Cybersecurity and Major Cyber Threats of Smart Meters: A Systematic Mapping Review

Abstract

Smart meters are a vital part of the smart grid, enabling energy management, real-time control, and data collection. Despite advances in technology, there is still a lack of content and limited understanding of the specific cybersecurity threats facing these devices, as well as the effectiveness of existing mitigation strategies. This study analyzed 41 articles sourced from three academic databases (Scopus, Web of Science, and IEEE Xplore). A cutting-edge study was conducted, including a comprehensive review of relevant literature on smart meters, cybersecurity vulnerabilities, and mitigation strategies. Elements were selected based on pre-assessment and classification processes, and the data were extracted and combined to provide detailed insights into the new devices. The study identified several significant cybersecurity risks for smart meters, including data breaches, unauthorized access, data manipulation, denial-of-service (DoS) attacks, and malware introduction. The study also highlighted the vulnerabilities exploited by these threats, such as undocumented communications, weak authentication, and outdated software. Recommended mitigation strategies include strengthening access and authentication mechanisms, securing communication systems, regular software updates, code management, anomaly detection, and access control. The findings indicate that although there are good strategies and methods to mitigate these cyber threats, significant research gaps remain. These gaps include design requirements, software and firmware updates, physical security, the use of big data to detect vulnerabilities, user data privacy, and inconsistencies in machine learning algorithms. Future research should focus on these aspects to improve the stability and reliability of smart meters.

1. Introduction

Advances in technology and the digitalization of energy systems have made smart grids an innovative strategy to maximize the amount of electricity consumed and distributed. While technological advancements and the digitalization of energy systems are promising, there are also technical challenges. One of these challenges is cybersecurity, especially when it comes to protecting the data generated by smart meters. Smart meters collect detailed information about energy use. This information is useful for improving distribution and efficiency, but it can also be an attractive target for cybercriminals. Therefore, protecting this information is very important. That is why protecting this sensitive information is of utmost importance. The expectation is that the use of smart meters by the end of 2023 will become increasingly more of a priority. There are around 29.5 million smart meters in operation in the UK [1]. In the United States, the number is even higher, with around 128 million smart meters by the end of 2023. However, this technological advancement is not without competition [2].

Cybersecurity has become a major issue, especially when it comes to protecting data collected by smart meters. The relationship between various devices and systems also poses significant problems. The lack of common standards can hinder effective communication between different devices and systems. Connecting these devices to networked communications exposes systems to multiple threats and highlights the importance of a secure cybersecurity strategy to ensure data integrity and known and owned privacy [3]. The introduction of smart meters represents a major advancement in energy consumption management and monitoring, providing a detailed overview of electricity consumption in real time. However, collecting and transmitting sensitive data through these devices creates vulnerabilities that can be exploited by hackers. Therefore, adequately protecting this information becomes an urgent task to ensure the reliability and security of the smart grid [4].

The Systematic Mapping Review of cyber threats to smart meters in smart grids is proposed in this paper. The major objectives are to identify the most significant cyber threats to smart meter data, examine advanced metering infrastructure vulnerabilities that could be used in cyberattacks, evaluate the efficacy of cybersecurity protocols and measures, identify areas in need of more research, and identify gaps in the body of existing literature.

This work was structured into eight sections. Section 2, Related Work, reviewed previous research on the topic. Section 3 described the Research Methodology, including the criteria used to select and compare different articles. Section 4 presented and discussed the Main Findings. Section 5 addressed the Research Questions. Section 6 identified Gaps and suggested Future Research Directions. Finally, Section 7, Emerging Cyber Threats, explored new risks posed by AI-based attacks and quantum computing, assessing their potential impact on smart grid security. Finally, Section 8, Conclusion, summarized the principal findings and outlined strategic recommendations for strengthening cybersecurity in smart meter infrastructures.

2. Related Works

Different studies on Systematic Mapping Reviews (SMRs) and Systematic Literature Reviews (SLRs) have been conducted in the field of cybersecurity for smart meters. In this section, we review relevant research addressing similar topics.

As mentioned in [5], it addresses cybersecurity vulnerabilities in smart grids, highlighting risks such as user awareness deficiencies and unauthorized access. It proposes mitigation techniques, including consumer education, system protection, and multi-factor authentication. The conclusion emphasizes the need for a collaborative approach to tackle security challenges during the transition to smart grids.

In [6], a literature review is conducted on key technologies for vulnerability mitigation, such as cyber threat intelligence (CTI) sharing platforms, artificial intelligence, natural language processing (NLP), detection, and visualization models. It also discusses the use of risk assessment and management architectures, where semantic languages are used for threat information exchange, helping with dynamic risk assessment and improving vulnerability management.

In [7], the authors present an innovative solution that combines advanced cryptography and blockchain technology to strengthen the security and reliability of smart grids, addressing existing vulnerabilities and preparing the infrastructure for a more decentralized and secure future. The solution utilizes a hybrid authentication and handshake algorithm (BSHAHA), which employs both symmetric and asymmetric cryptography. BSHAHA demonstrates itself to be a robust solution for authentication and data security in smart grids. The paper referenced [8] emphasizes that there is no universally optimal solution for all security challenges in smart grids. Instead, it advocates for a holistic approach that integrates various technologies and methodologies. Among the prominent solutions discussed are blockchain, artificial intelligence (AI), and advanced encryption systems, which collectively enhance the security and resilience of smart grids.

The study presented in [9] explores the detection of irregularities in smart meter data. These anomalies may arise from various sources, including information security breaches, data entry errors, and inconsistencies that affect the accuracy of readings. The authors propose leveraging machine learning techniques to analyze numerical data and identify unusual patterns. Additionally, they recommend examining historical data to detect significant deviations, aiming to minimize these issues and enhance the reliability of smart meters. Meanwhile, the research in [10] discusses the relationship between anomie and smart grids, highlighting the challenges posed by the interoperability of physical and network systems. This integration exposes the infrastructure to cyber threats, such as false data injection (FDI) attacks, which can compromise the integrity of information processed by state estimation (SE) systems. To mitigate these vulnerabilities, the study suggests employing advanced intrusion detection and localization techniques, including Convolutional Neural Networks (CNNs) and bad data detectors (BDDs).

In [11], the authors propose a CTI model designed to strengthen the security of an organization’s core processes and strategies through technologies such as artificial intelligence, blockchain, and multi-factor authentication. The primary objective is to enhance organizational resilience against cyber threats and promote continuous information sharing to improve security. In [12], the authors look at smart grid vulnerabilities and recommend using technological solutions to reduce risks. The use of tree-based algorithms, which greatly improve attack detection and allow for more efficient responses, is emphasized in the study. It also suggests implementing strong authentication and encryption procedures to guard against illegal access and data alteration and maintain the confidentiality and integrity of information.

