IoT Platform InfrastructureHow to unleash extraordinary value by applying Internet technology

and an open platform approach to create massive-scale device network

for society’s most critical infrastructure.

By Moufid Charafeddine

Hudoud Alteqnia / Silver Spring Networks

Thinking Big Picture to Achieve Major Smart Grid, Smart Water and IoT Programs

• What platform requirements can enable multiple applications to be

connected over a single open network.

• Electric Grid were early adopters:

• Tens of millions of Grid subscribers around the world allows utilities to rethink the traditional

model and provide new services and applications. By leveraging a proven, open IoT network

and software, the grid

• enhances energy efficiency,

• better integrates renewables, distributed generation, and energy storage,

• Gives consumers more information to better manage their energy.

• Examples from cities Using a secure RF mesh today as an IoT platform

in New York, San Francisco, Copenhagen, London, Paris, and now

Dubai.

Platform Typical usage

SMART ENERGY

Distribution

Automation

Advanced

Metering for

Power, Gas,

Water

Demand

Response

Energy

Efficiency

Customer

Engagement

SMART CITY

Renewables TrafficStreet

lights

Solar

Data Platform • Control and Security Mechanisms • IPv6 Network

EV Signage Environmental

sensorsWaste

management

The Solution Architecture

Distribution Automation Demand-Side ManagementAdvanced Metering

ZIGBEE

WI-FI

MICROMESH

TECHNOLOG

Y

IEC

METER

City Infrastructure

Applications

Advanced Metering Manager

Full Lifecycle Management

SLV6

Smart City ManagementOperations Optimizer

Analytics and WorkflowCustomerIQ

Customer Engagement

Control Platform

Data Platform

WAN

Network Platform

BATTERY

MESH

Io

T

Io

T

Third-Party

Applications

Ecosystem Contributors

SOFTWAREADVANCED

METERING LIGHTING & CONTROL

DEMAND-SIDE

MANAGEMENT

DISTRIBUTION

AUTOMATION LIGHTING

DEPLOYMENT

1. Meters and Relays route through each other

2. Devices decide their path back to an AP based

on aggregate link performance.

3. Routing decisions are constantly monitored

4. Devices acquire two APs for redundancy

5. APs can be easily added for coverage or capacity

Primary Path

Secondary Path

Mesh Basics

• Access Points - route traffic from the

mesh to the head end system (HES) via

either cellular or Ethernet IP connection

• MicroAPs - leverages cellular

communications for backhaul

connectivity and can use the 865 MHz

Radio Frequency (RF) mesh

communications to connect with other

nearby devices

• Relays - Relays traffic to extend the

reach of the mesh

Telecommunications The backbone of the mesh is comprised of:

Smart Grid Devices

Electric Meters

w/ NIC

Cellular

Access

Point

(AP)

Field

Service

Unit

Gas

Residential

IMU

Gas

Commercial

IMU

Bridge

Relay

Ethernet

Access

Point

(AP)

Electricity Meter Integrations

i-Credit 510,

Sprint

210,

Premier

U-Series:

U1200,

U3300

U1300, U3400

9

SL7000Zeus 8021,

Zeus 8023

7B, 10EAS3000/3500,

AS220

Omnipower 1PH,

3PH, 3PH CT

• Meter diversity is an important factor in success and sustainability of the netwok

• Ability to integrate with any meter in the world

• Open standards based integrations

2005 2006 2007 2008 2009 … 2012 … 2016 … … …

NIC 110 – 2005

900 MHz NAN

Radio

NIC 310 – 2009

SoC w/ security engine

Network security

Gen4

NIC 410 – 2012

Cellular WAN option

Micromesh

300 kbps

Gear shifting

Advanced watchdog

Increased memory

NIC 210 – 2007

900 MHz NAN Radio

2.4 GHz HAN Radio

Secure Bootloader

Gen 6

Gen 5

4x Faster

- or -

4x Longer Range

Double the memory

Gear Shifting with

1.2 Mbps

To

6.25 kbps

All Backward Compatible

Technology Evolution

A platform that:

