Full Program

Attacking the DLMS/COSEM Advanced Metering Infrastructure

Summary:

The Device Language Message Specification / Companion Specification for Energy Metering (DLMS/COSEM) constitutes the de‑facto communications backbone of contemporary Advanced Metering Infrastructure. As deployment density grows, so too does the protocol’s exposed attack surface, warranting systematic scrutiny. This paper contributes a structured catalogue of DLMS/COSEM‑specific cyber‑attacks. After presenting the protocol stack and the AMI architecture, we develop a threat model spanning edge meters, field‑area networks, and utility head‑ends. We then describe 6 attacks, grouped into three attack classes: (i) False‑Data Injection, (ii) Connection Disruption and Session Hijacking, (iii) Denial‑of‑Service at the application and network layers. The paper concludes by outlining research directions for detecting and mitigating these threats.

Author(s):

Ioannis Papadopoulos    
Public Power Corporation S.A.
Greece

Dimitris Merkouris    
Public Power Corporation S.A.
Greece

Christos Dalamagkas    
Public Power Corporation S.A.
Greece

Nikolaos Nikoloudakis    
Public Power Corporation S.A.
Greece

Athanasios Arvanitis    
Public Power Corporation S.A.
Greece