To detect cyberattacks targeting energy theft in renewable energy systems, in [13], the authors utilized deep learning techniques, integrating data from smart meters, weather predictions, and SCADA systems. This methodology encourages smart meter adoption, leading to enhanced accuracy in energy consumption reporting. Their mitigation strategy, employing deep neural networks like recurrent and convolutional networks, achieved a high detection rate of 99.3% with a low false negative rate of 0.22%. In [14], the authors presented a review of security and privacy risks, exploring both traditional and machine learning-driven (supervised and unsupervised) countermeasures to identify anomalous patterns indicative of threats.

In [15], the authors proposed a multilayer security framework designed to protect against attacks, ensure data integrity, and prevent energy fraud. Their system leverages LoRaWAN, a technology well suited for IoT applications that prioritize energy efficiency and wide-area coverage due to its long range and low power consumption.

Security is significantly enhanced with the use of AES encryption, an advanced standard that protects information against unauthorized access. In addition, we have implemented unidirectional data transmission, a strategy that makes data interception and manipulation difficult, as the flow of information occurs in only one direction, making it more complex for an attacker to insert themselves into the communication. The system is also designed to mitigate distributed denial-of-service (DDoS) attacks, which aim to destabilize the network by overloading devices with excessive traffic.

3. Research Methodology

This research adhered to the guidelines outlined in [16] for conducting a systematic mapping study (SMS). The decision to use this method was motivated by a number of factors. It offers a structured and methodical approach to identifying, evaluating, and interpreting all pertinent studies pertaining to a specific research question, focus area, or phenomenon of interest. An SMS is a clearly defined and methodical method for reviewing and analyzing empirical evidence related to a particular method or technique, pinpointing existing research gaps and areas, and supplying the foundational knowledge necessary to guide future research endeavors for scholars or practitioners. In contrast to traditional literature reviews, systematic mapping studies demand more time and effort; however, they yield a more profound comprehension of the subject matter and a more robust groundwork for formulating research inquiries [17]. A standard systematic mapping research protocol typically involves the following five distinct stages:

1.

Formulation of research questions;

2.

Definition of the search process and search string;

3.

Definition of the study selection process, including inclusion and exclusion criteria;

4.

Extracting data and mapping data to specific research questions;

5.

Data analysis and results extraction.

3.1. Definition of Research Questions

The first step in conducting an SMS is defining the research questions. This process is crucial for ensuring the appropriate selection of relevant articles. The aim of this study is to explore the cyber threats, vulnerabilities, and cybersecurity measures related to smart meter data within smart grids. With these objectives in mind, the following research questions were formulated to guide the study:

• QP1: What are the main cyber threats to smart meter data in smart grids?
• QP2: What vulnerabilities in smart meter infrastructure can be exploited by cyberattacks?
• QP3: What are the common strategies and technologies used to mitigate cybersecurity risks in smart grids?
• QP4: What are the current research gaps in cybersecurity for smart meter data?

The first research question is to begin collecting information from the newspaper about the types of cybersecurity threats in order to determine which one is the most threatening in response to QP1. Subsequently, the second research question focuses on vulnerabilities within smart meter infrastructure that can be exploited by cyberattacks, aiming to identify the most susceptible areas to threats. The third research question evaluates the effectiveness of current cybersecurity measures and protocols in protecting smart meter data. This analysis aims to highlight practices that are working well and identify areas for improvement. The fourth research question aims to identify gaps in current research and suggest areas for future research, thereby providing further directions for research in this rapidly developing field. Finally, the fifth research question offers recommendations to enhance cybersecurity for smart meter data in smart grid networks, ensuring robust protection against emerging threats.

3.2. Search Protocol and Selection

To conduct an effective systematic review, it is essential to establish a robust search protocol and clear article selection criteria. This protocol needs to be carefully outlined to ensure the inclusion of pertinent and high-quality studies. In this study, the PICOC strategy (Population, Intervention, Comparison, Outcome, Context) will be adopted to guide the search and selection process, as detailed below:

• Population: Smart meters used in smart grids;
• Intervention: Cybersecurity measures and strategies implemented to protect data;
• Comparison: Comparison of different cybersecurity strategies and their effectiveness;
• Outcome: Identification of threats, vulnerabilities, effectiveness of security measures, and research gaps;
• Context: Cybersecurity in the context of smart grids.

The research was performed in Scopus, Web of Science, and IEEE Xplore, chosen for their comprehensiveness and relevance in the fields of technology and cybersecurity. The search string is specific to ensure comprehensive and targeted article collection, as shown in

Table 1. Repositories and search string.

Repositories	Search String
Scopus	TITLE-ABS-KEY ((“smart meters” AND cybersecurity) OR (“smart meters” AND “cyber threats”) OR (“smart grids” AND cybersecurity) OR (“smart meters” AND vulnerabilities )) AND PUBYEAR > 2013
Web of Science	(“smart meters” AND cybersecurity) OR (“smart meters” AND “cyber threats”) OR (“smart grids” AND cybersecurity) OR (“smart meters” AND vulnerabilities)
IEEE Xplore	(“smart meters” AND cybersecurity) OR (“smart meters” AND “cyber threats”) OR (“smart grids” AND cybersecurity) OR (“smart meters” AND vulnerabilities)

.

These search strategies were chosen to ensure the inclusion of relevant studies published over a 10-year period from 2013 to 2024. The article selection process will be conducted in several stages. Initially, a preliminary search will be conducted to identify all potentially relevant articles. Next, the titles and abstracts of these articles will be reviewed for initial screening, eliminating those that are clearly unrelated to the research questions. The remaining articles will be fully assessed for relevance and methodological quality. Inclusion and exclusion criteria will be applied rigorously as shown in

Table 2. Set of inclusion criteria.

Criteria	Description
CI-01	Articles focused on the cybersecurity aspects of smart meter data
CI-02	Articles addressing cybersecurity in smart grids
CI-03	Studies published in peer-reviewed journals or conferences
CI-04	Research discussing threats, vulnerabilities, and mitigation strategies
CI-05	Publications from the last 10 years to ensure relevance

and

Table 3. Set of exclusion criteria.

Criteria	Description
CE-01	Duplicate articles
CE-02	Articles not specifically focused on smart meters
CE-03	Articles not related to cybersecurity of smart meter data
CE-04	Articles not focusing on smart grid cybersecurity
CE-05	Publications older than 10 years

. Inclusion criteria encompass articles published in peer-reviewed journals or recognized conferences. Opinion articles, non-peer-reviewed studies, and non-academic publications will be excluded.

Figure 1 presents the PRISMA 2020 flowchart, adapted from [18]. This systematization is important so that the scientific document acquisition and selection procedure can benefit from reproducibility and, thus, promote methodological robustness for the process. The initial search resulted in a total of 2910 articles, distributed in the IEEE (1161 articles), Scopus (1352 articles), and Web of Science (397 articles) repositories. This resulted in a total of 1400 duplicates and false positives that were removed before the screening process, as shown in

Table 4. Summary of the article selection process.

Accepted	Rejected	Duplicate	Selected
291	1219	1400	41

.

Next, specific inclusion and exclusion criteria were applied, as illustrated in Figure 1, reducing the set to 41 selected articles, described in Table 5. This search reflects the necessary comprehensiveness to capture a full spectrum of research related to the topic. However, the application of rigorous inclusion and exclusion criteria was essential to ensure the relevance and quality of the studies considered in the final analysis. The process of reducing the number of articles followed a structured protocol, which included screening titles and abstracts, followed by a full reading of the remaining articles.

To facilitate this systematic review, we employed the Parsifal v2.2 software [19], which enabled a more efficient and reproducible selection process.

Table 5. Articles selected through systematic mapping of literature.

Title	Ref	Year
A Review of Anomaly Detection Techniques in Advanced Metering Infrastructure	[20]	2020
A Review of Smart Grid Anomaly Detection Approaches Pertaining to Artificial Intelligence	[21]	2024
A Comprehensive Review on Cyber-Attacks in Power Systems: Impact Analysis, Detection, and Cyber Security	[22]	2024
A Deep Learning Framework to Identify Remedial Action Schemes against False Data Injection Cyberattacks Targeting Smart Power Systems	[23]	2024
A Novel Approach for Detection of Cyber Attacks in Microgrid SCADA System	[24]	2023
A Novel False Data Method Targeting on Time-Series in Smart Grid	[25]	2023
A Review of Cyber-Resilient Smart Grid	[26]	2022
A Review of Features, Vulnerabilities, Cyber-Attacks and Protective Actions in Smart Grid Systems	[27]	2023
A Review of Various Modern Strategies for Mitigation of Cyber Attacks in Smart Grids	[28]	2019
A Review on Cyber Security Issues and Mitigation Methods in Smart Grid Systems	[29]	2017
A Survey on Smart Grid Metering Infrastructures: Threats and Solutions	[30]	2015
Analyzing Attack Resilience of an Advanced Meter Infrastructure Reference Model	[31]	2016
Anomaly Detection in Smart Meters: Analytical Study	[9]	2022
Attacks, Vulnerabilities and Security Requirements in Smart Metering Networks	[32]	2015
Cyber Security Vulnerabilities of Smart Metering Based on LPWAN Wireless Communication Technologies	[33]	2020
Real-Time Detection of Cyber-Attacks in Modern Power Grids with Uncertainty Using Deep Learning	[34]	2022
Review of Smart Meter Data Analytics: Applications, Methodologies, and Challenges	[35]	2018
Security Aspects in Smart Meters: Analysis and Prevention	[36]	2020
Smart Meter Vulnerability Assessment under Cyberattack Events—An Attempt to Safeguard	[37]	2023
Smart Meter Security: Vulnerabilities, Threat Impacts, and Countermeasures	[38]	2019
Using Smart Meter Data to Predict and Identify Consumer Vulnerability	[39]	2023
Cyber-Physical Vulnerability Assessment in Smart Grids Based on Multilayer Complex Networks	[40]	2021
Invasion Analysis of Smart Meter in AMI System	[41]	2021
Smart Meter Data Privacy: A Survey	[3]	2017
Real-Time Detection of False Data Injection Attacks in Smart Grid: A Deep Learning-Based Intelligent Mechanism	[42]	2017
Simulation of SCADA System for Advanced Metering Infrastructure in Smart Grid	[43]	2020
Intrusion Detection Tool for Residential Consumers Equipped with Smart Meters	[44]	2023
Smart Meters: Cyber Security Issues and Their Solutions	[45]	2023
Review of Cybersecurity Analysis in Smart Distribution Systems and Future Directions for Using Unsupervised Learning Methods for Cyber Detection	[46]	2023
Intrusion Detection System for Smart Meters	[47]	2020
Semi Supervised Cyber Attack Detection System for Smart Grid	[48]	2022
Security and Privacy Challenges, Solutions, and Open Issues in Smart Metering: A Review	[49]	2021
Securing the Smart Grid: A Comprehensive Analysis of Recent Cyber Attacks	[50]	2024
Smart Meter Data Analytics for Load Prediction Using Extreme Learning Machines and Artificial Neural Networks	[51]	2019
Cyber Security Enhancement of Smart Grids via Machine Learning—A Review	[52]	2020
Cybersecurity Threats, Detection Methods, and Prevention Strategies in Smart Grid: Review	[5]	2023
Smart Meter Modbus RS-485 Intrusion Detection by Federated Learning Approach	[53]	2023
Non-Intrusive Load Monitoring Based Demand Prediction for Smart Meter Attack Detection	[54]	2021
Securing Smart Grid: Cyber Attacks, Countermeasures, and Challenges	[55]	2012
Smart Grid Security and Privacy: From Conventional to Machine Learning Issues (Threats and Countermeasures)	[14]	2022

Table 5. Articles selected through systematic mapping of literature.

