A meter that can be read remotely can also be tampered with remotely — unless the protocol enforces strong security. DLMS/COSEM has a well-defined security architecture built into the standard.
Why Security Matters in Metering
- Revenue protection — an attacker who can SET energy registers can zero out consumption
- Grid safety — an attacker who can invoke disconnect on thousands of meters simultaneously can destabilise the grid
- Privacy — 15-minute interval data reveals occupancy, appliance usage, and daily routines
- Data integrity — billing disputes require proof that meter readings were not modified in transit
Security Suites
DLMS defines three security suites (also called security policies):
| Suite | Authentication | Encryption | Use case |
|---|---|---|---|
| Suite 0 | None or low-level password | None | Legacy / non-critical |
| Suite 1 | Challenge-response (GMAC) | AES-GCM 128-bit | Standard deployments |
| Suite 2 | ECDSA + ECDH | AES-GCM 256-bit | High-security / critical infra |
Most modern deployments use Suite 1 — AES-128 with GCM (Galois/Counter Mode), which provides both encryption and authentication in a single pass.
Suite 1 — How AES-GCM Works
AES-GCM provides authenticated encryption: the ciphertext can only be decrypted by someone with the correct key, AND any tampering with the ciphertext is detected.
The frame counter is a monotonically increasing 32-bit value. It prevents replay attacks — an eavesdropper cannot replay a captured packet because the meter rejects any frame whose counter is not higher than the last accepted one.
Keys in DLMS
Each meter holds multiple cryptographic keys:
| Key name | Purpose |
|---|---|
| Global Unicast Encryption Key (GUEK) | Encrypts unicast communication |
| Global Broadcast Encryption Key (GBEK) | Encrypts broadcast commands (e.g. demand response) |
| Authentication Key (AK) | Used in authentication tag computation |
| Master Key (MK) | Used only to wrap/unwrap other keys during key change |
Keys are provisioned at the factory and rotated periodically by the utility. Key rotation uses the key_transfer ACTION method, where the new key is wrapped (encrypted) with the Master Key.
Authentication Levels
DLMS defines four access levels, controlled by the Association objects inside the meter:
| Level | Name | Typical rights |
|---|---|---|
| 0 | No security | Read public data (serial number, firmware version) |
| 1 | Low-level (LLS) | Password-based; read standard energy data |
| 2 | High-level (HLS) | GMAC challenge-response; full read + some writes |
| 3 | High-level manufacturer | Full access including calibration |
The HLS handshake:
Both sides verify each other — neither the meter nor the HES blindly trusts the other.
Security in Practice
Common Security Pitfalls
| Problem | Consequence |
|---|---|
| Default keys not changed | Any attacker with the default key can control all meters |
| Frame counter not stored in NVM | After power cycle, meter resets counter; replay attacks possible |
| Broadcast key reused across all meters | Compromise of one meter compromises all |
| No key rotation policy | Old keys accumulate risk over years |
Key Takeaway
DLMS security is not optional — it is part of the standard. Suite 1 with AES-128-GCM is the minimum for any production deployment. The most common vulnerability in real deployments is not a flaw in the cryptography but in key management: default keys, no rotation, and insecure provisioning.