Do you recognize these challenges?
The connected smart meter infrastructure brings many benefits, including data analytics and enhanced smart grid management leading to increased revenue and decreased costs. It also comes with security challenges:
Securing individual smart meter infrastructure components and their data communication, all the way from the individual smart meters to the Meter Data Management (MDM) system via Data Concentration Units (DCUs) and Head-End Systems (HES)
Supporting Device Language Message Specification/Companion Specification for Energy Metering (DLMS/COSEM) security as per IEC 62056 standards set including security suites 0, 1 and 2.
Securing of smart meter gateway architectures, including Wide Area Network (WAN), Home Area Network (HAN) with Controllable Local Systems (CLS) and users, and Local Metrological Networks (LMN) with the smart meters
Securing of admin users’, service technicians’ and other authorized users’ access to the smart metering system, often involving Hand-Held Units (HHU)
Compliance with current and future security regulations
How does it work?
Nexus Smart ID Certificate Manager can issue and manage the lifecycle of trusted identities based on PKI certificates through standard certificate management protocols, including ACME, SCEP, EST and CMP, and via flexible REST API.
The certificates can be issued to the DCUs, HES or directly to individual smart meters, depending on smart grid architecture and device certificate enrolment protocol support. In order to ensure device authentication, data integrity and data confidentiality in the whole smart metering system, other components in the infrastructure, like DCUs and HHUs and also the SMOC system may also be included in the certificate management.
Hardware Security Modules (HSMs) are used to safeguard the digital keys and for key generation. The PKI solution can be combined with symmetric KMS in order to e.g. comply with IEC 62056-53 and enable metering data encryption.
Nexus Smart ID and the GO IoT service offered based on it, are based on mature, scalable, highly reliable, continuously tested and maintained products. The multi-CA and multitenancy solution helps you adapt the PKI hierarchy, administration and reporting to your needs. The software is Common Criteria EAL 4+ certified, supporting organizations to comply with stringent security regulations. Nexus' solution offers automation features and a solid track record.
Nexus’ platform for IoT PKI has the following key benefits: