In another talk at the Chaos Computer Club (CCC) 2024 conference, Fabian Bräunlein, and Luca Melette talked about how vulnerable Europe's renewable energy production is to attacks via the longwave radio ripple control system. Essentially, attacks over radio could be used to remotely switch loads and power plants on and off in a way that could damage the grid.

The recorded talk can be viewed directly via the CCC website, or via the embedded YouTube player below.  

A significant portion of Europe's renewable energy production can be remotely controlled via longwave radio. While this system is intended to stabilize the grid, it can potentially also be abused to destabilize it by remotely toggling energy loads and power plants.

In this talk, we will dive into radio ripple control technology, analyze the protocols in use, and discuss whether its weaknesses could potentially be leveraged to cause a blackout, or – more positively – to create a city-wide Blinkenlights-inspired art installation.

With three broadcasting towers and over 1.3 million receivers, the radio ripple control system by EFR (Europäische Funk-Rundsteuerung) GmbH is responsible for controlling various types of loads (street lamps, heating systems, wall boxes, …) as well as multiple gigawatts of renewable power generation (solar, wind, biogas, …) in Germany, Austria, Czechia, Hungary and Slovakia.

The used radio protocols Versacom and Semagyr, which carry time and control signals, are partially proprietary but completely unencrypted and unauthenticated, leaving the door open for abuse.

This talk will cover:

• An introduction to radio ripple control
• Detailed analysis of transmitted radio messages, protocols, addressing schemes, and their inherent weaknesses
• Hardware hacking and reversing
• Implementation of sending devices and attack PoCs
• (Live) demonstrations of attacks
• Evaluation of the abuse potential
• The way forward