You are here
Mobix n-DNetTM AMI Security – Concepts and Facilities
Mobix provides multiple levels of security throughout its n-DNetTM fixed network implementations. Mobix is working closely with several security experts that have been defining and designing the future security standards of SmartGrid based AMI systems. Mobix has implemented standard security protocols on the following levels:
Each component of the n-DNetTM solution is protected by a Userid/Password, allowing full control of access to the data and the devices. These access rights are controlled by the Utility according to their internal security protocols and comply with local regulations. The protection mechanism provides different levels of actions and data access according to the sign-on level.
Personal Customer Data
Every device has a unique serial registration (identification) number. This serial number is assigned at the manufacturing site and there is no connection to the customer or his location. All the n-DNetTM communications are managed in accordance to these serial numbers; the link to customer data is only made at the utility premises level.
Sensitive data is encrypted with AES256; the most accepted ciphering method in international standards. A set of 256 bit keys is used according to the Utility’s Key Management Policy, allowing the n-DNetTM Concentrator to hold a unique key for each end unit / session.
The authentication of the data / sender / receiver is provided by an authentication code. These security procedures are needed to ensure only authorized units can enter the network and only authorized actions are performed. All the authentication codes are generated and validated with HMAC (Hash Message Authentication Code) according to FIPS 180-1 and FIPS 198.
The n-DNetTM software running in every communication node includes a dedicated software protection mechanism, which continuously guards the software operations and does not allow un-authorized code to penetrate the network and install itself. Any re-programming attempt will go through a signature validation process implemented in secure ROM.
As a critical point in the n-DNetTM AMI network, the Concentrator includes additional safety features, with tamper detection, access alert, backups and a secure GPRS connection to the back end-server by a VPN connection and firewall. Local access to the Concentrator is also protected by password with different levels of access control and permission.