With the global expansion of urban infrastructure and development of 5G communication technology, advanced information and communications technology has been applied to power systems and the use of smart grids has increased. Smart grid systems collect energy data using Internet-of-Things (IoT) devices, such as data concentrator units (DCUs) and smart meters, to effectively manage energy. Services and functions for energy management are being incorporated into home IoT devices. In this paper, the IoT for energy management in smart cities and smart homes is referred to as the E-IoT. Systems that use the E-IoT can efficiently manage data, but they present many potential security threats, because the E-IoT devices in such homes and enterprises are networked for energy management. Therefore, in this study, to identify vulnerabilities in the E-IoT device systems, digital forensics is applied to the E-IoT device systems. E-IoT devices supplied to Korean power systems were used to build a digital forensic test bed similar to actual E-IoT environments. For digital forensics application, E-IoT data acquisition and analysis methodology was proposed. The proposed methodology consisted of three methods—network packet data analysis, hardware interface analysis, and mobile device paired with E-IoT—which were applied to a DCU, smart meter, smart plug, smart heat controller, smart microwave, and smart monitoring system. On analyzing the user and system data acquired, artifacts such as the device name and energy consumption were derived. User accounts and passwords and energy-usage logs were obtained, indicating the possibility of leakage of personal information and the vulnerabilities of E-IoT devices.
This research was supported by the Energy Cloud R&D Program through the National Research Foundation of Korea (NRF), funded by the Ministry of Science ICT (NRF-2019M3F2A1073385).
