If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!
Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.
With three broadcasting towers and over 1.3 million receivers, the radio ripple control system by *EFR (Europäische Funk-Rundsteuerung) GmbH* is responsible for controlling various types of loads (street lamps, heating systems, wall boxes, …) as well as multiple gigawatts of renewable power generation (solar, wind, biogas, …) in Germany, Austria, Czechia, Hungary and Slovakia.
The used radio protocols Versacom and Semagyr, which carry time and control signals, are partially proprietary but completely unencrypted and unauthenticated, leaving the door open for abuse.
This talk will cover:
- An introduction to radio ripple control
- Detailed analysis of transmitted radio messages, protocols, addressing schemes, and their inherent weaknesses
- Hardware hacking and reversing
- Implementation of sending devices and attack PoCs
- (Live) demonstrations of attacks
- Evaluation of the abuse potential
- The way forward