Pseudonymous reverse engineer "Hash" has published a series of videos demonstrating how to capture data from wireless smart meters using a low-cost software-defined radio — and how to process that data to retrieve information including meter identification tags and outages.
"We generally ignore the fact that we are surrounded by power meters," Hash explains by way of introduction to the video series, brought to our attention by RTL-SDR. "They blend into the background silently monitoring our consumption of energy. How much do they know about our daily lives? Who can access that information, and where is the technology heading?"
The answer to "who can access that information" turns out to be "Hash," thanks to a low-cost USRP B200 software-defined radio (SDR), the GNU Radio software package, and some ingenuity — plus a series of meters acquired on the second-hand market and a Faraday cage testing area, so the meters can be allowed to transmit without fouling up anyone's real-world energy readings.
In the video series, which is currently three parts long, Hash details how the smart meters set up a mesh network, how to receive their signals, how to process them to retrieve useful information, and tears down a few examples purchased from an online auction house.