• Has security designed-in from the beginning

• Uses the state-of-the art crypto and PKI

• Is continuously tested, probed, and validated

• Is always evolving and improving

What we need for IoT platform security

1. A scalable PKI (Public Key Infrastructure)

for certificate-based, cryptographic authentication and authorization

2. Cryptographically secure enrollment of devices

to only the desired network

3. Secure data transmission at all layers – application traffic,

network traffic (e.g. IPsec), mesh traffic (link-layer)

4. Secure key handling and storage, via HSMs

(Hardware Security Modules), at all points of the network

5. An HSM-based additional security policy

enforcement mechanism for critical control commands

5 Pillars for a Secure Smart Grid

SSNI’s PKI Infrastructure

AMM Cert

Manufacturing

Station CAOperator CA

DLCA (Driver’s

License CA)

Birth Certificate

Back Office CA

SSN Root CA

Driver’s License

Link Layer

SecurityApplication Layer

Security

Manufacturing Trust

Operator Trust

ZERO TRUST MODEL

Systems and devices assume no trust until mutual authentication occurs via certificates

and digital signature verification

LEAST PRIVILEGE & SEPARATION OF DUTIES

• All commands and actions should require the correct privilege

• Privileges bundled into logical groupings ( roles )

• Users and administrator given only the privileges needed to perform their job

• Key privileges separated across roles to avoid “the fox guarding the hen-house”

AUTHORIZATION & ROLE-BASED ACCESS CONTROL

• Roles for devices and applications should be bound into their identity certificates

• Roles for users should be stored in a Central Authentication and Authorization Service (CAAS)

• When a command is used or an action taken, the actor must have the correct role

Authentication & Authorization

Application Layer Security

Private keys stored in KeySafe HSM

AES-256 Encryption

HMAC-SHA2-256 Integrity Validation

IPSEC tunnel for WAN traffic

• Provides authentication, confidentiality, and integrity validation

• Ephemeral keys protect Device ID key pairs and offer Perfect Forward Secrecy

• Crypto hardware acceleration & protected memory for private keys (mesh)

• KeySafe hardware security module (HSM) increases private key protection (backoffice)

WAN

Link Layer Security & Secure Enrollment

Private keys stored

in KeySafe HSM

Devices authenticate using certificates (DL)

All comms signed for authentication and integrity

• Proxy a Driver’s License request from a new node

• The node is now “personalized” to the operator’s network

• The node can now join the mesh

WAN

WAN

KeySafe and Critical

Operations Protector (COP)

Enhanced security

for critical commands HSM

Meter checks permit validity3

KeySafe securely stores private keys

and SA data for AMM & apps

1

COP separately stores private keys to sign

permits and rate limits commands2

The Solution Architecture

Distribution Automation Demand-Side ManagementAdvanced Metering

ZIGBEE

WI-FI

MICROMESH

TECHNOLOG

Y

IEC

METER

City Infrastructure

Applications

Advanced Metering Manager

Full Lifecycle Management

SLV6

Smart City ManagementOperations Optimizer

Analytics and WorkflowCustomerIQ

Customer Engagement

Control Platform

Data Platform

WAN

Network Platform

BATTERY

MESH

Io

T

Io

T

Third-Party

Applications

Platform Typical usage

SMART ENERGY

Distribution

Automation

Advanced

Metering for

Power, Gas,

Water

Demand

Response

Energy

Efficiency

Customer

Engagement

SMART CITY

Renewables TrafficStreet

lights

Solar

Data Platform • Control and Security Mechanisms • IPv6 Network

EV Signage Environmental

sensorsWaste

management

IoT Platform InfrastructureHow to unleash extraordinary value by applying Internet technology

and an open platform approach to create massive-scale device network

for society’s most critical infrastructure.

By Moufid Charafeddine

Hudoud Alteqnia / Silver Spring Networks