A secure energy system of the future requires visibility across all devices that affect and measure power delivery-including smart meters, SCADA, SolarPV, batteries, smart thermostats, line sensors, and others, which are often retrofitted with data measurement and communication components. These measurements gather data on a range of information related to the device, how it is producing, consuming and/or storing energy, at various time frequencies, and in various formats. The collection of these energy devices is the grid’s IoT/Sensor network, and is becoming increasingly difficult to manage as the power system’s distributed nature accelerates. As we progress into an increasingly renewable-powered system, only with a comprehensive view into all IoT and sensor devices across the grid can we ensure that power will continue to be delivered seamlessly and reliably into the future.
But how do we ensure that all this IoT/Sensor network is securely connected, reliable and uncompromised? How do we manage the large quantities of data coming from these devices? And how do we make sure that they’re all communicating the right data, are healthy, and performing the way we expect them to?
Building and Securing IoT/Sensor devices for Energy
First of all, companies must build in seamless, automatic and secure OTA (over the air) updates. That means knowing what open-source components exist in the code base, watching published vulnerability lists for each component, and using scanning services (like Clair) to find known vulnerabilities. They should also, of course, push rolling patches and updates as often as necessary.
Further, companies should avoid custom encryption techniques, and encrypt all in-flight data using industry-standard best practices; they should also authenticate all services using public key infrastructure and allow secure OTA credential updates since, over the lifetime of the product, certificates will change. Again, industry-standard and vetted web frameworks are best. Wherever possible, use private Access Point Names (APNs) or otherwise private and secure networks for connecting devices to core infrastructure.
And always be aware of the Open Web Application Security Project’s (OWASP) top 10 web application security risks, and monitor changes to this list regularly.
Building an IoT/Sensor Network for Energy
In terms of selecting and securing connectivity, it’s important to include seamless updates because you simply cannot know everything when you start building–you need to be able to find and fix vulnerabilities on the fly. And, as mentioned above, it’s best not to stray from peer-reviewed packages and best practices–and don’t be tempted to customize too much, as you could inadvertently leave yourself vulnerable to security breaches.
Building end-to-end security between many devices
An IoT device management platform is the key to security, whether it’s supplementary to the user management system or a stand-alone platform for increased scalability. An IoT device management system–such as that provided by Awesense–may include provisioning, configuring, updating, refreshing certificates, monitoring, and debugging of connected devices, as well as integrated device management capabilities.
Planning and building a large IoT/Sensor network
Security must be ingrained within each phase of the development cycle of all IoT/Sensor network components, including device firmware, application source code, and API source code, in what’s known as a secure development lifecycle (SDL). Your SDL should include security user stories, threat modeling, static/dynamic analysis, secure coding, and should be overseen by an experienced incident-response product team. And, of course, developers practicing secure coding techniques should be aware of the OWASP top 10 vulnerabilities list.
Contact our team to learn more about building and managing a secure network, and to understand how the Awesense Digital Energy Platform empowers utilities and energy providers to build data-driven applications and analytics for the energy systems of tomorrow. Book a Demo today.