Title	Ref	Year
A Review of Anomaly Detection Techniques in Advanced Metering Infrastructure	[20]	2020
A Review of Smart Grid Anomaly Detection Approaches Pertaining to Artificial Intelligence	[21]	2024
A Comprehensive Review on Cyber-Attacks in Power Systems: Impact Analysis, Detection, and Cyber Security	[22]	2024
A Deep Learning Framework to Identify Remedial Action Schemes against False Data Injection Cyberattacks Targeting Smart Power Systems	[23]	2024
A Novel Approach for Detection of Cyber Attacks in Microgrid SCADA System	[24]	2023
A Novel False Data Method Targeting on Time-Series in Smart Grid	[25]	2023
A Review of Cyber-Resilient Smart Grid	[26]	2022
A Review of Features, Vulnerabilities, Cyber-Attacks and Protective Actions in Smart Grid Systems	[27]	2023
A Review of Various Modern Strategies for Mitigation of Cyber Attacks in Smart Grids	[28]	2019
A Review on Cyber Security Issues and Mitigation Methods in Smart Grid Systems	[29]	2017
A Survey on Smart Grid Metering Infrastructures: Threats and Solutions	[30]	2015
Analyzing Attack Resilience of an Advanced Meter Infrastructure Reference Model	[31]	2016
Anomaly Detection in Smart Meters: Analytical Study	[9]	2022
Attacks, Vulnerabilities and Security Requirements in Smart Metering Networks	[32]	2015
Cyber Security Vulnerabilities of Smart Metering Based on LPWAN Wireless Communication Technologies	[33]	2020
Real-Time Detection of Cyber-Attacks in Modern Power Grids with Uncertainty Using Deep Learning	[34]	2022
Review of Smart Meter Data Analytics: Applications, Methodologies, and Challenges	[35]	2018
Security Aspects in Smart Meters: Analysis and Prevention	[36]	2020
Smart Meter Vulnerability Assessment under Cyberattack Events—An Attempt to Safeguard	[37]	2023
Smart Meter Security: Vulnerabilities, Threat Impacts, and Countermeasures	[38]	2019
Using Smart Meter Data to Predict and Identify Consumer Vulnerability	[39]	2023
Cyber-Physical Vulnerability Assessment in Smart Grids Based on Multilayer Complex Networks	[40]	2021
Invasion Analysis of Smart Meter in AMI System	[41]	2021
Smart Meter Data Privacy: A Survey	[3]	2017
Real-Time Detection of False Data Injection Attacks in Smart Grid: A Deep Learning-Based Intelligent Mechanism	[42]	2017
Simulation of SCADA System for Advanced Metering Infrastructure in Smart Grid	[43]	2020
Intrusion Detection Tool for Residential Consumers Equipped with Smart Meters	[44]	2023
Smart Meters: Cyber Security Issues and Their Solutions	[45]	2023
Review of Cybersecurity Analysis in Smart Distribution Systems and Future Directions for Using Unsupervised Learning Methods for Cyber Detection	[46]	2023
Intrusion Detection System for Smart Meters	[47]	2020
Semi Supervised Cyber Attack Detection System for Smart Grid	[48]	2022
Security and Privacy Challenges, Solutions, and Open Issues in Smart Metering: A Review	[49]	2021
Securing the Smart Grid: A Comprehensive Analysis of Recent Cyber Attacks	[50]	2024
Smart Meter Data Analytics for Load Prediction Using Extreme Learning Machines and Artificial Neural Networks	[51]	2019
Cyber Security Enhancement of Smart Grids via Machine Learning—A Review	[52]	2020
Cybersecurity Threats, Detection Methods, and Prevention Strategies in Smart Grid: Review	[5]	2023
Smart Meter Modbus RS-485 Intrusion Detection by Federated Learning Approach	[53]	2023
Non-Intrusive Load Monitoring Based Demand Prediction for Smart Meter Attack Detection	[54]	2021
Securing Smart Grid: Cyber Attacks, Countermeasures, and Challenges	[55]	2012
Smart Grid Security and Privacy: From Conventional to Machine Learning Issues (Threats and Countermeasures)	[14]	2022

During this initial screening, many articles were excluded (rejected) for not directly addressing the research questions or for presenting redundant studies or studies of lower methodological quality. Additionally, it was crucial to conduct a qualitative assessment of the selected articles to ensure that only relevant studies were retained and contributed to the objectives of the SMS. Our objective scoring system ensured a fair and transparent selection process, resulting in 41 articles representing the most relevant and methodologically sound research. This rigorous approach reduced the number of studies and strengthened the foundation of the conclusions.

To ensure the quality and reliability of the selected articles, we conducted a rigorous quality assessment process. This assessment focused on the relevance of the work to the research field. We asked ourselves the following questions:

• Does this article significantly contribute to advancing knowledge in the area of study?
• Publication in a relevant journal or conference: Was the article published in a prestigious journal or conference recognized in the field of study?

These questions helped ensure that only the most relevant and reliable articles were considered in the final analysis.

3.3. Bias Risk Assessment

To assess the reliability of the included studies, a risk of bias evaluation was conducted using Parsifal v2.2, following the PRISMA 2020 guidelines. This process enabled a structured and transparent selection of the analyzed scientific articles. The risk of bias assessment considered four main categories:

• Selection bias: Assesses whether the inclusion and exclusion criteria were applied in a clear and objective manner;
• Information bias: Refers to the methodological quality of the studies and the reliability of the extracted data;
• Publication bias: Identifies potential gaps due to the non-publication of studies with negative or inconclusive results;
• Reporting bias: Examines whether the studies reported all data in a complete and transparent manner.

The studies were classified into three categories:

• Low risk of bias: Robust and well-described methodology, with reliable data;
• Moderate risk of bias: Some methodological limitations, but with still usable data;
• High risk of bias: Significant methodological flaws, potentially compromising the results.

Although rigorous criteria were applied to minimize bias in the selection and analysis of the studies, some limitations inherent in the systematic review process were considered, as follows:

• Publication bias: It is possible that studies with negative or neutral results were not included, as these studies are less frequently published. To mitigate this bias, widely recognized databases (Scopus, Web of Science, and IEEE Xplore) were used to capture the broadest spectrum of possible publications.
• Selection bias: The exclusion of studies that did not meet the established methodological criteria may have limited the diversity of the analyzed approaches. However, this filtering was necessary to ensure the quality and reliability of the extracted data.
• Information bias: Some studies included in the review did not present sufficient methodological details, which may have impacted the accuracy of data extraction. To minimize this problem, the data were analyzed by more than one reviewer, ensuring a consensus in the interpretation of the findings.
• Methodological bias: The inclusion of studies published in the last 10 years may have excluded older references, but this decision was based on the need to capture the most current trends in cybersecurity for smart meters.

Despite these limitations, the methodological approach used, including the use of Parsifal v2.2 and adherence to PRISMA 2020, ensures the transparency and reproducibility of the review process. Future studies may expand this analysis by including gray literature, pre-prints, and quantitative meta-analyses to strengthen the evidence on cybersecurity risks in smart meters.

3.4. Data Extraction

After selecting 41 papers included in this study, data extraction was conducted to answer the original research questions. The main information extracted is as follows:

• Study title;
• Authors;
• Publication year;
• Objectives;
• Methodology;
• Key findings;
• Cybersecurity threats identified;
• Security measures discussed;
• Effectiveness of measures;
• Identified gaps;
• Recommendations.

Each category of information was carefully documented to allow for a detailed analysis and comprehensive synthesis of the data. This meticulous process ensures that all research questions are addressed thoroughly and accurately, providing a solid foundation for the conclusions and recommendations of this study. The selected articles are placed in Table 5, where we can see their names and publication years.

4. Results

4.1. Cyber Threats and Vulnerabilities in Smart Meters in Smart Grids

In this section, the main findings obtained after reviewing the selected articles in Section 2 will be discussed. An initial analysis identified the primary cyber threats and vulnerabilities, comparing their frequency across the selected articles for this systematic mapping. Various cybersecurity threats and security vulnerabilities were discussed, as illustrated in

Table 6. Cyber threats.

Threats	References
Data tampering/manipulation	[20,23,26,33,40,42]
Unauthorized access	[9,20,30,33,40]
Privacy breaches	[20,24,31,33]
Denial-of-service (DoS)/distributed DoS (DDoS)	[9,29,39,45]
Malware	[21,34,39]
Phishing	[39]
Insider threats	[34,41]
Advanced persistent threats (APTs)	[22,41]
Cyber espionage	[3,28]
Ransomware	[3,28]
Intrusion attacks	[33,36,42]
False data injection	[9,23,42]
Eavesdropping	[21,43]
Replay attacks	[21,43]
Energy theft	[24,44]
Data spoofing	[44]
Machine learning model attacks	[34,46]
Data poisoning	[34,46]
Cyber-physical attacks	[22,29]
SCADA attacks	[24,28,32]

and

Table 7. Vulnerabilities in advanced metering infrastructure.

Vulnerabilities	References
Weak encryption	[20,21,33,43]
Poor authentication mechanisms	[20,24,33]
Insecure communication protocols	[21,39,42]
Outdated software	[21,39]
Insufficient data protection	[20,29,40]
Lack of access control	[20,34,40,44]
Insider access	[22,41]
Lack of anomaly detection	[23,36,41,44]
Unpatched systems	[3,22]
Weak network security	[3,21]
Insecure Modbus protocol	[42]
Lack of intrusion detection systems (IDSs)	[36,42]
Insufficient monitoring	[42]
Insecure network architecture	[22,45]
Lack of redundancy	[45]
Model bias	[46]
Insufficient model robustness	[46]

. Threats are actions aimed at taking advantage of security flaws in a system, causing negative impacts. As shown in [30], the authors analyze the main threats to advanced measurement infrastructures in smart grids and the solutions proposed to mitigate them. Threats include physical attacks, network attacks (such as DoS and eavesdropping), data integrity attacks, and privacy attacks. Physical attacks involve direct manipulation of smart grid hardware components. This could include damage to smart meters, data concentrators, or communications links. The impact of physical attacks can be significant, as they can disrupt the flow of information and lead to incorrect billing or even service interruptions.

A vulnerability is a flaw in a system or its design that allows malicious actors to execute unauthorized commands, access confidential information, or perform denial-of-service attacks. Such breaches enable attackers to exploit electronic data, potentially tracking customer behavior and compromising their privacy.

Figure 2 illustrates the primary cyber threats identified in the systematic mapping study. Among the most prevalent threats, “data tampering/manipulation” was highlighted in 91.67% of the studies, underscoring high concern and frequent discussion of this threat in research. This reflects the relevance of this threat in cybersecurity contexts for smart meters. The threat of “unauthorized access” appeared in 75.00% of the studies, indicating it as one of the main vulnerabilities exploited in cyberattacks, which underscores the need for robust authentication and authorization systems. Additionally, “privacy breaches” were mentioned in 58.33% of the studies, highlighting significant concerns regarding the protection of personal data and sensitive information.

The Percentage of Appearance $\left({PA}_t\right)$ of a specific threat can be calculated by the following formula:

$${\mathrm{PA}}_t=\left({\displaystyle \frac{n_t}{N_t}}\right)\times 100$$

(1)

where

• $n_t$ is the number of times the threat is mentioned, and
• $N_t$ is the total number of mentions of all threats in the articles.

Figure 3 shows the main security vulnerabilities of advanced metering infrastructures (PQ2) identified in the systematic mapping study. The legend describes the most frequent vulnerabilities, with “Weak Encryption” standing out at 58.33%. This vulnerability is highlighted as the most common, indicating that many smart metering systems may be vulnerable to attacks due to the use of weak encryption algorithms or inadequate implementation of encryption to protect sensitive data. “Weak Authentication Mechanisms” are present in 50.00% of the articles, suggesting that many smart meters may not have robust methods to properly verify and authenticate the identity of users and devices accessing the system. “Insecure Communication Protocols”, present in 41.67% of the articles, point to the use of communication protocols that are not adequately secure, leaving the transmitted data vulnerable to interception and manipulation by attackers.

The Percentage of Appearance $\left({PA}_v\right)$ of a specific vulnerability can be calculated by the following formula:

$${\mathrm{PA}}_v=\left({\displaystyle \frac{n_v}{N_v}}\right)\times 100$$

(2)

where

• $n_v$ is the number of times the vulnerability is mentioned, and
• $N_v$ is the total number of mentions of all vulnerabilities in the articles.

4.2. Attack Mitigation Techniques

Attack mitigation techniques in smart grids, as presented in

Table 8. Mitigation techniques used in different articles.

Mitigation Techniques	Articles
Encryption	[20,26,27,31,33,39,43]
Authentication mechanisms	[20,24,27,29,30,32,35,46]
Secure communication protocols	[21,26,32,35,39,42]
Software updates	[3,21,34,39,46]
Data protection	[20,24,28,29,33,36]
Access control	[20,28,30,33,34,44]
Anomaly detection	[23,26,36,41,44,45,50]
Patching systems	[3,9,22]
Network security	[3,21,31,35,46]
Intrusion detection systems (IDSs)	[23,30,36,42,45]
Monitoring systems	[33,39,43,50]
Network architecture	[22,29,35,45]
Redundancy	[9,26,45]
Model robustness	[33,36,46]
Bias mitigation in models	[33,36,46]

, are crucial for protecting advanced metering infrastructure from threats and vulnerabilities. Several articles propose solutions to mitigate risks such as false data injection attacks (FDIAs), denial-of-service (DoS) attacks, data manipulation in smart meters, and SCADA system invasions. For FDIAs, deep learning models are used to detect anomalies in real time, while network segmentation and redundant systems limit the impact of DoS attacks. Data manipulation in smart meters is mitigated using machine learning techniques and intrusion detection tools. In the case of SCADA systems, multilayer networks and semi-supervised detection prevent invasions. Additionally, smart meter data privacy is protected through anonymization and encryption techniques. These strategies, listed in Table 8, address critical vulnerabilities in smart grids, enhancing security and aligning with the cybersecurity risk mitigation strategies outlined in QP3.

