes You I'm going to predict the power consumption based on this with this for a nice fancy formula up there And you get the green one. So this is the predicted power consumption and when you have in your home only The TV attached then you have then we expect that you can see this Power consumption in your smart meter Yeah, I think that's one I Think some of you know this movie The whole movie is about 600 seconds I've cut it until 26 I think So You see the picture and at the bottom you see the consumption graph of our TV at home. So The first Part of the graph you see I've cut the first six seconds away. So Oh Not through the nose Shut up. I'm going to do that This happens from your rosary So at the top you see Mesa consumption of the TV at the bottom you see the Predictive data from the movie files. So as you can see here, it's nearly easy to match even the wet Graphs are jolted match these part to these and so on so It's Easy to find this with your eyes But there's also a Mathematical way. It's the Pearson correlation Pearson correlation short is You get a value about one to minus one for example One when it's a perfect match You're so closer you come to the zero As Less you are You have a relationship. So in this context the signal noise of other Devices doesn't matter As you can see here at the bottom the overlayed graphs After the Pearson correlation so Privacy implications in Germany we also differ between Privates here and intimate sphere. I think there's no English Translation for this With the data can Transferred to discover you for example there's a way to Determine your daily routine direct insight into your private sphere on even To get in transparent citizen Okay, thank you. Let's add me one thing because it's a thing. I'm very Interested in explaining it and this are which we see here Data from the laboratory. So it was only the TV But they did it also in a real world So they had a house and they had the normal behavior of the whole household and they showed a film about One and a half hours and they took all the data from one month And they were able to find in which time the film was displayed on the Telephone in a real world so and what the correlation coefficient does is that it gets in this Template which you do from the film you want to find and goes over the whole time and finds if it's match and it's not It's not a point if there is a noise So even if there's a refrigerator or any other things that are going on the the first thing is the refrigerator is really every five minutes and you can Build a filter on this to filter this out and even the other noise is going to switched out by using a correlation coefficient And this makes it very powerful. It's not like a game And we showed it here like like doing so in a laboratory. It works really in practice with this two seconds intervals Yeah, I'm true Okay, so now we're going to do the hacking part. So I'm the electrotechnic guy and Also, I'm a Windows user and I'm not very good programmer, but I was quite curious about this Discover G smart meter and I ordered it and it arrived at my home And I looked on their website and on the website a material in German It's a German website and it's the former website the website doesn't exist anymore this three points they say how it's gonna Discovery protect my data and in the green one they say that they use a web-based glue and basically HTTPS So that if you go to the GUI to the web front end and if you enter your password and your data is displayed Everything is secure. Everything is encrypted. So there's no problem the yellow thing says that how is the smart meter talking to the to their servers and They say that the smart meter uses only in encrypted Way of communicating so every data is encrypted to provide the confidentiality of the data and also the data is signed Which means that you have no possibility to alter the data and to other values and The red one says and that is expected by independent experts Regular really say so I was quite curious about this and when they Install it for me. It took a day that I got my password and Then I went to this HTTPS server and when you print in HTTPS you get a certificate Which is for asterix dot discover g.com But the server is running on HTTPS discover g.com. So the issue of the certificate doesn't match to on the website and Firefox shows you this little note. Um, yeah, it's a wrong certificate. So then you accept the certificate and say, yeah, it doesn't matter I'm quite sure that it's true But then it doesn't show you in the HTTPS site. It redirects you to the normal HTTP site So when you enter your password all the passwords entered in clear so What? Okay Okay, yeah, I'm quite new here normally it's The the Congress is doing my birthday and only I'm not at the Congress because I'm festigating my birthday There's the first time that I'm here. Therefore. I'm not sure How to behave here So and data order than three months cannot be displayed. So when you have this longer than six months than the older six months can't be displayed but In the previous talk he showed that using his own interface. It was he was able to display even to get even this data so the display is Not because the data is deleted missing the data The data is still there on the server and only the web interface doesn't display the data So the first thing HTTPS is not there. So it's not used or data It's not deleted and by the way the password is quite easy to guess. So when you know someone who has it The login name and the password is easy to guess when I know anybody here who has the has his name and First name I get can get the password from him and it's not easy to change the password in the web interface So I tried it two times There is no web interface link there. You get an email where you can click up on it and then you can change the password and Either the new or the oldest password and work anymore and you have to phone them up and they reset the password for you So we saw HTTPS not there. What is about the smart meter communication? So I Said I'm a windows guy. So Internet things are quite curious to me why I shark I never saw it before so first I started to monitor the smart meter communication. I started with the switch and some sync flooding on windows It's really difficult. So then I found Interface in the fruits box which can capture the data I think everyone here knows it more better than me. You can use wire shark to analyze and Pretty easy for Windows user and then you see that the smart meter sends HTTP post request Here you see some request. I hide it the Meg address of the smart meter because it's my Meg address and You see that it's sent to a fixed IP It's contain the containing the measurement values in plain. So you see here 0000 kilowatt stunden kilowatt hours Seconds and other seconds was also quite curious because it's not a Linux daytime. It's a daytime. I think seconds since 3rd of December 1997 I didn't know what happens there, but this is the Start of I had a long time to figure it out here So and there's no cryptographic signature and I showed it to my wife and she said oh, but it's encrypted It's all encrypted stuff here and Yeah, and it was quite difficult for me to explain to her that it's not encrypted So and what we observe it is that the smart meter provides its own identity by using its own Meg address So there's no protection at all. So communication from the smart meter to the server Is in plain text not encrypted not signature? or and no Mac and Mac by the way is machine message authentication code. I think you know it all So thus I was quite curious. Can I fake the data? So is it possible for me to fake the data? So I don't want to hack the smart meter. There are some fancy Plum on it and you can't open it and I want didn't want to destroy this. So the only thing I Thought so when I said my own packets it may be literally confusing when the smart meters sending his own Packeters so I took out the cable from the smart meter. So it had no connection anymore and I said my own packet so I Had the make address of the smart meter and I emulated the smart meter with my Windows program and I started to learn Python because I never had Python before and a guy told me you have to go take Python and I started to to make such a Triangle and it was not high enough. So in the second time later you see it was from two o'clock to two 30 I magnificently I'm trying and you see it works was I'm pretty funny for me and When you see it I got the smart meter so I got the smart meter on June 9th on 10th. They sent me the password and this is Two o'clock p.m. At the third day. I just affected it. So it was not a problem for a Windows user It was not a problem for for anyone So then I think oh So then Python was very Bad for me and I am visual basic guy So I wrote my visual basic guide to print something on the net So you see even visual basic is not good or my programming skills are not good the K and the V are not the same But you see basically that it's possible to fake all the data So what other fun can we have? Oh, yeah, and then based on this And there was an article in a German newspaper. It called CT when you look at it. I don't know the CT 23 you see it in the last slide and after this article my Smart meter didn't work anymore. So the article was issued on October I don't know 20th or like this and two weeks later You see there's no power consumption at all for two months and look on the day where to work it Started working. It was yesterday So and this web interface is also little buggy. So this only for fun There's nothing fake only clicking in the web interface without faking data And I was able to get out that my minimum power consumption was minus 106 kilowatts Yeah, and then we have the independent reviews from experts. So Even when I'm not a real expert But I think we did it and you can build your own opinion of Based off on our results So what's the summary the summary it's it works for all smart meters if they make it snow It worked till the day I did it So if it's now working we tried it today because we wanted to do the fancy skyline But it seems that my smart meter was updated and maybe it's now testing Signature or things like this. I was not able to figure it out, but we would have the skyline of Berlin in the background if it was working So max are see it's quite interesting the max are sequentially is Issue to the customer. So they have their own Mac range You can find it in the right database and you will see that or I could see my own IP address my Mac address the last Byte and I know another guy. He has 20 Plus 20 from me. So he had it. I think a month later or two months later and there you see how many smart meters are issued So but the experiment I did Don't have an effect for the billing So I did nothing quite wrong because the fee which I have to pay is calculated once a year so once a year and the the company sends the smart meter to the Power consumption from the year to my provider and I have to pay for this And when you want to fake it you have to do it and by continuously spoofing the packets So to get the effect for billing you have to put a man in the middle attack and to send the packets every time maybe see your own packets to make it more realistic and the quite interesting thing is that I could do it for my smart meter basically knowing the Mac address and I know the Mac address from every other Smart meter client I can do it for everyone. I can't see if it worked because I don't have the password but I can do it for everyone Yeah, and after publishing in the city magazine on the smart meter didn't send any data Yeah, our point of view is yeah, why should be newest? Should we want a smart meter? So for this point? It is billing relevant Information so on this cover G on the website say We gonna find the best provider for you for your usage. So the German providers are normally every are not daytime relevant so you have the same fee for for the whole year and They could get even when they get only one day value one value each day They could also predict and what is the best and provider for me or the best tariff Yeah, when we gonna have different rates. So when night rate is less expensive than day rate, then you could Transmit even more but not every two seconds Yeah, from all point of view when they say on the website the data should be encrypted inside signed now It's not more promised on the website. So after this article you don't find this website anymore So maybe it's okay when they don't don't sign it and encrypt it Yeah, but for me, I'm I'm a nerd guy and I'm quite interesting in this two seconds value But from the technical point of view, it's really simple to do it. You can put a smart card or like a What's it called a compact flash card or a small memory card in the smart meter And you can store all the data there and from my local net I can go to the smart meter maybe with a fancy Windows program or with a Web front and on the smart meter. I can also see the detailed information, but I don't I'm not Interested in sending all this two seconds to everyone in the world Yeah, so I'm have finished. I think we have finished so open for questions So we know we have a Q&A till the end we have an audio angel in the back and here I'm in front But I will take the first question here, okay Could you describe the way how you got the meter like was it an offer from your service provider? Or did you go to your service provider and say I would like a smart meter? How is the normal way for just any Joe who pays a power bill to get this power meter? Yeah, so it's in Germany. We talk about Germany in Germany. It stands on 1st of January 2010 It's allowed for a company to be a mess stellen Unbeter so they do only a smart meter thing So it's a company which offers the service for you to measure your current. It's not the energy provider and it's not the one who has the wire to your home and You can go on the website you go discover people come you print out a PDF form and you get this Fancy meter after five months or so they come and they take away the old one So you don't have to pay more for your own provider the old Smart meter or the old meter you have and you get this fancy smart meter and The service they offer on the website is that they look at your behavior and they say you can change to another Tariff and you Gain money from this and if you don't get at least This sixty sixty rules a year which is their cost. You don't have to pay for it So in fact, they didn't tell anything to me. So I have the same provider as the last year or as since What was it? I'm June and I didn't pay anything for this Yeah, and I'm living in Bochum and Bochum is the start work. I went there and as there is also Another rule that they have to provide you with the smart meter if you want to you go to the stock back of Ohum And it was really funny. I said I want this funny fancy smart meet and they say yeah, you can have it But you have to change the tariff so you're gonna get a tariff Which is I don't know the quite the real numbers But let's say now I'm paying 20 cents per kilowatt hour Then they said I you get a new tariff daytime is 28 cent per kilowatt hour and nine time is 19 cent and I figured out even if I get my whole Consumption in the night so 95% of my consumption has to be in the night that it's Imported that I can that I can I do it without paying more so they try to do a tariff that nobody wants it So I got it from the scourge and everyone who's in Germany can get it from the scourge You can fill out this form and you will get it other questions As far as I know the BSI is developing a so-called protection profile for smart meters Which will be mandatory for all coming smart meters in the future Can you say something about the correlation between new work and the protection profile? Are these attacks possible when the protection profile is in work? Yeah, let's say so The protection profile. I don't know if everybody knows it here. So it's common criteria as an evaluation Independent from the states and you can go to if you are a provider and you have a smart card You want to develop or like a smart meter then you go there and you say I want a certification that this is secure and To define what is secure? It's on your term you can say it's secure because I say it's green and then they prove that it's green and then it's secure and For smart meters and they issued a