Overview Advanced Metering Infrastructure (AMI) refers to systems that collect, measure and analyze energy usage, from network-connected, next-generation devices such as electricity meters, gas meters, and/or water meters. The "AMI" includes software, hardware, communications, customer-associated systems and meter data management (MDM) software.
The network connection between the actual measurement devices and backend business systems allows utility companies to collect and distribute information to customers, suppliers, government regulators, service providers and utility partners. This enables these businesses to either participate in demand response solutions as well as a whole range of other services and meta-analytic products. By providing instantaneous, direct feedback to consumers, AMI systems enable users to actively manage their own consumption, and enables utilities to more easily vary utility rates based on supply, demand, costs or environmental policy goals.
AMI is more sophisticated than older Automatic Meter Reading (AMR) standards, in that AMI enables true two-way communications with the meter. Unfortunately, with all this tremendous new functionality, comes risk.
Security Threats to AMI As the Smart Grid becomes reality, security threats grow exponentially, from within and without. The Wall Street Journal has already reported that cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system. The spies came from China, Russia and other countries, and were believed to be intent on navigating the U.S. electrical system and its controls, according to current and former U.S. national security officials. So far the intruders have not sought to damage the power grid but officials said they could try during a crisis or war.
Utilities will almost certainly face substantial liability claims and regulatory fines if inadequate security technologies enable eavesdroppers, adversaries or hackers to acquire and use AMI data to a customer's detriment, or worse, interrupt service or hold utility customers "hostage". Furthermore, if customers believe a utility is abusing personally identifiable data, or is generally collecting information beyond what they deem acceptable (whether or not legal), then they are likely to resist the implementation of AMI. Consumers may refuse to consent (where required), hide their data or pursue political opposition.
It's clear. Utilities and AMI device and systems designers must take security concerns into account when building AMI, and must demonstrate to consumers, regulators and politicians that these security implementations result in the protection of privacy, confidentiality and high-availability of the utility service in question.
The Mocana AMI Solution Mocana's Device Security Framework is an extensible software framework that secures all aspects of AMI device data and communications for any connected device. It is especially well-suited to securing components of the Advanced Metering Initiative and the Smart Grid.
The Device Security Framework includes AMI device-resident security software as well as security capabilities delivered across the AMI network. It provides modular support for different open standards-based device security protocols and other sophisticated device security capabilities.
Mocana's Device Security Framework delivers the following security services to AMI devices in a managed, holistic way:
FIPS-validated cryptography, including required algorithms for Zigbee & Smart Energy profiles
Performance tested for secure remote access to/from network services and AMI
Scalable server infrastructure for fast authentication, signing & verification of trusted AMI devices
Common security framework supports both Zigbee and HomePlug AMI services
Protects AMI devices from malware, unauthorized code or counterfeit services
Advanced AMI connection handling and efficient key management techniques
Benefits of the Mocana AMI Solutions We know that developers working on AMI platforms are on ultra-compressed development cycles. You don't have a lot of time to think about, let alone build from scratch, security features that have been optimized to maximize performance and battery life for consumer implementations. That's why we've built the Device Security Framework. Now, you don't need to be a crypto expert to make the design decisions required to build high-performing security applications in your consumer electronics environments. Mocana's DSF components all share a common API and crypto library that hides the complexity of cryptography and reduces the risks of inexperienced developers introducing new security holes into your own code.
Dramatically Reduce Time to Market for AMI Devices
With development cycles cut in half, don't waste valuable time building security from scratch. The DSF is the culmination of six years of development work backed by our decades of experience in the security industry. We've already done all the painstaking optimization work for you, resulting in our products' incredibly small footprints and best-in-class performance. Our implementations of protocols like IPSec and SSL can run in less than 50KB of memory, yet are 2x-4x faster than open source implementations - and they're exhaustively tested for interoperability. Now, you can focus on what's important to your business - getting your AMI devices and applications to market first.
No Need to Sacrifice AMI Performance for Security
Consumers and utilities need security, but they expect superfast performance in "set it and forget it" devices. You don't want to let computationally-intensive crypto operations impeding device reponse-times or draining batteries in devices situated in remote locations. Most device security architectures are synchronous, which severely limits the number of cryptography jobs that can be offloaded to silicon at any one time. Because Mocana's DSF features an asynchronous, event-driven architecture, cryptographic jobs are easily offloaded to different CPU cores or silicon channels, fully enabling today's multi-core processors to do your application's work in parallel. At the heart of the DSF is an asynchronous core that leverages our patented Mocana Acceleration HarnessTM - a software layer that virtualizes and manages crypto offload from software to AMI hardware, speeding up crypto operations by as much as 400%, depending on the hardware platform to allow the best power and performance.
Security for AMI, Tested and Supported by Actual Humans.
When it comes to AMI security, consumers and government aren't going to let you cut corners. Luckily with Mocana, you can significantly reduce your AMI testing load because we've done a significant amount of it for you, already. We've invested an enormous amount of money into our testing infrastructure that runs 24x7 against thousands of code scripts so you don't have to. Another benefit of choosing Mocana is our built-in verification process. While other AMI codebases only have one error code, "-1", our developer suite ships with over 1,000 unique error codes built-in so you can pinpoint bugs instantly. Because we've done the rigorous testing and our support organization is available 24/7/365, you can have consumer-ready, government-approved security built-in in weeks, not months.
Device Security Framework Architecture Mocana’s products, together, make up what we call the Device Security Framework™.
The DSF is designed to secure all aspects of any connected device, computer or service. All components of the Device Security Framework are built on a common architecture and share a common API and cryptographic code base. Applications and device designers can choose the components they need for their particular project... or standardize company-wide on the DSF’s common code base, future-proofing your investment with this broad, flexible and extensible security architecture.