These mitigation techniques range from traditional methods such as encryption and authentication mechanisms to more advanced approaches such as using machine learning and neural networks for anomaly and intrusion detection. In [36], the authors propose preventive measures for security aspects in smart meters, including the use of encryption to protect sensitive data and ensure the integrity of communications in the smart metering infrastructure. In [32], the authors emphasize the importance of securely managing cryptographic keys, continually educating employees on cybersecurity practices, and creating an organizational culture focused on security awareness. These measures are designed to maintain integrity, take measures in smart plans, ensure reliability in operations, and ensure the management of important information.

Table 9. Effective deep learning and machine learning techniques for detecting anomalies and intrusions in smart networks.

Techniques	Description	Articles
Deep Learning (DL)	Algorithms that learn hierarchical data representations, capable of identifying complex patterns and anomalies.	[20,23,31,38]
Machine Learning (ML)	An algorithm that can learn from data and make predictions or decisions independently.	[28,30,38,53]
Convolutional Neural Networks (CNNs)	CNNs and neural networks that excel at processing image and time-series data, identifying patterns across space and time.	[36,42,47,48]
Autoencoders	Autoencoders and neural networks used in unsupervised learning are adept at compressing data and detecting anomalies.	[20,26,33]
Support Vector Machines (SVMs)	Classification algorithms that identify the best hyperplane to separate different classes in a dataset.	[3,29,33,45]
Random Forest	An ensemble of decision trees that work together for classification and regression, being resistant to overfitting and efficient with large datasets.	[24,27,32,41]
Recurrent Neural Networks (RNNs)	Neural networks designed to process sequential data, used to detect patterns in time series.	[9,22,35,39]

summarizes some of the deep learning and machine learning techniques that have proven effective in detecting anomalies and intrusions in smart grids. This table is a useful tool for comparing different DL and ML methods and understanding the most commonly used methods in the smart grid field. Each method has its own strengths and limitations, and the choice of method can vary depending on the type of data and the specific problem being solved.

The paper in [20] covers a range of flaw detection techniques, such as statistical methods, machine learning algorithms, and data analysis strategies. These techniques are utilized to detect anomalies within the data gathered by advanced metering infrastructure (AMI) systems, thereby safeguarding data integrity and security. In [30], various techniques are being studied to mitigate threats to advanced accounting infrastructure. These include encryption and digital signatures to ensure the security and authenticity of measurement data. It also discusses advanced anomaly detection techniques to identify unusual patterns that may indicate attacks or failures. Network segmentation is also considered a containment measure to protect critical parts of the infrastructure while exposing them to potential attacks. This combined strategy aims to increase the resilience of smart networks to cyber and operational threats.

5. Discussion

The results and answers to the research questions in Section 3 are discussed below.

QP1: What are the main cyber threats to smart meter data in smart electrical grids?

The main cybersecurity threats to smart meter data in smart grids, as presented in Table 6, were identified based on a systematic review of several articles. These threats can significantly compromise the security and efficiency of these networks. Among the most highlighted threats in the selected articles, four stand out: data tampering/manipulation with 91.67, unauthorized access with 75% frequency in articles, privacy leaks with 58.33%, and denial-of-service (DoS)/distributed denial-of-Service (DDoS) with 50.00%. These threats were selected from several discussed in the articles reviewed, standing out for their potential impact and the frequency with which they were mentioned in the literature. The systematic analysis reinforces the importance of mitigating these threats to ensure the security and efficiency of smart grids.

QP2: What vulnerabilities in smart meter infrastructure can be exploited by cyberattacks?

Based on the frequency of occurrence identified in the reviewed articles, and as shown in Table 6 and Table 7 analyzing the frequency data, it is clear that vulnerabilities in smart meter infrastructure represent serious security risks in cybernetics. The high incidence of issues related to weak encryption, poor authentication, insecure communication protocols, and inadequate data protection reflects the widespread vulnerability of these systems. These issues are discussed in multiple studies due to their critical importance for the integrity and security of data in smart meters. Therefore, mitigating these vulnerabilities is essential to protect these systems against potential cyberattacks and ensure the reliability of smart grids.

QP3: What are the common strategies and technologies used to mitigate cybersecurity risks in smart grids?

To answer this question about the common strategies and technologies used to mitigate cybersecurity risks in smart electrical grids, consider the data provided by the selected articles summarized in Table 8 and Table 9. The common strategies include using advanced deep learning techniques (such as Convolutional Neural Networks and Autoencoders) and machine learning (such as Support Vector Machines and Random Forest) for anomaly detection and the prediction of anomalous behavior.

Encryption is crucial for protecting sensitive data, and vulnerability analysis, anomaly detection, and thorough security testing are essential methods for identifying and addressing weaknesses before they are exploited by cyberattacks. For example, one of the major vulnerabilities in smart grids is false data injection (FDIA), as discussed in [22]. This type of attack can severely compromise the integrity and operation of energy systems. To mitigate this threat, we can implement the deep learning methods described in [23,42]. In this study, we propose creating a model that learns common data patterns and detects anomalies that indicate attacks, which can identify and mitigate FDIA attacks in real time. Another important vulnerability is the vulnerability of the power grid to denial-of-service (DoS) attacks, as detailed in [26]. These attacks can disrupt the control and communication systems. To address this issue, the authors in [28] propose network segmentation and defense-in-depth techniques to limit the impact of such attacks, while the authors in [50] propose the use of redundant networks and the implementation of a fast recovery system to improve resilience against DoS attacks, minimizing downtime and damage. Furthermore, the manipulation of metering data from smart meters is a significant vulnerability, as discussed in [36]. To mitigate this vulnerability, the authors in [20] propose the implementation of machine learning and statistical anomaly detection methods that can identify anomalous patterns in measurement data. Complementing this approach, the authors in [44] propose developing a dedicated intrusion detection tool for smart meters that monitors data traffic and detects manipulation attempts in real time. Some mitigation solutions have been proposed in the literature regarding intrusions and manipulations of SCADA systems in microgrids, as discussed in [24]. For instance, the authors in [34] suggest the evaluation of cyber and physical vulnerabilities through complex multilayer networks, identifying critical points that require additional protection to prevent intrusions. Similarly, the authors in [48] propose the development of semi-supervised detection systems that combine supervised and unsupervised machine learning to identify intrusion attempts in SCADA systems of microgrids.

Finally, the exposure to privacy attacks in smart meters, as reviewed [3], is a growing concern. To mitigate this vulnerability, the authors in [35] suggest the implementation of data anonymization and aggregation techniques, which protect user privacy by preventing direct association between the collected data and specific individuals. Additionally, the authors in [49] propose the use of advanced encryption and access control techniques to ensure that only authorized users can access measurement data, thereby protecting consumer privacy.

QP4: What gaps exist in current research on the cybersecurity of smart meter data?

Analyzing the previous questions and the data provided in Figure 2 and Figure 3 and Table 8 (QP4) of the articles selected in the systematic mapping, we identified some gaps in current research on the cybersecurity of smart meter data, such as the following:

Efficiency and scalability: Many cybersecurity techniques are computationally intensive, which can limit their applicability to large smart meter networks. It is necessary to develop more efficient and scalable methods to deal with the growing volume of data generated by these systems. In [21], the authors explore the efficiency and scalability of these approaches, crucial for dealing with the complexity and volume of data generated by smart grids. Furthermore, the article discusses the application of these techniques in real scenarios, highlighting their practical advantages and limitations [21]. Real-time detection: The ability to detect real-time anomalies and intrusions in meter data is crucial to mitigating damage to the electrical grid.

As seen in [22], this research highlights the relevance of critical security issues affecting modern electronic systems. A coordinated and adaptable approach is essential to safeguarding critical infrastructures against constantly evolving cyber threats. The study explores the use of technologies such as behavioral analysis and network monitoring, as well as the application of artificial intelligence, including neural networks and machine learning algorithms designed for anomaly detection. The system aims to identify suspicious patterns that may indicate a threat and implement measures to mitigate potential damage. As cyberattack techniques continue to advance, the need for effective prevention strategies becomes increasingly crucial.

The main focus is to develop effective methods of identifying corrective action schemes that can neutralize these attacks, allowing power systems to automatically implement corrective measures or alert operators for immediate human intervention.

These gaps indicate critical areas where additional research can significantly contribute to strengthening the cybersecurity of smart meters and ensuring the reliability of smart grids in the future.

6. Research Gaps and Proposals for Future Work

The analysis of the main cyber threats to smart meters highlighted several areas for attention, but also revealed significant gaps that still need to be addressed by the academic and industrial communities.

One of the most notable gaps is the lack of consensus on unified security standards for smart meters. Although there are several proposals for security protocols and cyberattack mitigation mechanisms, such as advanced encryption and anomaly detection [23,24], these mechanisms have not yet been widely and uniformly implemented in the industry. The development of internationally recognized security standards specifically aimed at protecting smart meters would be an important contribution to increasing the security of smart grids. Future work could explore the creation of such standards, collaborating with regulatory bodies and critical infrastructure industries.

Another gap identified is the lack of studies focused on the resilience of systems in large-scale attack scenarios. While the paper discusses the dangers of DDoS and malicious command injection attacks [34], there were few studies investigating system recovery after successful attacks. Future work could focus on developing and testing recovery strategies that allow smart metering systems to quickly restructure after a security breach, minimizing the impact on consumers.

In addition, the paper presents a number of known attacks and vulnerabilities [36], but does not delve deeply into emerging vulnerabilities associated with new technologies integrated into smart grids, such as edge computing and 5G. These new technologies offer benefits of reduced latency and increased connectivity, but they also introduce new attack vectors that need to be understood and mitigated. Future studies can examine how these technologies affect smart meters and propose solutions to protect networks that include these innovations.

Finally, it is important to note the lack of end-user-centric studies, especially with regard to awareness and education about the cyber risks associated with smart meters. While the main focus of the research is on the infrastructure and technical aspects of threat mitigation, future work could explore the impact of security awareness programs aimed at end users, helping them better understand how to protect their devices and data in smart grids. In summary, the following future work is suggested:

1.

Developing unified security standards for smart meters in collaboration with regulatory agencies;

2.

Studies on system resilience and recovery after large-scale cyberattacks;

3.

Investigating emerging vulnerabilities associated with technologies such as edge computing and 5G within the context of smart grids;

4.

Creating security awareness programs to educate end users on how to protect their data in smart meter networks.

These areas represent significant gaps in the field of smart meter cybersecurity, and by addressing them, future work could significantly contribute to the security and reliability of these networks.

7. Emerging Cyber Threats: AI-Based Attacks and Quantum Computing Risks

While this Systematic Mapping Review has identified the main cyber threats and vulnerabilities affecting smart meters based on existing literature, it is crucial to recognize the emergence of new and potentially disruptive threats that have not yet been fully captured in the current research landscape. Two prominent examples are the increasing sophistication of AI-based attacks [21] and the long-term risks posed by quantum computing [56].

7.1. AI-Based Attacks

Artificial intelligence (AI) has been increasingly exploited by cybercriminals to enhance cyberattacks against critical infrastructures, such as smart meter networks. One of the most concerning threats is the development of intelligent malware that uses machine learning to dynamically adapt to digital environments, modifying its signatures to evade detection by conventional security systems. This scenario becomes even more challenging in the context of smart grids, where the increased use of smart meters generates a massive amount of energy consumption data, as shown in [57]. The study in question proposes a hybrid energy theft detection technique based on machine learning, combining the Support Vector Machine (SVM) algorithm with Particle Swarm Optimization (PSO). This approach aims to identify abrupt changes in user consumption patterns, enabling the detection of fraudulent behavior with greater accuracy. The proposed method uses a real dataset from a smart grid network, achieving a detection rate of 98.9%. Additionally, the model was evaluated using metrics such as precision, recall, F1-score, and AUC, proving to be an effective tool against fraud in smart grid environments. AI integration not only enhances security but also offers a proactive approach to mitigate non-technical losses, such as energy theft, by anticipating fraudulent behaviors and optimizing the operation of power distribution networks.

Furthermore, AI systems can be used to enhance attacks such as ransomware, making the encryption of hijacked data even more resistant to recovery attempts and harder to detect by traditional security systems. This scenario poses a significant threat to critical infrastructures, including energy management systems in smart homes. In response to this challenge, in [58], a study proposed a Home Energy Management System (HEMS) based on Artificial Neural Networks (ANNs) as an effective solution. The model uses machine learning techniques to intelligently monitor and control the use of household appliances, considering consumption priorities and user preferences. This approach not only optimizes energy efficiency—reducing consumption by over 60% without compromising comfort—but also strengthens system security by anticipating anomalous behavior and proactively managing devices.

