2024-12-28 –, Saal 1
Language: English
A significant portion of Europe's renewable energy production can be remotely controlled via longwave radio. While this system is intended to stabilize the grid, it can potentially also be abused to destabilize it by remotely toggling energy loads and power plants.
In this talk, we will dive into radio ripple control technology, analyze the protocols in use, and discuss whether its weaknesses could potentially be leveraged to cause a blackout, or – more positively – to create a city-wide Blinkenlights-inspired art installation.
With three broadcasting towers and over 1.3 million receivers, the radio ripple control system by EFR (Europäische Funk-Rundsteuerung) GmbH is responsible for controlling various types of loads (street lamps, heating systems, wall boxes, …) as well as multiple gigawatts of renewable power generation (solar, wind, biogas, …) in Germany, Austria, Czechia, Hungary and Slovakia.
The used radio protocols Versacom and Semagyr, which carry time and control signals, are partially proprietary but completely unencrypted and unauthenticated, leaving the door open for abuse.
This talk will cover:
- An introduction to radio ripple control
- Detailed analysis of transmitted radio messages, protocols, addressing schemes, and their inherent weaknesses
- Hardware hacking and reversing
- Implementation of sending devices and attack PoCs
- (Live) demonstrations of attacks
- Evaluation of the abuse potential
- The way forward
Fabian Bräunlein has always been curious about taking systems apart. He works as a Security Researcher and Consultant at Berlin-based hacker collective Positive Security. His previous research includes hacking payment systems (32c3), travel systems, IP cameras, URL handlers and Apple's Find My protocol.
Luca Melette is a security researcher and advisor at Positive Security. Focusing on mobile networks and hardware devices, he discovered several security vulnerabilities in 2G/3G/4G/5G networks, from low-cost radio attacks to more sophisticated SS7 abuse. In his free time, he likes to explore any electronic device in the surroundings, firstly to understand how they work and then to identify more fun ways to use them.