Device security capabilities

Your device includes security capabilities that, when combined with other defense-in-depth measures, can help reduce vulnerabilities.

Before you install your device, carefully review the following device security capabilities to understand how you can configure and use the device securely in a protected environment.

Security area Device security capabilities Role in defense-in-depth
Physical
  • Revenue-lock switch
  • Anti-tamper sealing points
  • LED lock status indicator on the device
  • Revenue lock icon on the display.
 These capabilities help prevent unauthorized access to revenue-related parameters and settings or leave clear evidence that the device has been physically tampered with.
Information confidentiality
  • SSH, SFTP, HTTPS support, Secure ION, and Secure EtherGate
 These secure protocols employ cryptographic algorithms, key sizes, and mechanisms to help prevent unauthorized users from reading information in transit.
Access
  • User authentication identifies and authenticates software processes and devices managing accounts.
  • Least privilege in multiple dimensions: read, peak demand reset, time sync, meter configuration, and security and communications configuration.
  • User account lockout limits the number of unsuccessful login attempts.
  • Use control restricts allowed actions to the authorized use of the control system.
  • Supervisors can override user authorizations by deleting user accounts.
  • Password strength feedback using ION Setup.
 These capabilities help enforce authorizations assigned to users, segregation of duties, and least privilege.
Device configuration
  • Internal time synchronization.
  • Time source integrity protection and meter configuration event logging.
  • Timestamps, including date and time, match the meter clock.
  • The device embeds user information when a change is made.
  • SSH server hosts an internal SFTP site and stores files in the meter’s flash memory, such as webpages, COMTRADE records, and firmware files.
  • Settings can be saved as a Security Configuration File (.scf) using ION Setup.
  • Offload information to syslog or a protected storage or retention location.
 These capabilities support the analysis of security and user account events and help protect the device from unauthorized alteration and record configuration changes.
Device hardening
  • Least functionality.
  • Default port numbers can be changed to lower the predictability of port use.
  • Unused protocols can be disabled to reduce the attack surface of the device.
  • Inactivity timeout requires sign in after a time-period of inactivity for webpages, display, and Secure ION protocol.
  • Limit the number of consecutive failed login attempts.
These capabilities help prohibit and restrict the use of unnecessary functions, ports, protocols, and services.
Operation
  • Machine and human-readable reporting options for current device security settings.
  • Audit event logs to identify:
    • Meter configuration changes.
    • Energy management system events.
  • Audit record storage capacity communication to notify a user when the threshold is approaching.
  • Audit storage capacity of 5,000 event logs by default and alternate methods for log management.
  • Time source integrity protection and event logged when changed.
 These capabilities help provide a method to generate security-related reports and manage event log storage.
Maintenance: Upgrade and backup
  • Digitally signed firmware is used to help protect the authenticity of the firmware running on the meter and only allows firmware generated and signed by the manufacturer.
 This security capability helps protect the authenticity of the firmware running on the meter and facilitates protected file transfer.
Decommissioning
  • Purge shared memory resources through device wiping and other decommissioning tasks.
  • Physical (recommended) or sustainable device disposal possibilities.
 These capabilities help prevent the potential disclosure of data when the device is decommissioned.

For detailed information on the system defense-in-depth assumptions, see System defense-in-depth assumptions.

For detailed information on how to help secure your device in a defense-in-depth protected environment, see Recommended actions.