Another significant risk in the security of smart meter networks is the automated discovery of vulnerabilities. AI algorithms can be used to scan these networks, identifying weak points that hackers could exploit. This technique significantly reduces the time needed to detect security flaws, accelerating the development of highly effective exploits, as demonstrated in [59]. To mitigate these threats, the study proposes Q-Secure-P²-SMA, a quantum authentication protocol for smart meters focused on security and privacy. The protocol relies on the following three main technologies:

• Semi-Quantum Key Distribution (SQKD): Reduces costs by allowing only one participant to have a complete quantum system;
• Homomorphic Encryption: Enables encrypted data to be processed without the need for decryption, ensuring greater privacy;
• Quantum-Resistant Digital Signatures: Protect against identity forgery using lattice-based cryptography.

The proposed solutions ensure secure authentication against attacks such as Man-in-the-Middle (MitM), Replay, and Spoofing, while also presenting low computational consumption, making them efficient for smart metering devices. Additionally, the protocol is scalable, allowing its implementation in large-scale smart grid networks.

Instead of relying on human hackers, who take time to analyze and test vulnerabilities, AI-driven attacks can operate autonomously, refining their techniques to avoid detection. This approach threatens the security of electrical grids, as an unpatched vulnerability could compromise multiple devices simultaneously [60].

AI also enhances social engineering attacks, making frauds such as phishing and spear-phishing even more convincing. Using deepfakes and advanced chatbots, criminals can create realistic interactions to deceive users and employees of utility companies. These attacks can trick victims into revealing sensitive credentials, installing malware, or conducting fraudulent transactions without realizing that they are being manipulated [61]. Unlike traditional attacks, which rely on human skill to deceive victims, automated approaches can scale these attacks to thousands of simultaneous targets, drastically increasing their impact.

Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks can also be enhanced by AI, making them even more dangerous. AI can monitor network traffic and identify the system’s most vulnerable points, launching attacks in a precise and coordinated manner. Moreover, intelligent algorithms can adapt to countermeasures applied by victims, dynamically changing attack patterns to avoid being blocked [62].

In a smart metering infrastructure, these attacks can cause service disruptions, affecting thousands of consumers. For this reason, implementing AI-based defense solutions against these threats is a priority for utility companies and cybersecurity managers.

7.2. Risks of Quantum Computing

Quantum computing represents an emerging threat to cybersecurity, particularly for systems that rely on classical cryptography to protect sensitive data. Although this technology is still in its early stages, advances in quantum computers could render traditional cryptographic methods vulnerable to sophisticated attacks. Shor’s algorithm, for instance, could break widely used cryptographic protocols such as RSA and ECC, allowing attackers to compromise the security of smart meter networks and gain unauthorized access to critical data [56].

Recent studies reinforce this threat. For example, the mutual authentication protocol proposed by Parameswarath et al. [63], based on Quantum Key Distribution (QKD) and Quantum Random Number Generators (QRNGs), presents a practical solution to strengthen communication security in smart meter networks, protecting against future quantum attacks.

The transition to quantum-resistant cryptography is complex and requires structural changes in the security of smart grids. This transition involves developing new cryptographic algorithms capable of withstanding quantum attacks and gradually implementing them in existing devices and systems. Since smart meters have a long life cycle, early adoption of these technologies is essential to ensure that energy networks remain protected in the future [56].

In this context, the Q-Secure-P²-SMA protocol proposed by Prateek et al. [59] is an innovation that uses a semi-quantum key distribution approach to safeguard the privacy and integrity of measurement data in smart grids, without requiring all devices to have quantum capabilities. This makes the protocol more practical for large-scale implementations and enhances privacy by ensuring the anonymization of energy consumption information.

Broader research has also explored the impact of quantum computing on digital infrastructure as a whole. Baseri et al. [63] conducted a detailed analysis of security risks across infrastructure layers, highlighting the need for proactive strategies to mitigate quantum threats in critical environments such as power grids and cloud services.

Beyond direct threats to cryptography, advances in quantum computing are also opening new possibilities for data prediction and analysis. An innovative study conducted by Balakrishnan et al. [64] explores the potential of Quantum Neural Networks (QNNs) for time-series forecasting, which could be particularly useful in smart power grids to predict energy consumption patterns and optimize resource allocation.

Another important approach is presented by Furutanpey et al. [65], who proposed an innovative architecture to integrate quantum computing within the Edge-Cloud Continuum. This integration would enable the distributed use of quantum resources in hybrid applications, offering more efficient and secure solutions for protecting sensitive data in smart grids.

In light of these threats and opportunities, collaboration between researchers, industries, and governments is essential to accelerate the development and adoption of security protocols compatible with the quantum computing era. The gradual migration to quantum-resistant algorithms should be planned in advance to ensure that smart grids are prepared for future challenges. Furthermore, conducting simulations and experimental testing with quantum cryptographic methods can help refine these technologies and create a secure and reliable environment for energy systems [63,64,65].

8. Conclusions

This systematic review of cybersecurity and the main cyber threats to smart meters revealed that although technological advances offer many benefits to smart grids, they also introduce a number of vulnerabilities that have yet to be fully addressed. The threats discussed, such as DDoS attacks, malicious command injection, and the exploitation of authentication and encryption flaws [34,36], demonstrate that smart meters remain an attractive target for cybercriminals, especially in critical infrastructures.

The implication of the findings is that although many solutions have been proposed in the literature, such as advanced search engines and advanced encryption techniques, their implementation still faces challenges. The lack of standardization and isolation of solutions across different vendors and geographies is a key issue to ensure consistent security of smart metering. Furthermore, these networks increasingly rely on new technologies such as 5G and edge computing, which add new challenges to the security balance [9,31]. Research should focus on the following areas:

1.

Standardization and regulation: Creating a unified set of security standards to protect smart meters is critical to ensuring compliance and security across all connected devices. Future work could include working with international regulators to create clear guidelines and connections around the security of smart solutions from manufacturing to operations.

2.

Resilience and post-attack recovery: The ability to recover quickly after a successful cyberattack remains an uncharted area. Future research could focus on developing recovery strategies and procedures that will enable smart countermeasures to return to work quickly and efficiently while also minimizing the impact on used assets.

3.

Security in emerging technologies: The use of 5G and edge computing is increasing, but these technologies also bring new challenges. Discovering the unique vulnerabilities of this technology and developing security solutions to prevent smart metering in high-connectivity, low-latency environments should be a priority note for future research.

4.

End user awareness and education: While technology security is important, end users play a significant role in protecting their devices. Future research could explore improving security awareness and education to help users understand how to protect their smart devices and personal data.

These areas of research are essential to strengthening the security of smart meters and the energy grid as a whole. By implementing more robust and standardized solutions, it will be possible to mitigate the risks associated with these cyber threats, ensuring the reliability and resilience of the smart metering infrastructure.