protection profile. So protection profile says what is the? Profile what is the requirements this device a smart meter has to fulfill and this protection profile? has a certain levels and the level is the level for which is like smart cards the smart cards in your phone and Yeah, if you want to hear my opinion. So first the work is not related with this I'm I know about this. I know how is it working? I even know that the protection profile is now being written by the BSI and then they issue it You can load it downloaded on on their website But you have no rights to comment is because the comments can only give Big institutions like energy providers or like big companies which wants to sell smart meter So we can't go there and give comments on this So and in my point of view, I don't know Hardware which is not a smart card Which is an evaluated common criteria level for this are these devices you find at the state in Boatshaft and and things like this where they gonna transfer the transfer this data because when you want to reach the level for For a device it means that all data has to be destroyed when you open it So it's really difficult to do this for a smart meter I never saw a device in my hands. They only this Diplomacy communication devices Which are in this highest level so I don't know what I have to think about this I think it's quite impossible Maybe it's some politics that small companies are not able to sell smart meters when this is Issued and when it becomes law But I even don't know if it becomes law in the next year So when you would ask my expression, it's like reading looking to the future reading in the glass Ball or things like this Questions You're next to me Actually, I just want to correct you You can input this this is currently being standardized all this Let's let's say the smart grid has been specified and standardized in IC 61 850 on IC level you can participate on The German mirror committees at DKE because every German citizen is allowed to participate Actually, it's quite hard to find these things if you're not already in and You only get the good documents if you're really a Participant of the committees. That's unfortunate Yeah, that's a big problem and as I know I have some kind of access to these to those documents The security stuff is not standardized as of now. They are just starting to talk about it And so I assume it will take another two years at least Yeah So the the common criteria profile is there they say that's only allowed from from the big companies and but for the IEEE and other standardization stuff I think it's also possible. Yeah Hi You mentioned that your Recommendation is to make it so it only uploads the data once per day But doesn't that defeat the whole purpose of this device is that the that they want highly accurate usage data so that they can Trade energy credits and whatever. So yeah, they want accurate data to track you and yeah, I don't know but on the website they say they want to do it for Finding the perfect Solution for me to get paid if they want more they have to do it. Yeah, but they don't tell about it. So sure another thing is that they say that it's Not this company that is said in the public when you look on the internet It said that smart meters gonna help you to use the power grid better So to know if someone has more power consumption less power consumption even when everyone is Producing its own power by wind energy or Solar energy or things like this, but in my opinion, I'm electrotechnical and I had This energy stuff in the university and I know that the power provider knows the Load of the whole net in the microsecond where the load is So it's not possible by internet by measuring it in a home Accumulating every data sending it very RTCP IP to servers for every German citizen To then get the actual knowledge of the power consumption. They have it just in the second way it consumes because when they don't Able to provide this power the net breaks down. So I don't know why they want it but sure when they want have exact And use it from you then they have to measure this and Yeah, we have time. I think we have been quite quick Okay, so I Have two questions first Is my understanding correct that you hooked up the power meter just to your DSL modem at home? Yeah, just basically use whatever internet you already have. Yeah, this is for discovery is Is it like this? It's in there In the PDF file, which you have to sign you have to provide the DSL line For their power meter to send therefore I was able to monitor everything. Okay, and a second Your old meter is gone. Are you now stuck with the device? Are you happy about that? Yeah, I have been at the Stadwerke Bochum and ask how much does it cost when I don't want it and they have to Reinstall it to me and they said it cost them 50 euros and I said, okay 50 euros. It's okay But but I signed a contract for two years with this cover G. It's like a cellular phone You mentioned the net breaking down. I would like to point out something There's a novel of the renewable energies law in Germany and it says that certain renewable energy systems have to have a Technical system that allows them to be remotely shut off Now we I think they are still bats accepted that they will fuck that up and The law is coming affecting Effective in today's time. So It's probably going to be very interesting to have a talk here next year on How to shut down the germ power grid because politicians Because politicians Because politicians want to have a police possibility for The network operators which equals in a possibility for heckos. Yeah, sure Hi I just posted on Twitter that there's a project coming up in Berlin where 10,000 Households going to use smart meters in the near future and that may be of interest It's in the Marcus's filter. Yeah in Berlin. So I guess the people don't have to choose Whether they use the old ones or the new ones Yeah, maybe so I'm not from Berlin. I'm from Bochum, but it's quite interesting Maybe some guy here from Berlin can check it out also Hi, I just quickly want to introduce myself to the audience I'm Nicola starts. I'm actually the CEO of this cover G I just want to lay out a couple of words for clarifications. First of all First of all, I'm actually Quite proud that we're actually the only utility independent metering operator in Germany I just want to say this because it's actually tough to be a metering operator I mean, come here. That's no explanation For having those security issues. Yeah, I am terribly sorry for this and some of them we've resolved the remaining ones we're working on and Actually, I appreciate the help you guys are giving and just Just come come here And very briefly why do we collect per second data? And I think the main reason the main Motivation for our business model is to help Individual consumers to reduce the energy use. Yeah, and this is why we collect the detailed data Not to know what you're watching on TV But to see whether you have an old fridge or an old washing machine or whether you forgot to turn on off the light Or the the iron or something like this. Yeah, that's the main reason for collecting the detailed data Our product is voluntary. Yeah, so by definition You kind of opt in if you become a customer That we collect this data will also give the opportunity to opt out of the detailed data collection and What else did I want to say? Yeah, I think oh, yeah And if any of you is really into maths and statistics and lust to play with data Come up to me later It's a tough problem Discovering what you watch on TV Might be the easy part of it There's lots of hard problems still to be solved if you love like these kind of problems, please talk to me later So maybe even some questions to Nikolaos I think there's a question over here Dear audio angel, do you have a question there? Based on the data you already have Do you think you will find a new profile a payment profile for this guy If he's still the Stadtwerke Bochum, I'm hundred percent sure that we can yes Well, since you're here, we have been speculating a bit about the business model But you might be very well placed to explain what exactly is it you're trying to run your company off Sure, so we've got the three main revenue streams One is that we charge you something for the installation of the meter and for the running of the meter So we take Five years per month 60 years per year But you save at the same time the money you pay in your like base fee to your current utility company Which is around 20 25 euros. Yeah, so your additional cost is 30 to 40 euros if you use our service and we also like we don't do that yet, but We intend to earn commissions when we Recommend you to change your energy provider and also if we tell you buy this new Energy efficient fridge then possibly the manufacturer or the retailer In say like pays us a finance fee For recommending those products, but in any case Will be as neutral as Algorithmically possible to recommend you the products in your interest rather than maximizing commissions or whatever and Just one one point. I think it makes a lot of sense to provide this business model Independent of the utilities because if you think of it the utility will never tell you Go to another utility because it's a bit cheaper and the utility Has no inherent interest to tell you where you're wasting energy Yeah, they want to sell you as much kilowatt hours and not as little and I think that makes us unique Even if we still have a lot of work to do Could you Could you Decrease the these two seconds or rather increase it to say once an hour if the individual customer wanted that In fact, we plan to give our customers customers the option to like just on your web browser You can go into what is it privacy modes or a surf incognito? You could say do not store Per second level, but just take a daily measurement or 15 minute measurement. We need some measurements Obviously to give to the utility for billing purposes, but obviously we don't need per second values So we will create the opportunity to opt out of per second measurements Okay, so you said that there is two basic purposes The one is to find the right tariff for which I think the presenter has shown Quite reasonably that per day data or maybe even per month data would be sufficient for finding the right For finding the right utility to pay And the second one you mentioned was the sort of educational goal Of finding the energy of seeing the energy consumption of certain devices within your power consumption now as The presenter has also said for this it would not be necessary for the data to be sent over the internet In fact, it would be easier and even more fault-proof If the data were only accessible on the local area network of the person's home So it would never have to leave the person's home. Why is it being sent over the internet? Is it because you think it would be easier for people to handle or is it because you want the data for