The concentrator in AMR/AMI plays a vital role , but the system itself faces security threats such as hardware attacks, software vulnerabilities, and network attacks. This paper first discusses the composition, characteristics, functions and security of the concentrator, and then analyzes the source of the concentrator''s vulnerability, the vulnerable attack methods and the corresponding preventive measures. Finally, taking the attack on the primary station by controlling the concentrator as an example, the problem of illegally invading the primary station is solved from the aspects of intrusion detection and protection, and the characteristics of the communication and the existing vulnerable points are protected, and the previous method. Contrast improves the security of its operation.