something else? Okay, I think it's mostly a question of philosophy What's the right approach the other company which offers a smart meter to you across Germany is yellow They actually follow the other policy They have the granular data only locally But if you speak to the people at yellow and to the field technicians It is actually a nightmare to have this local area network like you swap out your DSL provider You have a new DSL box a new router It's a lot easier To get the data to central place in the internet to access it through the browser rather than setting it up The local infrastructure. So it's just I think from a usability perspective. It's superior also It's superior because now you're sitting here in the Congress Maybe you were wondering whether before you left your house you you turn off your, you know You're cooking or left the light on or something like this if the data is Contained locally, maybe you because you know how you know how to access remotely Your house you can access it But the ordinary person will have great difficulty with this and also We want to be able in the future to send you an alert if you're not at home And you forgot to turn off like you know your cooking equipment and stuff like that and all those things are Obviously impossible to do if the data never leaves your house. Yes, so Give us a little bit of time, but you can Use a mobile app which will provide and obviously you give us You know you opt in to share this information with you with us if you do but you're not forced to do that obviously I Would have another question to the original speaker. Sorry for interrupting your block Nicolas. Thank you Your analysis refers are as based on the two-second interval now. We've been speaking a lot about discovery solution I wonder are you aware of any other companies or utilities that do have a similar solution? It has a two-second interval for Transmitting the data to a central point. Yeah, we showed up the only thing we had Have been in our laboratory or in their laboratory. I'm not sharing the laboratory with him Was it This three smart meters and there was the smart meters every time the same So the downer purpose measures the power consumption is every time the same and I'm the smart meter Which senses data and there are two other we Looked at and one is I'm called team connector and it sends one value every ten seconds and the other one I'm very every two seconds and other I don't aware that there are others I don't know right though. These are technical solutions for implementing such a thing I wonder are you aware of any other utilities because I am not That uses the two-second intervals as far as I know all other utilities do use a 15 minute interval Yeah Yeah I don't know it's just about because you on some slides you said if you know the MAC address You can do that for any smart meter Yeah, and you're not referring that to the discovery solution because that's I think that's an important point as far as I know Discovery is the only one who transfers that to second interval 15 minute interval is bad But to second interval is a bit worse even yeah But yes to fake it was based on the scourge because we looked only the packets from the scourge if other In crypto sign it we don't know This two don't No, this is not sending how was it working? The last one the comate Doesn't send any data to the internet you just open and TCP stream port 5000 and then it sends the data only to you with team connects We've didn't try it so it's we've seen the data rate is Nearly 10 seconds and broke up at this point The point I'm trying to make is some people might have the impression that a 15 minute interval is a lot better I will not as bad as the two second interval So I think that they would get the wrong point. So that's just an important issue. I think yeah, sure the point is that When you have the 15 minutes interval, maybe some privacy issues don't occur you are surely not able to see the phone but the The possibility to Fake the packets. It's the same when they are not secured you can fake them as well Okay, so we have only two minutes left So any very very important questions here very very important, please Oh, we have the IRC now. We need to take care of the guys in the IRC, you know Yeah, there's a question here To the CEO are you planning to update the smart meters to do only signed and encryption? communication with the servers Definitely that's for sure and those guys have offered They help to make sure that not only we think it's secure, but they also think it's secure Thank you very much to the gentleman who did this work. It's fantastic Speaking as someone who's developing a competitor product where we do all the processing in the home I was wondering what kind of interface would you guys like to see on the Processed data that both discovery and Navitas are looking to generate In the home, I don't understand. So I work for a company that is also looking at this high-res data Very quickly. We're doing the disaggregation as well But we do it in the home in the unit itself What kind of interface would you guys like onto that data perhaps without it getting out into the internet? Yeah, I think a real good as the data has to be transferred to the internet some data So each day or each hour then I would like to have the same interface So like the ethernet interface for my local area network like we discussed before and then all with an application to get the data Or with a web interface